Purchase Solution

Computer Forensics - Analysing hostile code

Not what you're looking for?

Ask Custom Question

In this week, you need to analyze software. In your forensics practice, you often need to analyze hostile codes. In order to be safe, we do not recommend you take the risk of analyzing a real hostile code. However, if you could set up a secure environment and you decide to get some real experience on analyzing a real hostile code, you can do so. You need to select the software (e.g., WinWord, notepad, etc.) to investigate as soon as possible. Then you may use software such as pslist, PMDump, handle or Holodeck to find out what kind of external resources it is using. To deeply understand it, you may also try to figure out why it uses which resources. Write a report on your findings and submit it by the end of this week in the assignment folder.

Some Hints:
For Linux systems, the following is a list of commands that you may use to analyze binaries:
md5sum, file, strings (e.g., strings -a xxx|more), hexdump (e.g, hexdump -C -v xxx|more), nm, ldd, readelf, objdump, strace (e.g., strace -o strace.txt -x -e write=all -ff ./xxx), gdb,

For windows, you may use systeminternals.com tools and also the following commands:
edit, cl, type, and cygwin based linux commands as above.

Purchase this Solution
Solution Summary

This solution analyzes the hostile code using resources in particular Holodeck. It explains the procedure as well as the set of commands required to perform this task.

Purchase this Solution
Free BrainMass Quizzes
MS Word 2010-Tricky Features

These questions are based on features of the previous word versions that were easy to figure out, but now seem more hidden to me.

Six Sigma for Process Improvement

A high level understanding of Six Sigma and what it is all about. This just gives you a glimpse of Six Sigma which entails more in-depth knowledge of processes and techniques.

Academic Reading and Writing: Critical Thinking

Importance of Critical Thinking

Understanding the Accounting Equation

These 10 questions help a new student of accounting to understand the basic premise of accounting and how it is applied to the business world.

Managing the Older Worker

This quiz will let you know some of the basics of dealing with older workers. This is increasingly important for managers and human resource workers as many countries are facing an increase in older people in the workforce

View More Free Quizzes
Related BrainMass Solutions

  • Future Trends in Computer Forensics

    172372 Future Trends in Computer Forensics Discuss future trends in computer forensics and international cooperation. What are the future trends that are likely to dominate the Computer Forensics sector over the coming decade?

  • Differences between Computer Forensics and Normal Forensics

    172371 Differences Between Computer Forensics and Normal Forensics What is the essential difference between computer forensics and "normal" forensics? Explain in brief.

  • Processing Crimes and Incident Scenes

    A Practical Guide to Computer Forensics Investigations. Indiana: Pearson IT Certification. Nelson, B., Phillips, A., & Steuart, C. (2014). Guide to Computer Forensics and Investigations. Boston: Cengage Learning.

  • Computer Forensic Tools

    333231 Computer Forensics: Research five computer forensics tools. Using the Library and other internet resources, research five computer forensics tools. For each tool, list the vendor and its functions.

  • Digital Stratigraphy and Computer Forensics

    172378 Digital Stratigraphy and Computer Forensics What is digital stratigraphy? Give an example to illustrate how digital stratigraphy is important in the field of Computer Forensics.

  • Case: Krenar Lusha and Scott Tyree

    The Most Famous Computer Forensics Cases. Retrieved February 25, 2016, fromhttp://www.technews24h.com/2012/05/most-famous-computer-forensics-cases.html. The expert examines the case for Krenar Lusha and Scott Tyree.

  • Computer Forensic Investigations

    The forensics lab should instead enhance its existing forensics capabilities with a new, state-of-the-art digital forensics lab by developing open-standards and non-proprietary technologies such as Forensic Advantage.

  • Trusted Computing Group Specifications

    Hence in my opinion, this specification of the Trusted Computing Group is quite vital in terms of computer forensics with regards to computer design.

  • Several major functions performed by computer forensics software

    616987 Several major functions performed by computer forensics software Explain several major functions performed by computer forensics software such as FTK and Prodiscover. Please identify and explain at least 3 important differences.

View More Related Solutions