En este caso se les presenta a los contendientes un archivo infectado y ellos a partir de éste deben indicar (copio textual de la página):
- Describe your malware lab.
- What information can you gather about the malware without executing it?
- Is the malware packed? If so, how did you determine what it was?
- Describe the malware's behavior. What files does it drop? What registry keys does it create and/or modify? What network connections does it create? How does it auto-start, etc?
- What type of command and control server does the malware use? Describe the server and interface this malware uses as well as the domains and URLs accessed by the malware.
- What commands are present within the malware and what do they do? If possible, take control of the malware and run some of these commands, documenting how you did it.
- How would you classify this malware? Why?
- What do you think the purpose of this malware is?
Bonus questions: (These questions are not required to be answered but could be used to break a tie for prizes.)
- Is it possible to find the malware's source code? If so, how did you do it?
- How would you write a custom detection and removal tool to determine if the malware is present on the system and remove it?
Descargar informa aquí
Pueden encontrar más informes acá.
PS: La respuesta a la consigna uno nos lleva a algo que ya vimos ;)
PS2: A pesar del hermoso y detallado trabajo que observamos Emre no gano nada por residir fuera de EEUU.
Link oficial: http://www.malwarechallenge.info
Saludos, Leer más...