Lab 1

docx

School

Florida International University *

*We aren’t endorsed by this school

Course

4804

Subject

Computer Science

Date

Apr 3, 2024

Type

docx

Pages

1

Uploaded by ProfessorMetal2935

Report
Lab 1-1 1. File matches with trojan entries with many security vendors 2. File was compiled: on 2010/12/19 Sun 16:16:19 and 2010/12/19 Sun 16:16:19 for the exe and dll 3. All indications point that the files are not packed in any way 4. Some imports in the KERNEL32.DLL do a copy file and creates files, and then the lab1dll is handling some type of internet sending of files. 5. The file Kern132.dll is written to look like another file and can be a host indicator file 6. Reference to an IP is made on the dll file (127.26.152.13) 7. Dll is a file meant to be ran by the exe in a maliciously way. Part 2: 1. File matches with 42 entries as a trojan 2. Upx indicates that program is packed 3. Createservice, internetopenurl, and internetopen are catching my eye 4. Machines should be inspected for a service called Malservice Part 3: 1. 60 entries labeled it as a threat 2. File is packed, cant be unpacked at this time 3. Cant answer with more unpacking information 4. Cant answer with more unpacking information Part 4 1. 59 entries detected a trojan file 2. Not packing is detected 3. Compiled on august/2019 (faked) not way of knowing when it was packed 4. Advapi32.dll, winExec, Writefile tell us that the program messes with permissions and writes to disk 5. File could be modifying files at system32 and updater.exe indicates a host were more malware is stored 6. Learned: resource is a program to download more malware
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

SYSTEM DOCUMENTATION REPORT-11.pdf
NP_EX365_2021_CT8c_FelippeFigueiredo_Report_1.xlsx
Naputi, Rickyjoseph DISN141 WK4 .docx
Assignment 1 Solution.docx
CSD203Inclassassignment4.pdf
Lab11_R copy.docx
Sp24_Assignment5_Solution.docx
mccaffery_a20.docx
AE-201-Q2.pdf
asst3.pdf
a1_solutions.pdf
asst2-soln.pdf
Recommended textbooks for you
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
CompTIA Linux+ Guide to Linux Certification (Mind...
Computer Science
ISBN:9781305107168
Author:Jason Eckert
Publisher:Cengage Learning
Text book image
Operations Research : Applications and Algorithms
Computer Science
ISBN:9780534380588
Author:Wayne L. Winston
Publisher:Brooks Cole
Text book image
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
CompTIA Linux+ Guide to Linux Certification (Mind...
Computer Science
ISBN:9781305107168
Author:Jason Eckert
Publisher:Cengage Learning
Text book image
Operations Research : Applications and Algorithms
Computer Science
ISBN:9780534380588
Author:Wayne L. Winston
Publisher:Brooks Cole
Text book image
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS