|
3
|
Lab Triage 1-4
|
154febc33163936960440ccf1481205b6192054e029bc8826966dc658e5c83e8
|
|
This is a ZIP archive with all samples needed in Lab 1-4 of Section 3.
|
|
|
4
|
Lab Wrapped files 1-4
|
2c55d6bae3a834e6741c016ccb80821b54f51b7e39fddb353a81ea66015dc9a0
|
|
ZIP archive with wrapped files for use in the lectures Lab wrapped files 1-4
|
|
|
4
|
Lab Installers 1-4
|
dfc49d090793a08bef805099e05833b3cb7c8314e3088718d5b014c891240590
|
|
The ZIP archive contains various installers for the lectures Lab Installers 1-4…
|
|
|
5
|
ASEPs
|
a3e41ea1d20fa2fcaf266155bf5c8195768f33e4688f0d13d18c58e25c599356
|
|
The disinfector trainer applies fixed or random ASEPs to the system, depending …
|
|
|
6
|
Lab PE 1-4
|
f80e8a6641b4d055cdb0686cb689b152cddb7d5aef28bc12f7ae609fa324c6d3
|
|
This is the Portable Executable file name portex1 used in Section 6 Portable Ex…
|
|
|
6
|
Portable executable exercise
|
bf942fda5040f494485d4cc2bfc4004ea66b99ac04619664f722b01026906375
|
|
This sample is named portex2 and used in the Portable Executable exercise as we…
|
|
|
7
|
Lab diffing 1-3
|
ff722421f73b8341d37317aa0aad7c0c98f264883308d234ef3d85716801a340
|
|
The publisher's website contained two different download links, but the hash of…
|
|
|
7
|
Lab diffing 1-3
|
f6c9db87b8103f27549e1ec86e603877ce10a2df4a3abf1f6f80dd7c5bee3e20
|
|
The publisher's website contained two different download links, but the hash of…
|
|
|
8
|
Lab report writing 1-4
|
c0b7af1dd476effd0697ffac71c1124d3f086d88945c57cc45096d712e6386cb
|
|
This is the blink.jpg.zip, it contains interesting metadata.
|
|
|
8
|
Lab report writing 1-4
|
148914b6c64c51130a42159e4100e6eb670852901418d88c1c0383bf0cd1e339
|
|
This is the hide_binary.zip. It does something together with the blink.jpg
|
|
|
8
|
Assignment SteamHide
|
b41868a6a32a7e1167f4e76e2f3cf565b6c0875924f9d809d889eae9cb56a6ae
|
|
This is the SteamHide FinalMalware.exe that we extracted from the ICC profile.
|
|
|
9
|
Lab finding main 1-2
|
cecd9bd33cfff56d834909c5b0b033f9bcd77bed6920faf727cbac5acd257937
|
|
Contents:
* Hello.exe
* Hello_Debug.exe
* Hello_MinGW.exe
* Hello_Release…
|
|
|
10
|
Lab x64dbg 1-5
|
cecd9bd33cfff56d834909c5b0b033f9bcd77bed6920faf727cbac5acd257937
|
|
Contents:
* Hello.exe
* Hello_Debug.exe
* Hello_MinGW.exe
* Hello_Release…
|
|
|
10
|
Lab ASLR 1-2
|
cecd9bd33cfff56d834909c5b0b033f9bcd77bed6920faf727cbac5acd257937
|
|
Contents:
* Hello.exe
* Hello_Debug.exe
* Hello_MinGW.exe
* Hello_Release…
|
|
|
11
|
Lab legion ransomware 1-7
|
ed7a360f6e983587c4fa7da124a3ce847a963cc1352322405cf50171cc94c247
|
|
legionsample.zip contains the ransomware binary. Follow the videos in the cours…
|
|
|
11
|
Lab legion ransomware 1-7
|
6d9c14a1fd30da25fc3fca59274c2898518159ba4a542b5255534a4a304519b1
|
|
Follow the videos in the course and learn how to find the location of encryptio…
|
|
|
11
|
Lab legion ransomware 1-7
|
a9c0d1d8530d552fe878f8a9f0a89784fc2a74972e80015a573993c2f5193ddd
|
|
encyptedfile.zip contains encryptedfile.png._30-06-2023-23-20-45_$seven_legion@…
|
|
|
11
|
Lab legion ransomware 1-7
|
3f81221fd560ce33aab4539a55381c58ac8547664a86e208ad9d96ce1c7c616d
|
|
legionsample _patched.zip, this sample was patched to allow dynamic analysis. Y…
|
|
|
12
|
Lab Winupack 1-3
|
090cfa9f08efb323b815982e4c46e021887074d1d472125cf53c4aa413b58972
|
|
calc.exe.zip is the standard calc.exe packed with Winupack compressor.
|
|
|
12
|
Lab Poison 1-2
|
0148fc51c824f5bc3d2a745e9143dea1d2ff9d59390a95aea2284beeefa27787
|
|
The executable in Poison.zip was packed with a custom crypter.
|
|
|
12
|
Lab Injector 1-2 and assignment
|
c17eab269a47c9ebd7cceea15c7ec9ff1a49385ce01f554750c3d5638dcf3cc7
|
|
6368d985eb6fe_32c5478d8.exe is a file that we already extracted during the inst…
|
|