Malware analysis hands-on challenge DEVCON20

Table of contents

Welcome, intrepid Security Analyst! Prepare to embark on a thrilling journey into the digital realms, where hidden dangers lurk and only the bravest can prevail. Your quest, should you choose to accept it, is a malware analysis hands-on challenge that will test your skills, wit, and cunning.

Instructions

To help you to analyse the malware sample, try to answer some questions about it. If you are finding a question difficult, reach us out at [email protected] and we’d be happy to provide clarification. The questions and the hash sample will be in this file https://www.senthorus.ch/blog/challenge/challenge-devcon20.txt.

We recommend downloading the sample to an isolated analysis environment.

Before starting

Useful link to build your malware lab:

• https://www.sentinelone.com/labs/building-a-custom-malware-analysis-lab-environment/
• https://zeltser.com/build-malware-analysis-toolkit/
• https://cybersecurity.att.com/blogs/security-essentials/building-a-home-lab-to-become-a-malware-hunter-a-beginners-guide

Write your finding in your analysis report, add your screenshots in appendices to show your methodology.

Don’t hesitate to script with Python to automate your analysis!