REQUIRED TEXT : Sikorski, M., & Honig, A. (2012). Practical malware analysis: the hands-on guide to dissecting malicious software. no starch press.
- Identify any 4 common dynamic linked libraries (DLLs) in Windows OS? What functionality is in the DLLs that you have selected? (5pts)
- What measures would you take to harden your virtual machine to safeguard it from malware infection? (5 pts)
- Attempt Lab in Chapter 1. The lab is section 1-4 in the malware analysis text book. For this lab, I am interested in how you get the final outcome or result and what it means. Provide evidence in form screenshots on how you obtain your findings in order to get full points. The final result is only worth half a point if it lacks a methodology and explanation of findings (20pts)
- these are the malicious files files for the activity . Open these files from a hardened virtual machine (VM). You can use VirtualBox or VMWare to create an Ubuntu Linux VM.
- You can install a Linux windows emulator called wine ie sudo apt-get install wine. To run a windows execute like strings.exe from the terminal using wine, the command will be: wine strings.exe some-malicious-file.exe If this too complicated, you can also use IDAPro. It runs very well on Linux.