What host-or network-based indicators could be used to identify this malware on infected machines? 

1. Please define the obfuscation process in detail.

2. Using http://www.dependencywalker.com please explain the components involved within the .dll GetCurrentProcess.dll along with how the process works. Please provide a snapshot of your findings.

3. Answer the questions relating to Lab1-2:

Q: 1. Upload the Lab01-02.exe file to http://www.VirusTotal.com/ . Does it match any existing antivirus


Q: 2. Are there any indications that this file is packed or obfuscated? If so, what are these

indicators? If the file is packed, unpack it if possible.

Q: 3. Do any imports hint at this program’s functionality? If so, which imports are they

and what do they tell you?

Q: 4. What host-or network-based indicators could be used to identify this malware on infected



In this assignment, you will need to setup a virtualized environment. See the following:






Please provide a complete writeup on how this malware could be installed on your machine. NOTE: You will need to disable any anti-virus protection as this contains live malware. It will not install onto your system.

Analyze the malware found in the file Lab03-02.dll using basic dynamic

analysis tools.

How can you get this malware to install itself?

How would you get this malware to run after installation?

How can you find the process under which this malware is running?

Which filters could you set in order to use procmon to glean information?

What are the malware’s host-based indicators?

Are there any useful network-based signatures for this malware?

How could you prevent this type of malware from installing on your machine?


determine the context, order, and any linkages between the required elements listed below

 Demonstrate your understanding of Assembly in relation to other languages, your ability to apply existing ARM64 assembly mnemonics and techniques to a specific purpose, and to demonstrate the ability to….

Identify and write the main issues found discussed in the case (who, what, how, where and when (the critical facts in a case).

Case Study: You have just been hired to perform digital investigations and forensics analysis for a company. You find that no policies, processes, or procedures are currently in place. Conduct….

Identify dependencies between various business areas and functions.

PROJECT TITLE Business Continuity Plan for Financial Institutions ABSTRACT Due to increase in customers’ demand, competition, 24hrs continuous service, frequent changes in regulatory policy requirements and changes in various threats….