Scenario

To conduct this analysis, we created a small virtual network with the following structure:

All the scenario parts were created using virtualization, including the required Internet hosts to download the malware. The machine is infected with ZeusVM malware. The malware executable can be downloaded for educational use only from the Zoo at https://github.com/ytisf/theZoo/blob/master/malwares/Binaries/ZeusVM/ZeusVM.zip. The malware sample SHA256 after unzipping is as follows:

b04637c11c63dd5a4a599d7104f0c5880717b5d5b32e0104de5a416963f06118

theZoo is a project that was created to make the possibility of malware analysis open and available to the ...

Get Practical Windows Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Windows Forensics by Ayman Shaaban, Konstantin Sapronov

Scenario

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly