Computer Forensics Analyzing Hostile Code

In this week, you need to analyze software. In your forensics practice, you often need to analyze hostile codes. In order to be safe, we do not recommend you take the risk of analyzing a real hostile code. However, if you could set up a secure environment and you decide to get some real experience on analyzing a real hostile code, you can do so. You need to select the software (e.g., WinWord, notepad, etc.) to investigate as soon as possible. Then you may use software such as pslist, PMDump, handle or Holodeck to find out what kind of external resources it is using. To deeply understand it, you may also try to figure out why it uses which resources. Write a report on your findings and submit it by the end of this week in the assignment folder.

Some Hints:
For Linux systems, the following is a list of commands that you may use to analyze binaries:
md5sum, file, strings (e.g., strings –a xxx|more), hexdump (e.g, hexdump –C –v xxx|more), nm, ldd, readelf, objdump, strace (e.g., strace –o strace.txt –x –e write=all –ff ./xxx), gdb,

For windows, you may use systeminternals.com tools and also the following commands:
edit, cl, type, and cygwin based linux commands as above.

This solution analyzes the hostile code using resources in particular Holodeck. It explains the procedure as well as the set of commands required to perform this task.

What is this?

By OTA - Overall OTA Rating

Narasimha Rao, MSc - 4.8/5

Purchase Cost Now

$2.19 CAD (was ~$39.90)

Included in Download

Plain text response
Attached file(s):
- Forensics_8_solution.doc

Why you can trust BrainMass.com

Your Information is Secure
Best Online Academic Help Service
Students find real academic Success

You and your team have decided to investigate the use of alternative distribution channels. - LIBRARY PROJECT: You and your team have decided to investigate the use of alternative distribution channels. Use the Library and internet to provide one other alternative channel management technique ...
As an employee in a multi-national corporation, why would you want to accept a foreign assignment? - As an employee in a multi-national corporation, why would you want to accept a foreign assignment? Why might your feelings be negative about this same assignment?
Internals controls in accounting and finance - 1. Would better internal controls have prevented any of the biggest corporate scandals over the past few years? Give examples and explain. 2. Is it ethical to maintain the minimum required internal ...
Systems Suvey and Steering Committee - Two questions: Which of the following is an objective of a systems survey? a) To understand management information needs b) To understand the human element and gain cooperation from people invol ...
OSHA - How much authority should OSHA have to investigate incidents that take place in private organizations? 200-300 words

Business · Chemistry · Statistics · Physics · Computer Science · Math · Biology · Economics · Psychology · Law · Health Sciences · more

Reference Desk · Advertise on BrainMass · Legal Terms and Conditions · Privacy Policy
Non-Payment Policy · Contact Us · Homework Help Solutions · Student Center