Ida to reverse engineer a piece of shellcode

Assignment Help Python Programming

Reference no: EM13725440

Requirements

Use IDA to reverse engineer a piece of shellcode

Complete the following by writing a thorough report on the actions you took and the assumptions you made.

You are a Malware Investigator at 0xC0ff33, Inc and an incident responder came across injected shellcode during an investigation. He has done all he can in IDA and has passed on the .idb file to you. Figure out what the purpose of the malware was and how it achieved its goals.

The IDA Database file and Python script for ROR13 are located here.

Lab will be graded on the following criteria

Discovered what API functions were used
Discovered how the API functions were resolved and what hash cipher was used
What the malware created on the system
How the malware traversed the PEB
How the malware traversed the PE

Reference no: EM13725440

Questions Cloud

Desperate need of cash and turn : You are in desperate need of cash and turn to your uncle, who has offered to lend you some money. You decide to borrow $1,360 and agree to pay back $1,620 in two years. What interest rate is your uncle charging you?

Prepare a presentation on the information for whole foods : Basic power point presentation on the following information for Whole Foods

Debt must be repaid in two equal instalments : Digital Organics (DO) has the opportunity to invest $0.98 million now (t = 0) and expects after-tax returns of $580,000 in t = 1 and $680,000 in t = 2. The project will last for two years only. The appropriate cost of capital is 14% with all-equity f..

Make another deposit into the account : Boretti has $400,000 in a stock fund. The fund pays a 10% return, compounded annually. If he does not make another deposit into the account, how long will it take for the account to increase to $2 million?

Ida to reverse engineer a piece of shellcode : You are a Malware Investigator at 0xC0ff33, Inc and an incident responder came across injected shellcode during an investigation. He has done all he can in IDA and has passed on the .idb file to you. Figure out what the purpose of the malware was ..

Solvability factors involved in the investigation process : In a minimum 200 word response describe the solvability factors involved in the investigation process of a crime. Does this help the investigative officer with guidelines for solving a crime? Explain your answer.

Latest information concerning issues and trends : In this module you will prepare a report that discusses the pricing and distribution strategies. Research the following topics for the latest information concerning issues, trends, and potential impact to your client and relate them to the concept..

Absorb the risk by plowing back the capital surplus : If a firm that CANNOT issue new equity grows at a rate higher than SGR, which of the following MUST be true? They can absorb the risk by plowing back the Capital Surplus. Trick question: a firm cannot grow at a rate higher than SGR

Non-productive activities : The Rand Corporation believed that most of detective work was spent on non-productive activities. In a minimum 200 word response argue for or against the Rand model of either the police taking on more investigative work (from detectives) or less i..

User Account

All Pages