Dynamic Analysis Part 2.2

.banner-container.gbi--1584220633:before { opacity: 1; background-image: url('//images.ctfassets.net/kvf8rpi09wgk/2bcb1ThKRYPgD8mgIPLRJF/812cb7a77584ac0477c4a729a0bae83e/cybrary_background.jpg?w=500&q=55'); }

Create Free Account

NEED TO TRAIN YOUR TEAM? LEARN MORE

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

Time

30 minutes

Difficulty

Intermediate

Video Activity

Create Free Account

NEED TO TRAIN YOUR TEAM? LEARN MORE

Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.

This module will explore further into the basic malware dynamic analysis. We'll be demonstrating this using a malware called IllusionBot that has been downloaded from the Github website. A useful tip for Linux virtual machine, particularly Kali, is to change the settings for the display if the VMware tools don't automatically resize the interface. You'll learn about the various tools that are used for the dynamic analysis such as CaptureBAT, inetsim, netstat –untap, servicebindaddress. We'll begin with the identification of certain network indictors. We'll also discuss about other tools like Process Explorer which is like a powerful task manager, and is similar to Process Hacker. Process Explorer allows us to watch the processes very closely. You'll also learn about Autorun and the different files types it has.