Module 07: Malware Threats

Lab Tasks :

1. Gain access to the target system using Trojans

   • Gain control over a victim machine using the njRAT RAT Trojan

2. Infect the target system using a virus

   • Create a virus using the JPS Virus Maker Tool and infect the target system

3. Perform static malware analysis

   • Perform malware scanning using Hybrid Analysis

   • Analyze ELF executable file using Detect It Easy (DIE)

   • Perform malware disassembly using IDA and OllyDbg

4. Perform dynamic malware analysis

   • Perform port monitoring using TCPView and CurrPorts

   • Perform process monitoring using Process Monitor

Lab 1: Gain Access to the Target System using Trojans

Task 1: Gain Control over a Victim Machine using the njRAT RAT Trojan

## Tools used in this section :
1. njRAT : RAT Trojan

Lab 2: Infect the Target System using a Virus

Task 1: Create a Virus using the JPS Virus Maker Tool and Infect the Target System

## Tools used in this section :
1. JPS Virus Maker 4.0

Lab 3: Perform Static Malware Analysis

Task 1: Perform Malware Scanning using Hybrid Analysis

Hybrid Analysis : https://www.hybrid-analysis.com

Task 2: Analyze ELF Executable File using Detect It Easy (DIE)

## Tools used in this section :
1.  Die.exe
2.  Macro_Pack
3.  ASPack
4.  VMprotect

Task 3: Perform Malware Disassembly using IDA and OllyDbg

## Tools used in this section :
1. IDA Pro
2. Ollydbg

Lab 4: Perform Dynamic Malware Analysis

Task 1: Perform Port Monitoring using TCPView and CurrPorts

## Tools used in this section : 
1.  TCP View
2.  CurrPorts
3.  TCP Port/Telnet Monitoring   : https://www.dotcom-monitor.com
4.  PRTG Network Monitor         : https://www.paessler.com
5.  SolarWinds Open Port Scanner : https://www.solarwinds.com

Task 2: Perform Process Monitoring using Process Monitor

## Tools used in this section :
1. ProcessMonitor : Procmon.exe