Identify Rootkit and DLL Injection Activity

Students will use Olly Debugger and Process Hacker to debug a suspect program and determine if any of the observed behavior is malicious or not. This lab shows one possible way malicious software hooks into legitimate programs and will provide an "under the hood" perspective on how programs work in the Windows environment.

Time

45 minutes

Difficulty

Intermediate

3.3

NEED TO TRAIN YOUR TEAM? LEARN MORE

Join over 3 million cybersecurity professionals advancing their career

Required fields are marked with an *

View all SSO options

Already have an account? Sign In »

This Cyberscore is part of a Career Path: Become a SOC Analyst - Level 2

Overview

Students will use Olly Debugger to debug a suspect program and determine if any of the observed behavior is malicious or not. They will also use Process Hacker to confirm if a possible DLL injection was successful. This lab fosters an understanding of debuggers, shows one possible way malicious software hooks into legitimate programs and will provide an "under the hood" perspective on how programs work in the Windows environment.

LEARN MORE. ACHIEVE MORE.

Follow A Path

Deciphering the essentials to enter a new career is hard, so we did it for you!

Focus on building your skills and take this cyberscore in a guided Career Path.

Become a SOC Analyst - Level 2

Learn more about Career Paths

Learning Partner