Already have an account? Get multiple benefits of using own account!
Login in your account..!
Remember me
Don't have an account? Create your account in less than a minutes,
Forgot password? how can I recover my password now!
Enter right registered email to receive password!
Project 2: Malware 1 (Phase I)
Malware Analysis (Project 2)
Phase I - Malware 1 You should answer the following questions about Malware 1 with True or False. Item at position 1A. Malware sets itself to run whenever Windows starts upTrueFalse Item at position 2B. Malware looks up the computer name (possibly doing some reconnaissance)TrueFalse Item at position 3C. Potentially looks through Microsoft Outlook address book contentsTrueFalse Item at position 4D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"TrueFalse Item at position 5.E. Prevents users from accessing registry toolsTrueFalse Item at position 6F. Hides all drives on computerTrueFalse Item at position 7G. Prevents users from changing remote administrator settingsTrueFalse Item at position 8H. Searches for all possible drives on computerTrueFalse Item at position 9I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)TrueFalse Item at position 10J. Hooks the keyboard (potentially a keylogger)TrueFalse Item at position 11K. Hooks the mouseTrueFalse Item at position 12L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)TrueFalse Item at position 13M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.TrueFalse Item at position 14.N. Retrieves the current user's usernameTrueFalse Item at position 15O. Adds mutex for Eclipse DDoS malwareTrueFalse Item at position 16P. Adds mutex for IPKillerClient malwareTrueFalse Item at position 17Q. Adds mutex for DarkDDoSer malwareTrueFalse Item at position 18R. Contacts various SMTP servers (possibly for spamming)TrueFalse Item at position 19S. Copies potentially malicious files to the device.TrueFalse Item at position 20.T. Adds a malicious cryptographic certificate to the system.TrueFalse Project 2: Malware 2 (Phase I)Malware Analysis (Project 2)Phase I - Malware 2 You should answer the following questions about Malware 2 with True or False. Item at position 1A. Malware sets itself to run whenever Windows starts upTrueFalse Item at position 2B. Malware looks up the computer name (possibly doing some reconnaissance)TrueFalse Item at position 3C. Potentially looks through Microsoft Outlook address book contentsTrueFalse Item at position 4D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"TrueFalse Item at position 5E. Prevents users from accessing registry toolsTrueFalse Item at position 6F. Hides all drives on computerTrueFalse Item at position 7G. Prevents users from changing remote administrator settingsTrueFalse Item at position 8.H. Searches for all possible drives on computerTrueFalse Item at position 9I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)TrueFalse Item at position 10J. Hooks the keyboard (potentially a keylogger)TrueFalse Item at position 11K. Hooks the mouseTrueFalse Item at position 12L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)TrueFalse Item at position 13M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.TrueFalse Item at position 14N. Retrieves the current user's usernameTrueFalse Item at position 15O. Adds mutex for Eclipse DDoS malwareTrueFalse Item at position 16P. Adds mutex for IPKillerClient malwareTrueFalse Item at position 17 Q. Adds mutex for DarkDDoSer malwareTrueFalse Item at position 18R. Contacts various SMTP servers (possibly for spamming)TrueFalse Item at position 19S. Copies potentially malicious files to the device.TrueFalse Item at position 20T. Adds a malicious cryptographic certificate to the system.TrueFalse Project 2: Malware 3 (Phase I)Malware Analysis (Project 2)Phase I - Malware 3 You should answer the following questions about Malware 3 with True or False. Item at position 1.A. Malware sets itself to run whenever Windows starts upTrueFalse Item at position 2B. Malware looks up the computer name (possibly doing some reconnaissance)TrueFalse Item at position 3C. Potentially looks through Microsoft Outlook address book contentsTrueFalse Item at position 4D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"TrueFalse Item at position 5E. Prevents users from accessing registry toolsTrueFalse Item at position 6F. Hides all drives on computerTrueFalse Item at position 7G. Prevents users from changing remote administrator settingsTrueFalse Item at position 8H. Searches for all possible drives on computerTrueFalse Item at position 9I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)TrueFalse Item at position 10J. Hooks the keyboard (potentially a keylogger)TrueFalse Item at position 11K. Hooks the mouseTrueFalse Item at position 12L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)TrueFalse Item at position 13M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.TrueFalse Item at position 14N. Retrieves the current user's usernameTrueFalse Item at position 15O. Adds mutex for Eclipse DDoS malwareTrueFalse Item at position 16P. Adds mutex for IPKillerClient malwareTrueFalse Item at position 17Q. Adds mutex for DarkDDoSer malwareTrueFalse Item at position 18R. Contacts various SMTP servers (possibly for spamming)TrueFalse Item at position 19S. Copies potentially malicious files to the device.TrueFalse Item at position 20T. Adds a malicious cryptographic certificate to the system.TrueFalse Project 2: Malware 4 (Phase I)Malware Analysis (Project 2)Phase I - Malware 4 You should answer the following questions about Malware 4 with True or False. Item at position 1A. Malware sets itself to run whenever Windows starts upTrueFalse Item at position 2B. Malware looks up the computer name (possibly doing some reconnaissance)TrueFalse Item at position 3C. Potentially looks through Microsoft Outlook address book contentsTrueFalse Item at position 4D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"TrueFalse Item at position 5E. Prevents users from accessing registry toolsTrueFalse Item at position 6F. Hides all drives on computerTrueFalse Item at position 7G. Prevents users from changing remote administrator settingsTrueFalse Item at position 8H. Searches for all possible drives on computerTrueFalseItem at position 9I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)TrueFalse Item at position 10J. Hooks the keyboard (potentially a keylogger)TrueFalse Item at position 11K. Hooks the mouseTrueFalse Item at position 12L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)TrueFalse Item at position 13M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.TrueFalse Item at position 14N. Retrieves the current user's usernameTrueFalse Item at position 15O. Adds mutex for Eclipse DDoS malwareTrueFalse Item at position 16P. Adds mutex for IPKillerClient malwareTrueFalse Item at position 17Q. Adds mutex for DarkDDoSer malwareTrueFalse Item at position 18R. Contacts various SMTP servers (possibly for spamming)TrueFalse Item at position 19S. Copies potentially malicious files to the device.TrueFalse Item at position 20T. Adds a malicious cryptographic certificate to the system.TrueFalse Project 2: Malware 5 (Phase I)Malware Analysis (Project 2)Phase I - Malware 5 You should answer the following questions about Malware 5 with True or False. Item at position 1A. Malware sets itself to run whenever Windows starts upTrueFalse Item at position 2B. Malware looks up the computer name (possibly doing some reconnaissance)TrueFalse Item at position 3C. Potentially looks through Microsoft Outlook address book contentsTrueFalse Item at position 4D. Creates and executes a Visual Basic Script (VBS) called "WinVBS.vbs"TrueFalse Item at position 5E. Prevents users from accessing registry toolsTrueFalse Item at position 6F. Hides all drives on computerTrueFalse Item at position 7G. Prevents users from changing remote administrator settingsTrueFalse Item at position 8H. Searches for all possible drives on computerTrueFalse Item at position 9I. Checks for its privileges (this isn't inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)TrueFalse Item at position 10J. Hooks the keyboard (potentially a keylogger)TrueFalse Item at position 11K. Hooks the mouseTrueFalse Item at position 12L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)TrueFalse Item at position 13M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.TrueFalse Item at position 14N. Retrieves the current user's usernameTrueFalse Item at position 15O. Adds mutex for Eclipse DDoS malwareTrueFalse Item at position 16P. Adds mutex for IPKillerClient malwareTrueFalse Item at position 17Q. Adds mutex for DarkDDoSer malwareTrueFalse Item at position 18R. Contacts various SMTP servers (possibly for spamming)TrueFalse Item at position 19S. Copies potentially malicious files to the device.TrueFalse Item at position 20T. Adds a malicious cryptographic certificate to the system.TrueFalse Project 2: Phase II Dissect some behaviorsMalware Analysis (Project 2)Phase IIYou must answer the following open questions with regard to Phase II. Make sure you follow all of the project write-up instructions to the letter. There will be no credit given for typographical mistakes. Item at position 1Type the IP address for Malware 1's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 1 type "none" without quotes): Item at position 2Type the IP address for Malware 2's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 2 type "none" without quotes): Item at position 3Type the IP address for Malware 3's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 3 type "none" without quotes): Item at position 4Type the IP address for Malware 4's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 4 type "none" without quotes): Item at position 5Type the IP address for Malware 5's C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 5 type "none" without quotes): Item at position 6External SMTP Servers Identification.SMTP Servers DNS domain names in a comma- separated list, without spaces: Project 2 Phase IIICluster and Classify: 15 pointsUpload your final malheur configuration file (config.mlw)
Phase IV Malheur Summary The solution for this part must be submitted on grapescope.com and see what your autograder score before you send me the solution.
Attachment:- project assignment.rar
What is the difference between research- and evidence-based practice projects? Provide an example of each one and the reason for the difference.
Addresses The general differences between JCAHO and JCI. Be a voiceover PowerPoint less than 5 minutes in length or have extensive notes below the slides.
Explain why your question is important to you as a member of society? Explain why studying human behavior and identity is a valuable human endeavor
Evaluate the fundamental reasons why price and utilization economic factors in the healthcare setting influence competitive market status in regard to supply and demand for health care services.
Recommend Emotional Behavior Disorder assessments that need to be discontinued and why they need to be discontinued.
Discuss ways in which we use the alphabetic principle in our classrooms or daily lives. Use the video for examples. Then, provide the title and author.
You are required to complete a 3-5 page term paper related to a topic on an aspect of adulthood. You can choose a psychological disorder, menopause, Alzheimer's disease, etc
Are you under the influence of a High- or Low-pressure system? What does that mean for your current weather? Review the National Weather Service's Forecast Maps
For this assignment, you will perform a search for five resources in a chosen topic area related to forensic psychology.
What are your thoughts regarding the use of 360-degree assessments as part of the appraisal process? As we know, these are used frequently in leadership evaluations, but not typically in the employee evaluation process. Do you think the input of..
Create the work breakdown structure (level 1 of wbs at least 7 and level 2 at least 20) Explain in details for the work packages.
Judaism, Christianity, Islam, Hinduism, and Buddhism are considered religions because their spiritual messages apply to all of humanity rather than to just their own cultural history and legacy.
Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!
whatsapp: +1-415-670-9521
Phone: +1-415-670-9521
Email: [email protected]
All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd