Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
39 views1 page

Dynamic Questions

This malware manipulates files and the registry, persists by creating additional processes, communicates over the network, and its purpose is analyzed through monitoring with Process Explorer and creating a behavior graph with ProcDot.

Uploaded by

manar thani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
39 views1 page

Dynamic Questions

This malware manipulates files and the registry, persists by creating additional processes, communicates over the network, and its purpose is analyzed through monitoring with Process Explorer and creating a behavior graph with ProcDot.

Uploaded by

manar thani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Question for Dynamic Analysis

• What files are manipulated/created by this malware?


• What in the registry is manipulated by this malware?
• How does the malware persist?
• What additional processes does it create?
• Does it try to communicate over the network? Any useful network-based signatures for this
malware?
• What do you notice when monitoring this malware with Process Explorer? Is there any live
memory modification?
• What are the malware’s host-based indicators?
• Draw a behavior graph for this malware using ProcDot
• What would you guess is the purpose of this malware?

You might also like