Cloud-Based Malware

I noticed you had the DFC 640 posted. I was wondering if you’ve completed it? Did the Lab, but trying to figure out how to fill the report out correctly.

Anonymous

In this Project you will be conducting a digital forensics examination for suspected malware. Your examination will consist of two parts.

Part 1

In Part 1 you will watch a video of a malware forensics examiner using a cloud-based malware analysis tool. The video will illustrate the examiner’s steps taken to scan the suspected malware using a cloud-based tool.

The examiner will generate a preliminary report analysis from the scan performed in the video mentioned above for your review and summary.

Part 2

In Part 2, you will click or open the examiner’s provided “Virustotal.com analysis link” below to review the analysis report and write a digital forensics summary report.

https://www.virustotal.com/en/file/1d52303aa9827d2…

Review the analysis report findings by clicking on the various tabs “Analysis, File Detail, and Additional Information.”

After reviewing the separate tab information, write a Digital Forensics Summary Report answering the following questions:

Digital Forensics Summary Report

Analysis Tab:

Identify and list the first five malware files that were analyzed in the report

Identify and list the associated malware file names listed in the “result” column for each malware file you identified above

File Detail Tab:

Identify the file name

Identify the file type

Identify the executable file name

Identify the type of file hash shown for the file name you have identified above in this tab section

Identify the date and time of the malware file detection

Identify the malware file detection ratio

Identify the file extension

Identify the number of directories associated with the malware file

Identify the modification date

Additional Information Tab:

Identify the MD5 hash value

Identify the file size