fbpx
Our Scenarios
reverse

REMA Signature Generation

Info

A signature is a rule for identifying malicious software. We may categorize signatures into two distinct categories:

  1. File Based Detection - Signatures that are primarily used to identify malicious files

  2. Network Based Detection - Signatures used for identifying malicious traffic being passed through the network

For the purposes of this exercise we will cover the techniques of generating file, binary search and some heuristic signatures.

What you will learn

  • Low level code understanding
  • Basic reverse engineering techniques.
  • Basic malware analysis techniques.

Scenario pre-requisites

It is recommended, but not necessary to be familiar with the following concepts: * Assembly language * C programming language * Basic Windows usage * Ollydbg

Technical Details

  • Connect with RDP(Remote Desktop Protocol) to the machine 192.168.125.100
    • Username: w7admin
    • Password: pass777word888
  • MODESINGLEPLAYER
  • TYPECCL
  • DIFFICULTYINTERMEDIATE
  • TIME60 MINUTES
  • COST1000 CRYSTALS
SHARE