https://github.com/emansarahafi/malware-analysis
This lab assignment focuses on analyzing malware within a secure, isolated environment using tools like Firejail.
https://github.com/emansarahafi/malware-analysis
malware-analysis
Last synced: 7 months ago
JSON representation
This lab assignment focuses on analyzing malware within a secure, isolated environment using tools like Firejail.
- Host: GitHub
- URL: https://github.com/emansarahafi/malware-analysis
- Owner: emansarahafi
- Created: 2025-02-27T09:28:39.000Z (7 months ago)
- Default Branch: main
- Last Pushed: 2025-02-27T09:28:43.000Z (7 months ago)
- Last Synced: 2025-03-17T12:12:48.849Z (7 months ago)
- Topics: malware-analysis
- Language: C
- Homepage:
- Size: 4.88 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Malware Analysis Report
## CS412 SE G1 Fall 2024
**Author:** Eman Sarah Afi
**Class:** CS412
**Group:** SE G1
**Date:** November 13, 2024
---
## Table of Contents
- [Malware Analysis Report](#malware-analysis-report)
- [CS412 SE G1 Fall 2024](#cs412-se-g1-fall-2024)
- [Table of Contents](#table-of-contents)
- [Introduction](#introduction)
- [Lab Assignment Solutions](#lab-assignment-solutions)
- [Task 1: Basic File Infection](#task-1-basic-file-infection)
- [Task 2: Random Infection](#task-2-random-infection)
- [Task 3: Program File Infection](#task-3-program-file-infection)
- [Task 4: Boot File Infection Simulation](#task-4-boot-file-infection-simulation)
- [Task 5: Self-Replication](#task-5-self-replication)
- [Task 6: Behavioral Analysis using VirusTool](#task-6-behavioral-analysis-using-virustool)
- [Conclusion](#conclusion)
- [References](#references)
---
## Introduction
Malware, or "malicious software," refers to harmful programs that disrupt, damage, or gain unauthorized access to computer systems. Examples include viruses, worms, ransomware, and spyware, which pose serious risks to individuals and organizations. Malware can lead to data theft, financial loss, and system compromise.
This lab assignment focuses on analyzing malware in a controlled environment using tools like Firejail. The goal is to understand malware behavior, its infection mechanisms, and possible countermeasures.
---
## Lab Assignment Solutions
### Task 1: Basic File Infection
This task simulates a simple file-infecting malware program. The program scans for specific files and appends an infection marker if they are not already infected. It demonstrates how a virus propagates by modifying files.
### Task 2: Random Infection
In this task, the malware randomly selects a file from the current directory and infects it. This simulation showcases a more unpredictable infection pattern, which can make detection and containment more difficult.
### Task 3: Program File Infection
Here, the malware specifically targets `.exe` files in the directory. It scans for executable files, checks if they are already infected, and appends an infection marker if necessary. This represents how real-world malware often targets program files to ensure execution and persistence.
### Task 4: Boot File Infection Simulation
This simulation infects boot-related files such as `.cfg`, `.img`, `.efi`, `.grub`, and `.bin` files. Since boot files are critical for system startup, infecting them can lead to serious system disruptions or unauthorized control over a machine.
### Task 5: Self-Replication
The malware in this task not only infects files but also copies itself across directories, demonstrating the self-replicating nature of some viruses and worms. The program traverses directories and subdirectories, spreading itself to new locations.
### Task 6: Behavioral Analysis using VirusTool
A VirusTotal scan was conducted to analyze the malware's behavior. Results indicated that none of the 63 antivirus engines flagged it as malicious, highlighting how malware can evade detection under certain conditions.
---
## Conclusion
This malware analysis provided insights into how malicious programs operate, replicate, and infect systems. By simulating different types of malware behaviors in a controlled environment, this study emphasizes the need for robust cybersecurity measures. The hands-on approach allowed an exploration of malware’s impact and demonstrated the importance of detection techniques and sandbox environments for safe testing.
With the increasing sophistication of malware threats, understanding their mechanisms is crucial for developing effective defenses.
---
## References
[1] Malwarebytes, "What is Malware?", 2020. Available at: [https://www.malwarebytes.com/malware](https://www.malwarebytes.com/malware)
---
**Disclaimer:** This project was conducted in a secure, controlled environment strictly for educational purposes. Malicious code should never be executed outside of isolated test environments.