Labs

Lab 9-1

Analyze the malware found in the file Lab09-01.exe using OllyDbg and IDA Pro to answer the following questions. This malware was initially analyzed in the Chapter 3 labs using basic static and dynamic analysis techniques.

Questions

Q:	1. How can you get this malware to install itself?
Q:	2. What are the command-line options for this program? What is the password requirement?
Q:	3. How can you use OllyDbg to permanently patch this malware, so that it doesn’t require the special command-line password?
Q:	4. What are the host-based indicators of this malware?
Q:	5. What are the different actions this malware can be instructed to take via the network?
Q:	6. Are there any useful network-based signatures for this malware?

Lab 9-2

Analyze the malware found ...

Get Practical Malware Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Malware Analysis by Michael Sikorski, Andrew Honig

Labs

Lab 9-1

Questions

Lab 9-2

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly