Capture The Flag (CTF)

NETWORK SECURITY FINAL EXAM REPORT

"Write Up Capture the Flag (CTF): Malware Analysis"

Compiled by
Wawan Chahyo Nugroho
NIM: 12131294


EL RAHMA COLLEGE OF INFORMATICS MANAGEMENT AND COMPUTER SCIENCE
YOGYAKARTA
2018

FOREWORD

We would like to express our gratitude to the Almighty God for His guidance and direction, so that we can complete the UAS report entitled "Write Up Capture the Flag (CTF)" in the Network Security course of the Informatics Engineering Study Program of STMIK EL RAHMA Yogyakarta. On this occasion, we, the authors, would like to thank the honorable Mr. Eko Yunianto, S.Kom. as the supervising lecturer for his guidance and challenges so far so that he can open the author's insight and be able to compile this report. We realize that there are still shortcomings in the presentation of this report. Therefore, we accept constructive criticism and suggestions for the perfection of this report. Finally, hopefully this paper can provide benefits, especially for the author, and generally for the readers.

CHAPTER I INTRODUCTION

1.1 Background of the Problem

Assalamu'alaikum wr. wb. To all students taking the Network Security course. It is informed that this announcement will represent the questions that you must complete within 2 weeks from the time this announcement is posted. As for the UAS, there will still be written questions according to the specified schedule. Here are the details of the questions.

  • Don't forget to pray before working on the questions
  • In this announcement there are several QR code images containing 2 public keys, 2 private keys, 2 encrypted files.
  • Please download using a scanner to read the QR Code according to your class (evening/day).
  • The stages consist of:
  • Step 1 - Encryption
  • Stage 2 - Steganography
  • Step 3 - Malware Analysis
  • Stage 4 - Computer Network Traffic Analysis
  • Each stage has its own points accompanied by a guide to completing it.
  • Please document every step that may be useful later.
  • It is not allowed to work randomly, it must be in order, the system has been set to check this.
  • If the QR Code file cannot be read, please try to get access to the file or contact me (the supervising lecturer).
  • Do not accept complaints, questions, clarification from WA, please use the facilities that I have listed below.
  • The first person in the class to complete the exam with good documentation will receive a reward in the form of the maximum UAS score according to the points attendance, plus a little credit as an additional prize.
  • Don't forget to say hamdalah when you have finished working.

Thank you for your attention and cooperation. Wassalamu'alaikum wr. wb.

Best regards,
Eko Yunianto.

Because I am an evening class student, the QR Code that I use is like Figure 1.1, the QR code for the UAS questions.

Figure 1.1 QR code for UAS questions
Figure 1.1 QR code for UAS questions

1.2 Problem Formulation

As an Informatics Engineering student, I am still unfamiliar with CTF, which is a game-based network security introduction concept.

1.3 Research Objectives

Complete the challenges in the Network Security UAS CTF.

1.4 Benefits of Research

The benefits of this research are:

  • As a student, I understand what encryption is.
  • As a student, I understand how to implement encryption.
  • As a student, I understand what Steganography is.
  • As a student, I understand how to implement Steganography.
  • As a student, I now understand what malware is.
  • As a student, I understand how to analyze malware.
  • As a student, I understand what Computer Network Traffic is.
  • As a student, I understand how to analyze computer network traffic.

1.5 Writing Systematics

CHAPTER I - INTRODUCTION. 
Contains the background of the problem, problem formulation, research objectives, research benefits and writing systematics.

CHAPTER II - LITERATURE REVIEW.
Contains sources and quotes of several sentences that support this research.

CHAPTER III - THEORETICAL BASIS.
Contains explanations or descriptions used in creating this application system.

CHAPTER IV - RESEARCH RESULTS AND DISCUSSION.
Contains the implementation of the application system that has been successfully created and tested.

CHAPTER V - CONCLUSION AND SUGGESTIONS.
Contains conclusions from the entire application system created.

CHAPTER II - LITERATURE REVIEW

Wicaksono, PA (2009), Informatics Engineering, School of Electrical Engineering and Informatics, Bandung Institute of Technology, Bandung. Research title "Encryption Using RSA Algorithm". The benefits of this research when viewed from the technical calculation aspect, the RSA system has an easy encryption method, but if it has been encrypted, the encrypted data is difficult to break if only the public key is available.

Utomo, TP (2015), Informatics Engineering, Faculty of Science and Technology, UIN Sunan Gunung Djati, Bandung. Research title "IMAGE STEGANOGRAPHY WITH LEAST SIGNIFICANT BIT METHOD FOR COMMUNICATION PROTECTION ON ONLINE MEDIA". The benefit of this research is to help internet users in exchanging messages with a better level of security.

Setiawan, FGND, Ijtihadi, RM, Studiawan, H. (2017), Informatics Engineering, Faculty of Information Technology, Sepuluh Nopember Institute of Technology (ITS), Surabaya. Research title "Malware Detection in Web Application Environment with Document Categorization". The benefit of this research is that it can apply document categorization techniques to detect malware or malicious code, especially the web shell type with document categorization techniques.

Rosnelly R., Pulungan R. (2011), Postgraduate Program, Computer Science UGM, Yogyakarta. Research title "Comparing Data Traffic Analysis on Computer Networks Between Wireshark and NMAP". The benefits of this research are being able to hear and observe all activities that occur in the network.

From the explanation above, it can be summarized in Table 2.1 Literature review.

Table 2.1 Literature review

| No. | Nama                                              | Judul                                                                                               | Tahun | Hasil                                                                                                      |
|-----|---------------------------------------------------|-----------------------------------------------------------------------------------------------------|-------|------------------------------------------------------------------------------------------------------------|
| 1.  | Wicaksono, P.A.                                   | Enkripsi Menggunakan Algoritma RSA                                                                  | 2009  | Mempermudah cara enkripsi data.                                                                            |
| 2.  | Utomo, T.P                                        | STEGANOGRAFI GAMBAR DENGAN METODE LEAST SIGNIFICANT BIT UNTUK PROTEKSI KOMUNIKASI PADA MEDIA ONLINE | 2015  | Membantu user internet dalam bertukar pesan dengan tingkat keamanan yang lebih baik.                       |
| 3.  | Setiawan, F.G.N.D., Ijtihadi, R.M., Studiawan, H. | Pendeteksian Malware pada Lingkungan Aplikasi Web dengan Kategorisasi Dokumen                       | 2017  | Dapat mendeteksi malware atau kode malicious khususnya jenis web shell dengan teknik kategorisasi dokumen. |
| 4.  | Rosnelly R., Pulungan R.                          | Membandingkan Analisa Trafik Data Pada Jaringan Komputer Antara Wireshark dan NMAP                  | 2011  | Dapat mendengar dan mengamati segala aktifitas yang terjadi dalam jaringan.                                |

CHAPTER III - THEORETICAL BASIS

3.1 Understanding Encryption

Encryption is a process of changing a pure text (plaintext) into a sequence of characters or data that looks meaningless and has an irregular bit sequence, called ciphertext. The process of changing ciphertext back into plaintext is called decryption.

3.2 Understanding Steganography

Steganography is the art and science of writing hidden messages or hiding messages in such a way that no one other than the sender and the receiver knows or realizes that there is a secret message. In contrast, cryptography disguises the meaning of a message, but does not hide that there is a message. The word "steganography" comes from the Greek steganos, meaning "hidden or veiled", and graphein, "to write".

Today, the term steganography includes the hiding of digital data within computer files. For example, the sender starts with a regular image file, then adjusts the color of every 100th pixel to match a letter in the alphabet (the change is so subtle that no one would notice it unless they were looking hard enough).

3.3 Malware Analysis

Malware analysis is an activity that is often carried out by a number of information technology security practitioners to detect the presence or absence of malicious subprogram components or data in an electronic file. This analysis or study is very important to do because:

  1. Malware is often smuggled through common and popular files such as applications (.exe), word processors (.doc), number processors (.xls), images (.jpg), and so on -- so that if ordinary users access and open them, they will immediately become victims of malicious programs;
  2. Malware is often embedded in a collection of files needed to install a particular program or application -- so that when the user installs the application in question, the malware is immediately activated;
  3. Malware is often disguised by using file names that are commonly used for various purposes, such as driver (.drv), data (.dat), library (.lib), temporary (.tmp), and others -- so that users are not aware of its presence on their computers;
  4. Malware is often developed to spread itself to other places, working in a similar way to viruses or worms -- so that a user's computer can become a nest or source of dangerous malicious programs;
  5. Malware is often planted in a computer system without the user's knowledge -- so that at any time it can be misused by unauthorized parties to commit various crimes; and so on.

3.4 Computer Network Traffic Analysis

Nowadays, computer networks have become a very important need to facilitate data exchange between computers. As the number of computers on a network increases, the level of difficulty in managing the network increases. A network should have rules regarding how an object or data activity moves across the network. Network analysis is closely related to maintaining network security, analysis is useful for solving problems that occur in the network. Network analysis is the activity of listening and observing all activities that occur in the network.

CHAPTER IV - RESEARCH RESULTS AND DISCUSSION

4.1 Scan QR Code Case Study

To be able to move on to Stage 1, we must first scan the QR Code for the UAS questions as shown in Figure 1.1 QR code for the UAS questions, in the following manner.

1. Download the QR & Barcode Scanner application on the Google Play Store.

Figure 4.1 QR & barcode scanner application
Figure 4.1 QR & barcode scanner application

3. Install the application.

4. Scan Image 1.1 QR code for UAS questions and download all files via the available link.

Figure 4.2 File link scan results
Figure 4.2 File link scan results

Figure 4.3 Private key scan results
Figure 4.3 Private key scan results

Figure 4.4 Public key scan results
Figure 4.4 Public key scan results

5. The scanning process produces the files malam.bin, malam.key and malam.pub.

4.2 Step 1 -- Encryption (cracking encrypted files)

Because the laptop still uses Windows, the steps I took were:

  1. Download & install cygwin for windows.
  2. By following the programming patterns in the Quora discussion, I just have to adjust it to the case study.
  3. Decrypt malam.bin with private key (malam.key) with output jwb.bin.

Figure 4.5 Example of RSA encrypt and decrypt
Figure 4.5 Example of RSA encrypt and decrypt

Figure 4.6 Descrypt malam.bin use malam.key
Figure 4.6 Descrypt malam.bin use malam.key

I created the decrypt output with the file name jwb.bin, and its contents are as follows.

Figure 4.7 Contents of the decrypted jwb.bin file
Figure 4.7 Contents of the decrypted jwb.bin file

Next, I followed the link to get an image with the theme "NKRI HARGA MATI" with the file name nkri_malam.png.

4.3 Stage 2 -- Steganography (cracking steganography files)

Based on the literature study, I can conclude that the scheme or pattern or concept of steganography in general is to insert a message into the hexadecimal data of an image file. So this is the reason I searched for a hexadecimal editor tool on Google, so I got an application " HxD Copyright© 2002-2009 by Maël Hörz. All rights reserved .".

Figure 4.8 Google form link in the image
Figure 4.8 Google form link in the image

Fill out the form via  https://goo.gl/forms/TDaFyMte3z8PGoou2  the results of identifying the message inserted in the nkri_malam.png image.

Figure 4.9 Response after completing stage 2
Figure 4.9 Response after completing stage 2

4.4 Step 3 -- Malware Analysis

Follow the following link  https://goo.gl/yWEfmH  obtained from the response after completing the form to move to stage 3. From the link I found a rar file with a size of 324 KB. After that I checked the file by:

1]. Open the malam.rar file, but the following dialog appears.

Figure 4.10 Error to open file
Figure 4.10 Error to open file

2]. Extract the malam.rar file, but the following dialog appears.

3]. Open the malam.rar file, using HxD Editor and Notepad++, the results show several messages explaining the contents of the file and how to extract it, but the extraction method seems to be inapplicable to me due to file errors as in steps 1 and 2.

4]. There are 2 points that I can take from the message embedded in the rar file, namely:

Table 4.1 Hidden messages in stage 3 of the malware_malam.rar file

Rar!
  zGÛq  
  ”€ ÇëªlÚÚ 1œ¾€  CMTPOIN 20
Analisa Malware
1. Unduh file malware yang ada di dalam file ini
2. Ekstrak dam silakan lakukan analisa terhadap malware yang Ada. 
3. Buka halaman web form di google drive kemudian isi pertanyaan paling bawah sesuai hasil analisa ANda

Link google drive https://goo.gl/forms/sqSSrnPo1HXEOL7V2

NB. 
- Password ekstraksi diisi kata "malware" ditambahkan dengan ekstensi atau jenis kelas yang Anda ikuti tanpa spasi, small caps dan salah satu huruf "a" diganti dengan huruf "4" sepanjang 12 karakter.
- Form dengan otentikasi, jadi silakan sesuaiken dan pastikan kebenaran penulisan •©ñ$X<°•µË‘ ëw­µ€  malam.apk

5]. Feeling unsatisfied, I tried to access the download link of the file again and at this stage there were many oddities, where the chrome browser detected a threat of a virus / malware that could steal passwords, messages or credit cards. Even though I used the same link but the response after that had changed to the following.

Figure 4.11 Error to extract file
Figure 4.11 Error to extract file

6]. Looking for more information related to the address blocked by the  chrome browser doc-08-c0-docs.googleusercontent.com . and it seems that the address is often used by malware to launch attacks.

Figure 4.13 About doc-08-c0-docs.googleusercontent.com
Figure 4.13 About doc-08-c0-docs.googleusercontent.com

7]. Contact Mr. Eko Yunianto to confirm whether the files on the drive are still intact or have been corrupted by Google Drive security actions.

8]. The confirmation result found the file update with migration to dropbox, and here is the new link  https://goo.gl/NT67TN

9]. Up to this step I still experienced many obstacles, namely still unable to open / extract the results file malam.rar downloaded from the new link.

10]. With various methods including asking for help from Mr. Eko Yunianto, I finally used various methods of extracting the files, including:

  • Using rar application on windows = fail.
  • Using file manager in linux = fail.
  • Using 7zip and unrar via linux terminal = failed.
  • Using file manager on android = fail.
  • Using Xplorer on android = failed.
  • Using RAR manager on android = success.

11]. This stage explains the successful extraction process. Where the first step is to download the RAR application on the playstore published by win.rar.

Figure 4.14 Download rar.apk on playstore
Figure 4.14 Download rar.apk on playstore

12]. Open the downloaded malam.rar then extract it using the application, here are the results.

Figure 4.15 Results of night.rar extraction
Figure 4.15 Results of night.rar extraction

13]. Open the contents of Note.txt, and here is the message content.

Figure 4.16 Contents of the Notes.txt message
Figure 4.16 Contents of the Notes.txt message

14]. Open malware_malam.rar via android mobile using rar application then extract, of course using password, how to find out the password is in no.15.

15]. Copy malware_malam.rar to PC then open it using HxD hexa editor, or you can also use notepad++ to find out the hidden instructions. The result is as shown in Table 4.1 Hidden messages in the malware_malam.rar file, and the password is "m4lwaremalam" without the quotes, so you get the malam.apk file.

16]. Turn off the PC antivirus, then move the night.apk to the PC.

17]. Go to  https://www.virustotal.com  then upload the malware (malam.apk) there, and get the information to answer the form step 3.

Figure 4.17 Malware info from virustotal.com analysis(1)
Figure 4.17 Malware info from virustotal.com analysis(1)

Figure 4.18 Malware info from virustotal.com analysis(2)
Figure 4.18 Malware info from virustotal.com analysis(2)

18]. Open the stage 3 form via the link in the hidden info  https://goo.gl/forms/sqSSrnPo1HXEOL7V2  and use the interesting string to answer it.

Figure 4.19 Clue answer stage 3
Figure 4.19 Clue answer stage 3

18]. Fill out the form in stage 3 and the following responses, follow the link to proceed to stage 4.

Figure 4.20 Response after completing stage 3
Figure 4.20 Response after completing stage 3

4.5 Stage 4 -- Computer Network Traffic Analysis

Download the malam.rar file via the link then open the hidden instructions via HxD or notepad++, so that you get the following message.

Rar!
  ÿ¶Vß  
  ýšÐ€ ì¨|Nœœ ÷¡Êm€  CMTBerikut ini merupakan file kompresi dimana ada dua file
1. File PCAP
2. Template Laporan

ad 1 Untuk file PCAP silakan dilakukan analisa sesuai dengan petunjuk di dalam kompresi nya
ad 2 Untuk laporan silakan di sesuaikan dengan hasil kerja Anda dengan detail.

Untuk password nya silakan ketik ucapan syukur dalam bahasa indonesia dengan salah satunya mengganti huruf "a" menjadi angka "4" (13 karakter) ]N*a<°Ý þÜ  ïðt€# Malam_NIM_Nama.rar0  ¤Öo…¶¸ÞA¯ÑZ3Ü=Œ|»H¼SÙ3i

1]. To be able to extract it, enter the password as the clue in the instructions, and the password is "alh4mdulillah".

2]. The extraction results are in the form of Malam_NIM_Nama.rar and Malam-Network-Analysis.rar files, please extract both files using the same password, so that you get files with the same name format, only the extensions are different, namely *docx and *pcap.

3]. To be able to find out the instructions for working on PCAP Files, still using the RAR android application, please select/open Malam-Network-Analysis.rar >> enter password >> click the menu in the upper right corner >> click information. The results are as shown in Figure 4.21 Hidden messages in and Malam-Network-Analysis.rar.

Figure 4.21 Hidden messages in and Malam-Network-Analysis.rar
Figure 4.21 Hidden messages in and Malam-Network-Analysis.rar

4]. Open the *pcap file using wireshark on the PC, then observe the traffic.

5]. Based on the references I read from  malware-traffic-analysis.net  , the first thing I did was filter the protocol to DHCP, assuming that hosts with Windows OS generally use DHCP as their default network settings.

Figure 4.22 List of capturing packets
Figure 4.22 List of capturing packets

6]. Double-click the DHCP Request package, then you will find information as the clue in the form of step 4, namely the host name "K34EN6W3N-PC".

Figure 4.23 Host name infected K34EN6W3N-PC
Figure 4.23 Host name infected K34EN6W3N-PC

7]. Open the link  https://goo.gl/forms/ezOV4nXOVaNyvPam1  as stated in the instructions in Malam-Network-Analysis.rar to enter your answers into the form, and here are the responses.

Figure 4.24 Response after completing stage 4
Figure 4.24 Response after completing stage 4

4.6 Finishing

To find out the instructions for working on the docx file, still using the RAR android application, please select/open Malam_NIM_Nama.rar >> enter password >> click the menu in the upper right corner >> click information. The results are as shown in Figure 4.25 Hidden messages in and Malam_NIM_Nama.rar.

Figure 4.25 Hidden messages in and Malam_NIM_Nama.rar
Figure 4.25 Hidden messages in and Malam_NIM_Nama.rar

Make a report according to the instructions, then upload it to elera.stmikelrahma.ac.id.

CHAPTER V - CONCLUSION AND SUGGESTIONS

5.1 Conclusion

Based on the results of the experiments that have been carried out, it can be concluded that:

  • As an Informatics Engineering student, I have come to understand more or less about the CTF workflow/scenario.
  • As a student, I understand what encryption is, the implementation of encryption and how to describe it.
  • As a student, I understand what Steganography is, the implementation of Steganography and how to find out the secret message.
  • As a student, I understand what malware is and how to analyze malware.
  • As a student, I understand what Computer Network Traffic is and how to Analyze Computer Network Traffic.

5.2 Suggestions

Based on the experience I have gained from my journey working on this UAS, it would be good to create a simple lab or a simple laboratory with a special environment, to carry out analysis of various kinds of viruses.

Out of 30 points, I only got 20 points. Here is my answer:

A hacker embeds a virus into an application that is commonly downloaded by the target victim, or uses a virus embedded in a file attachment that is emailed to the victim, so that when the victim responds by clicking/opening/downloading the file, the virus is automatically executed/run so that it infects the system on the PC being used.

The answer above only got a score of 80% so it can be said to be less accurate, therefore, I suggest using the following answer, I quote from [1]:herugan.

Malware is a destructive device derived from the word malicious and software is software created to infiltrate or damage a computer system, server or computer network without the owner's permission. This term is a general term used by computer experts to mean various types of software or software code that is disruptive or disturbing.

  1. When you visit an infected web page (on someone else's site, not your own site) that has a lot of viruses on your personal computer or a site that displays pop-ups to open or download on the pop-up. Then it is very likely that your computer will be attacked by a virus.
  2. Sending username and password to a server controlled by the "hacker".
  3. Hackers create automatic FTP connections to your server and download any HTML or PHP files they find.
  4. The hackers then modify the files to add HTML code (an "iframe" tag) that spreads the virus, then upload the modified files back to the server.
  5. Your site starts spreading viruses to new victims.
  6. Within a few days, your site will be marked as "This site may be harmful to your computer" on Google, causing the number of visitors to drop drastically.

How to Counter Malware Type Attacks?

From 20 points, getting 20 points can be said to be accurate, here is my answer:

  1. Install antivirus and always update it
  2. Never auto login to an unclear site/application.
  3. Never sign up / register on a site without additional security such as SSL (Secure Socket Layer) which is characterized by using https instead of http.
  4. Never play crack / pirated software.
  5. Never download illegal content.

Reference

[1]  https://www.herugan.com/how-cara-kerja-malware-dan-cara-mengatasinya

Basic Stages of Hacking Process

Basic Hacker Methodology

  1. Reconnaissance (Active or Passive)
  2. Exploitation
  3. Privilege Elevation
  4. Establish Persistence
  5. Extract Data
  6. Cover Your Tracks

However, the 6-point answer above only gets a score of 50%, so I suggest using the following Alternative answer, which I quoted from binushacker.net, but I apologize for the #UNKNOWN assessment, because it has not been evaluated.

  1. Information Gathering
  2. Network Mapping
  3. Vulnerability Identification
  4. Penetration
  5. Gaining Access & Privilege Escalation
  6. Enumerating Further
  7. Compromising Remote Users/Sites
  8. Maintaining Access
  9. Covering Tracks.

Source:

http://www.binushacker.net/hacking-penetration-testing-concept.html

BIBLIOGRAPHY

Wicaksono PA, 2009, Encryption Using RSA Algorithm, Journal, Informatics Engineering, School of Electrical Engineering and Informatics, Bandung Institute of Technology.  http://informatika.stei.itb.ac.id/~rinaldi.munir/Matdis/2008-2009/Makalah2008/Makalah0809-010.pdf , accessed January 12, 2018.

Utomo, TP, 2015, Image Steganography With Least Significant Bit Method For Communication Protection In Online Media, Journal, Informatics Engineering Faculty of Science and Technology, UIN Sunan Gunung Djati, Bandung.  http://jumadi.blog.ugm.ac.id/files/2012/05/trip.pdf , accessed January 12, 2018.

Setiawan, FGND, Ijtihadi, RM, Studiawan, H., 2017, Malware Detection in Web Application Environment with Document Categorization, Journal, Informatics Engineering, Faculty of Information Technology, Sepuluh Nopember Institute of Technology (ITS), Surabaya.  http://ejurnal.its.ac.id/index.php/teknik/article/view/22163/3460 , accessed January 12, 2018.

Rosnelly R., Pulungan R., 2011, Comparing Data Traffic Analysis on Computer Networks Between Wireshark and NMAP, Journal, Postgraduate Program in Computer Science UGM, Yogyakarta.  http://pulungan.staff.ugm.ac.id/pubs/RP-KNSI-11.pdf , accessed January 12, 2018.

Anonymous, Malware Analysis in pdf, 2017,  http://julismail.staff.telkomuniversity.ac.id/analisa-malware-di-pdf/ , accessed January 12, 2018.

Prof. Richardus Eko Indrajit, Malware Analysis,  https://idsirtii.or.id/doc/IDSIRTII-Artikel-MalwareAnalysis.pdf , accessed 12 January 2018.

Sam Gib, A self-learner at Stackexchange, How do I encrypt and decrypt an image using RSA algorithm?, 2016,  https://www.quora.com/How-do-I-encrypt-and-decrypt-an-image -using-RSA-algorithm , accessed January 12, 2018.

Anonymous, Downloads HxD (Hexa Editor), 2009,  https://mh-nexus.de/en/downloads.php?product=HxD , accessed January 12, 2018.

Dendhy Mahendra, Malware Analysis on Linux,  http://www.academia.edu/8299153/Analisa_Malware_pada_Linux , accessed January 12, 2018.

Dedy Hariyadi, Malware Analysis on Android Using AMOS, 2014,  https://milisdad.blogspot.co.id/2014/09/analisa-malware-di-android-menggunakan.html , accessed January 12, 2018.

Anonymous, How to recover corrupted 7z archive,  http://www.7-zip.org/recover.html  accessed 12 January 2018.

Anonymous, Decompiler tools,  http://www.javadecompilers.com/ , accessed January 12, 2018.

Uğur Cihan KOÇ, Introduction to Android Malware Analysis,  https://www.exploit-db.com/docs/english/33093-introduction-to-android-malware-analysis.pdf , accessed January 12, 2018.

Anonymous, Free Web Service Virus Analizer, 2004,  https://www.virustotal.com , accessed January 12, 2018.

Anonymous, Identifying a Host on The Network, 2013,  http://www.malware-traffic-analysis.net/2013/09/21/index.html , accessed January 12, 2018.

DOWNLOAD MATERIALS


Post a Comment

Previous Next

نموذج الاتصال