A signature is a rule for identifying malicious software. We may categorize signatures into two distinct categories:
File Based Detection - Signatures that are primarily used to identify malicious files
Network Based Detection - Signatures used for identifying malicious traffic being passed through the network
For the purposes of this exercise we will cover the techniques of generating file, binary search and some heuristic signatures.
What you will learn
- Low level code understanding
- Basic reverse engineering techniques.
- Basic malware analysis techniques.
It is recommended, but not necessary to be familiar with the following concepts: * Assembly language * C programming language * Basic Windows usage * Ollydbg
- Connect with RDP(Remote Desktop Protocol) to the machine 192.168.125.100
- Username: w7admin
- Password: pass777word888
- TIME60 MINUTES
- COST1000 CRYSTALS