Tag Archives: Malware


Introduction This year, I had the privilege of attending the OpenText Enfuse conference in Las Vegas. While there, I had the opportunity to develop my forensic abilities and build relationships with industry professionals, co-workers, friends, and many other wonderful new people. The breakout sessions provided me with deep level overviews of interesting topics like threat […]

Continue reading

Malware Analysis Blog 3

Introduction Now that we’ve had a good amount of time to work on this project, we’ve been able to analyze multiple samples of Malware. One of the samples we reviewed was a RAT (Remote Access Trojan), commonly referred to as DarkComet. A RAT is software that allows a person to remotely control a system as […]

Continue reading

Malware Analysis Blog 2

Introduction: We were able to get our AWS client working with some outside help, and will be using the ThreatAnalyzer to deploy any malware samples we submit. Once it is finishing analyzing the malware, ThreatAnalyzer will then create a detailed report for us. This report serves as an excellent reference while we do some static […]

Continue reading

Malware Analysis Introduction

Introduction To Malware Analysis In order to build upon work done by the LCDI’s Malware Analysis Team last semester, we are adopting Amazon Web Services. Amazon WorkSpaces will allow us to conduct malware research with the guarantee that the LCDI network will remain unaffected by any samples we choose to analyze. The Malware Team has […]

Continue reading
malware analysis skull and crossbones

Malware Analysis Project Update

FINAL Malware Analysis Update Introduction: Throughout this semester, we’ve been working diligently  to create a malware analysis environment that  is both effective and easily accessible.  After considerable research and testing,we   have learned useful information about various aspects of  malware analysis. Cuckoo allows us to automate the process by simply importing malware into it and  receiving […]

Continue reading

Volatility Malware Analysis

For the second part of our Volatility project, we wanted to determine whether or not we could find traces of malware in a system that was once put in hibernation mode. When a user puts their computer into hibernation, a hiberfil.sys file is created. If a system has malware running in the background and is then put into hibernation, we hypothesized that hiberfil.sys will have remnants of the malicious code. Continue reading