ST6052CEM-Coursework1-Regular_1737685400090

Softwarica College of IT & E-Commerce

ST6052CEM Reverse Engineering

Related Post

CS5071NPProfessionalandEthicalIssuesSpring25MainSitCWQP_08f31e25-c3ca-45ec-8c05-46e300dc52fe_89407_

April 10, 2025

TNE_MGT101 Assessment 2024_5_NEW

April 9, 2025

BM3506 AFS assignment 24_25

April 9, 2025

CC5067NISmartDataDiscoveryY25SpringMainSitCWQP_f89a9efd-1e5c-4f71-a941-825b5d75b874_93472_

April 9, 2025

Assignment Brief 2024/25

50% of the final assessment will be done with a report around 2500 words on Static Analysis of a given malware sample. The malware sample and hash will be provided later.

∙ Scenario:

∙ Scenario Background:

∙ You are a cybersecurity analyst at CyberShield Security Solutions, a firm specializing in incident response and malware analysis. The IT department of TechCorp Ltd. has reported unusual network activity, potentially linked to a malicious executable discovered on one of their servers. They have engaged your company to analyze the binary and provide a detailed report.

∙ Coursework Task:

∙ Objective:

∙ Your task is to conduct a thorough static reverse engineering analysis of the provided binary file. You are to document your findings in a comprehensive report tailored to a non-technical management audience, ensuring that it highlights the key risks and actionable recommendations.

∙ Report Requirements:

∙ Overview:

∙ Provide an executive summary of your findings. Include a brief description of the binary, its origin (if known), and the potential impact on the organization. ∙ File Information:

∙ Detail the file’s properties, including size, hash values, and file signature. Discuss any discrepancies or signs of tampering.

∙ Process Graph:

∙ Illustrate the process graph of the binary, identifying parent-child relationships. Highlight any unusual or suspicious processes.

∙ Initial Analysis:

∙ Conduct a static analysis of the binary. Focus on file signatures, embedded resources, and any detected obfuscation techniques.

∙ Detailed Technical Analysis:

o Import Address Table (IAT) Analysis:

∙ Identify potentially interesting imports in the IAT. Describe their usage within the binary and provide examples of how these functions could be exploited. o Network Behavior:

∙ Analyze the binary’s network behavior. Identify the protocols used, types of connections established, and potential outcomes if the binary were executed in a live environment.

Recommendations:

∙ Based on your analysis, provide actionable recommendations to mitigate the identified risks. Suggest both short-term and long-term strategies.

∙ Conclusion:

∙ Summarize the key points of your report. Reinforce the potential impact of the binary on the organization and the importance of implementing your

recommendations.

∙ Additional Requirements:

∙ Screenshots:

∙ Include relevant screenshots throughout the report to support your findings. ∙ References:

∙ Cite any tools, frameworks, or external resources used during your analysis. The malware for the assignment will be uploaded here: Reverse Engineering

Your report should be a detailed discussion and evaluation of the tools, finding and techniques. As a guide, your paper should be about 2500 words (excluding references).

Care should be taken to ensure that your report is unbiased and accurately referenced using the APA 7^th (Coventry University) referencing system (see attached sheet for an explanation of this and potential sources of help).

Your report should be appropriately sectioned, well-structured and should clearly set out your own analysis and conclusions. Your conclusions should be backed up by well reasoned arguments and should be suitably illustrated with appropriate examples. It is not enough to regurgitate or summarize material found in literature. A reference list must be included at the end of the research paper.

You should submit your paper as a PDF file formatted precisely as specified in the instructions for publication (these instructions are available via Schoolworkspro)

Note:

The Individual Coursework is assessed by module leader that take place at the end of the semester by giving some configuration work in the Lab. Students should attend their allocated slot and can only take the at another time under exceptional circumstances with permission of their Course Director.

1. Students are encouraged to use their own user-defined data structure rather than built-in data structure of given language.

2. You are expected to use the Coventry University APA style for referencing. For support and advice on this, students can contact Centre for Academic Writing (CAW).

3. Please notify your academic services team and module leader for disability support.

4. The college cannot take responsibility for any coursework lost or corrupted on disks, laptops or personal computer. Students should therefore regularly back-up any work and are advised to save it on the cloud based services.

5. If there are technical or performance issues that prevent students submitting coursework through the online coursework submission system on the day of a coursework deadline, an appropriate extension to the coursework submission deadline will be agreed. This extension will normally be 24 hours or the next working day if the deadline falls on a Friday or over the weekend period. This will be communicated via your Module Leader.

Learning Outcomes matrix:

Mark allocation guideline to students

Mark allocation guidelines to students: marking rubric for Coursework 1-Research Report writing (50%)

Pass marks will be awarded for dissatisfactory assessment of the given software, with rudimentary explanation with no use of proper tools and weak reporting skills.

Good marks will be awarded for satisfactory assessment of the given software, with good explanation with use proper tools and proper reporting skills.

Excellent marks will be awarded for comprehensive assessment of the given software, with excellent tooling knowledge, and excellent reporting skills and documentation.

The table below shows the detailed marks breakdown that you can achieve by completing the different aspects of the assignment.