User Account

All Pages

Malware analysis

Assignment Help Other Subject
Reference no: EM132914711

Project 2: Malware 1 (Phase I)

Malware Analysis (Project 2)

Phase I - Malware 1

You should answer the following questions about Malware 1 with True or False.

Item at position 1
A. Malware sets itself to run whenever Windows starts up
True
False

Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False

Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False


Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"
True
False

Item at position 5
.E. Prevents users from accessing registry tools
True
False

Item at position 6
F. Hides all drives on computer
True
False

Item at position 7
G. Prevents users from changing remote administrator settings
True
False

Item at position 8
H. Searches for all possible drives on computer
True
False

Item at position 9
I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False

Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False

Item at position 11
K. Hooks the mouse
True
False

Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False

Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False

Item at position 14
.N. Retrieves the current user's username
True
False

Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False

Item at position 16
P. Adds mutex for IPKillerClient malware
True
False

Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False

Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False

Item at position 19
S. Copies potentially malicious files to the device.
True
False

Item at position 20
.T. Adds a malicious cryptographic certificate to the system.
True
False

Project 2: Malware 2 (Phase I)
Malware Analysis (Project 2)
Phase I - Malware 2

You should answer the following questions about Malware 2 with True or False.

Item at position 1
A. Malware sets itself to run whenever Windows starts up
True
False

Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False

Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False

Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"
True
False

Item at position 5
E. Prevents users from accessing registry tools
True
False

Item at position 6
F. Hides all drives on computer
True
False

Item at position 7
G. Prevents users from changing remote administrator settings
True
False

Item at position 8
.H. Searches for all possible drives on computer
True
False

Item at position 9
I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False

Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False

Item at position 11
K. Hooks the mouse
True
False

Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False

Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False

Item at position 14
N. Retrieves the current user's username
True
False

Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False

Item at position 16
P. Adds mutex for IPKillerClient malware
True
False

Item at position 17

Q. Adds mutex for DarkDDoSer malware
True
False

Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False

Item at position 19
S. Copies potentially malicious files to the device.
True
False

Item at position 20
T. Adds a malicious cryptographic certificate to the system.
True
False


Project 2: Malware 3 (Phase I)
Malware Analysis (Project 2)
Phase I - Malware 3

You should answer the following questions about Malware 3 with True or False.


Item at position 1
.
A. Malware sets itself to run whenever Windows starts up
True
False

Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False

Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False

Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"
True
False

Item at position 5
E. Prevents users from accessing registry tools
True
False

Item at position 6
F. Hides all drives on computer
True
False

Item at position 7
G. Prevents users from changing remote administrator settings
True
False

Item at position 8
H. Searches for all possible drives on computer
True
False

Item at position 9
I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False

Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False

Item at position 11
K. Hooks the mouse
True
False

Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False

Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False

Item at position 14
N. Retrieves the current user's username
True
False

Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False

Item at position 16
P. Adds mutex for IPKillerClient malware
True
False

Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False

Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False

Item at position 19
S. Copies potentially malicious files to the device.
True
False

Item at position 20
T. Adds a malicious cryptographic certificate to the system.
True
False

Project 2: Malware 4 (Phase I)
Malware Analysis (Project 2)
Phase I - Malware 4

You should answer the following questions about Malware 4 with True or False.

Item at position 1
A. Malware sets itself to run whenever Windows starts up
True
False

Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False

Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False

Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"
True
False

Item at position 5
E. Prevents users from accessing registry tools
True
False

Item at position 6
F. Hides all drives on computer
True
False

Item at position 7
G. Prevents users from changing remote administrator settings
True
False

Item at position 8
H. Searches for all possible drives on computer
True
False
Item at position 9
I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False

Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False

Item at position 11
K. Hooks the mouse
True
False

Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False

Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False

Item at position 14
N. Retrieves the current user's username
True
False

Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False

Item at position 16
P. Adds mutex for IPKillerClient malware
True
False

Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False

Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False

Item at position 19
S. Copies potentially malicious files to the device.
True
False

Item at position 20
T. Adds a malicious cryptographic certificate to the system.
True
False

Project 2: Malware 5 (Phase I)
Malware Analysis (Project 2)
Phase I - Malware 5

You should answer the following questions about Malware 5 with True or False.

Item at position 1
A. Malware sets itself to run whenever Windows starts up
True
False

Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False

Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False

Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"
True
False

Item at position 5
E. Prevents users from accessing registry tools
True
False

Item at position 6
F. Hides all drives on computer
True
False

Item at position 7
G. Prevents users from changing remote administrator settings
True
False

Item at position 8
H. Searches for all possible drives on computer
True
False

Item at position 9
I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False

Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False

Item at position 11
K. Hooks the mouse
True
False

Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False

Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False

Item at position 14
N. Retrieves the current user's username
True
False

Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False

Item at position 16
P. Adds mutex for IPKillerClient malware
True
False

Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False

Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False

Item at position 19
S. Copies potentially malicious files to the device.
True
False

Item at position 20
T. Adds a malicious cryptographic certificate to the system.
True
False

Project 2: Phase II Dissect some behaviors
Malware Analysis (Project 2)
Phase II
You must answer the following open questions with regard to Phase II. Make sure you follow all of the project write-up instructions to the letter. There will be no credit given for typographical mistakes.


Item at position 1
Type the IP address for Malware 1's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 1 type "none" without quotes):

Item at position 2
Type the IP address for Malware 2's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 2 type "none" without quotes):

Item at position 3
Type the IP address for Malware 3's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 3 type "none" without quotes):

Item at position 4
Type the IP address for Malware 4's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 4 type "none" without quotes):

Item at position 5
Type the IP address for Malware 5's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 5 type "none" without quotes):

Item at position 6
External SMTP Servers Identification.
SMTP Servers DNS domain names in a comma- separated list, without spaces:

Project 2 Phase III
Cluster and Classify: 15 points
Upload your final malheur configuration file (config.mlw)

Phase IV Malheur Summary

The solution for this part must be submitted on grapescope.com and see what your autograder score before you send me the solution.

Attachment:- project assignment.rar

Reference no: EM132914711

Questions Cloud

Determine the organisation requirements : What credit arrangements might apply when organising travel and how will you determine the organisation's requirements?
Advantages and disadvantages of various revenue sources : There are several advantages and disadvantages of various revenue sources as payment for services rendered in health care (e.g., managed care, prospective, retr
Explain the concept of triangular trade : Explain the concept of triangular trade and its relation to colonialism?
Calculate the price xyz cc should price per : XYZ cc a chair manufacturer has the following assumptions: Variable cost is constant N$24 per unit Fixed cost is constant N$30 500.00
Malware analysis : Malware Analysis - Dissect some behaviors and malware possibly performs some different behaviors if it has the proper permissions to do so)
Interpret international business strategies : Summarize and interpret international business strategies and various entry modes.
Why are metrics and timelines appropriate for a business : Why are metrics and timelines appropriate for a business analysis for Best Buy
List 6 prohibited areas of discrimination : List 6 prohibited areas of discrimination your company's diversity policy should address. List 3 examples of policies that may cover aspects of businesses opera
Explain porsche decision : International competition and markets have encouraged businesses to spread activities across the world. To develop and market its luxury Cayenne model, Porsche

Reviews

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd