Hello, dear friend, you can consult us at any time if you have any questions, add WeChat: daixieit

CSI2107 Software Reverse Engineering

Assignment 2: Applied Reverse Engineering Analysis

Precautions

There is always risk associated with handling malware, the following precautions must be taken when doing so.

· Malware must be downloaded directly into the virtual machine.

· Malware must not be executed at any time unless within a contained debug environment.

· Malware must not be marked executable or renamed to an executable extension at any time.

· When transporting malware, it should always be contained within a password protected and encrypted zip file. The password is “infected”.

· Do not allow others to access malware samples provided to you.

 Disclaimer

By accessing the provided malware samples, you acknowledge the following:

· cannot be held liable for any adverse effects to any computer systems or for any loss or damage suffered as a result of malware samples or any other materials provided.

· The malware samples provided are live and unmodified, inappropriate handling could lead to infection of computer systems or other electronic devices.

· You accept all responsibility for any adverse effects to any computer systems or for any loss or damage suffered.

· Alternative assessment options are provided on request.

Malware Samples

If you are having issues with the assigned samples, please contact your lecturer or tutor immediately. Malware samples are available in Canvas.

 Assignment Brief

This assignment requires that you demonstrate the practical use of the malware analysis techniques covered in this unit. Once you unzip the malware sample zip file, you will get five malware samples. Of the five, you must select two to be used in your assessment. You are encouraged to conduct a brief preliminary analysis of all allocated samples to inform your selection of samples. For each of the two selected malware samples, you must conduct an in-depth reverse engineering effort to write an analysis report and prepare a presentation.

 Submission Requirements Report

· Cover Page (Your ID & Malware sample details)

· Executive summary (100-150 words)

· Identification of malware sample.

· Details of architecture targeted by malware.

· Details of malware behaviour based on sandbox analysis.

· Two detection rules and explanation for these rules.

· Removal Instructions.

· Accessible link for the presentation.

 Presentation

PowerPoint presentation on Findings in 5-10 slides (10 minutes maximum) Upload the video presentation using following steps:

• Step 1: Prepare your presentation in Panopto video library.

• Step 2: Include the accessible link of your presentation in the report.

• Step 3: To ensure Student Identity Verification (SIV), you must:

· be in possession of your Student ID Card and show this for five (05) seconds at the start of the presentation where you will introduce yourself.


The information on the card should be readable. You can use your passport or driving license if you do not have your Student ID Card. However, you must mention the reason(s) as to why you are using your passport or driving license.

· capture both the screens, i.e. computer screen covering the demonstration (primary capture) and yourself (secondary capture). The secondary capture needs to be a headshot only and must be recorded for the entire duration of the presentation.