Identify Rootkit and DLL Injection Activity
Cyberscore

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Time
40 minutes
Difficulty
Intermediate

Students will use Olly Debugger to debug a suspect program and determine if any of the observed behavior is malicious or not. They will also use Process Hacker to confirm if a possible DLL injection ...

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Overview

Students will use Olly Debugger to debug a suspect program and determine if any of the observed behavior is malicious or not. They will also use Process Hacker to confirm if a possible DLL injection was successful. This lab fosters an understanding of debuggers, shows one possible way malicious software hooks into legitimate programs and will provide an "under the hood" perspective on how programs work in the Windows environment.