401 Class 32: Malware Traffic Analysis with Wireshark

Home | README.md | Portfolio | ← | →

Review the Submission Instructions for guidance on completing and submitting this assignment.

Reading What is Malware Analysis?

You just started a new job as a Malware Analyst. Explain your job responsibilities to a family member.

• My job is to understand what malware does, and the systems it affects, and how much damage has taken place, how much potential damage can be done as well. Then to report that up, and let the next person do their job in giving them a better picture for how to combat the malware and how to prevent it, and how to contain it.

What are the six steps of the Malware Analysis process? What’s a good mnemonic you can use to remember it?

Step 1: Capture the malware. Step 2: Build a malware lab. Step 3: Install your tools. Step 4: Record the baseline. Step 5: Commence your investigation. Step 6: Document the results.

You are tasked with analyzing a new malware sample. Which type of malware analysis would you conduct first and why?

I would conduit dynamic malware analysis in that I would like to see what it does if I let it play out. What better way then to start off with an actual event that happens that you can see, vs reading the code and only knowing it in theory. Then I would go down the list of the other malware analysis.