Labs
Lab 11-1
Analyze the malware found in Lab11-01.exe.
Questions
Q: | 1. What does the malware drop to disk? |
Q: | 2. How does the malware achieve persistence? |
Q: | 3. How does the malware steal user credentials? |
Q: | 4. What does the malware do with stolen credentials? |
Q: | 5. How can you use this malware to get user credentials from your test environment? |
Lab 11-2
Analyze the malware found in Lab11-02.dll. Assume that a suspicious file named Lab11-02.ini was also found with this malware.
Questions
Q: | 1. What are the exports for this DLL malware? |
Q: | 2. What happens after you attempt to install this malware using rundll32.exe? |
Q: | 3. Where must Lab11-02.ini reside in order for the malware to install properly? |
Q: | 4. How is this malware installed for persistence? |
Q: | 5. What user-space ... |
Get Practical Malware Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
