Lab1 Hint

  1. Please download the Linux VM [Link] import it to your VirtualBox
  2. Boot up Linux VM
  3. In Linux VM:
    1. Download the malware_lab_1.zip [Link](password: infected) from our course webiste
    2. Download enum_exports.py [Link]
    3. Unzip the malware_lab_1.zip and make sure the malware sample and the Python script enum_exports.py are in the same folder.
    4. Open a terminal
    5. Type python enum_exports.py 16d6b0e2c77da2776a88dd88c7cfc672 in your terminal, and hit enter key, it should output the following:
    6. Now tweak the Python script (enum_exports.py), read the code and figure out it’s meaning. And some extra codes to implement rules.
    7. P.S. You can check the online documentation of the pefile library for more details [Link]