Analyze nestle csr initiative plan focuses on society issues
This is a CSR project, and choose to nestle as our company Note: Please give answer on mentioned words (must add intext citation) and required
Project 2: Malware 1 (Phase I)
Malware Analysis (Project 2)
Phase I – Malware 1
You should answer the following questions about Malware 1 with True or False.
Item at position 1
A. Malware sets itself to run whenever Windows starts up
True
False
Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False
Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False
Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called “WinVBS.vbs”
True
False
Item at position 5
.E. Prevents users from accessing registry tools
True
False
Item at position 6
F. Hides all drives on computer
True
False
Item at position 7
G. Prevents users from changing remote administrator settings
True
False
Item at position 8
H. Searches for all possible drives on computer
True
False
Item at position 9
I. Checks for its privileges (this isn’t inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False
Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False
Item at position 11
K. Hooks the mouse
True
False
Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False
Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False
Item at position 14
.N. Retrieves the current user’s username
True
False
Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False
Item at position 16
P. Adds mutex for IPKillerClient malware
True
False
Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False
Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False
Item at position 19
S. Copies potentially malicious files to the device.
True
False
Item at position 20
.T. Adds a malicious cryptographic certificate to the system.
True
False
Project 2: Malware 2 (Phase I)
Malware Analysis (Project 2)
Phase I – Malware 2
You should answer the following questions about Malware 2 with True or False.
Item at position 1
A. Malware sets itself to run whenever Windows starts up
True
False
Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False
Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False
Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called “WinVBS.vbs”
True
False
Item at position 5
E. Prevents users from accessing registry tools
True
False
Item at position 6
F. Hides all drives on computer
True
False
Item at position 7
G. Prevents users from changing remote administrator settings
True
False
Item at position 8
.H. Searches for all possible drives on computer
True
False
Item at position 9
I. Checks for its privileges (this isn’t inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False
Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False
Item at position 11
K. Hooks the mouse
True
False
Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False
Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False
Item at position 14
N. Retrieves the current user’s username
True
False
Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False
Item at position 16
P. Adds mutex for IPKillerClient malware
True
False
Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False
Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False
Item at position 19
S. Copies potentially malicious files to the device.
True
False
Item at position 20
T. Adds a malicious cryptographic certificate to the system.
True
False
Project 2: Malware 3 (Phase I)
Malware Analysis (Project 2)
Phase I – Malware 3
You should answer the following questions about Malware 3 with True or False.
Item at position 1
.
A. Malware sets itself to run whenever Windows starts up
True
False
Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False
Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False
Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called “WinVBS.vbs”
True
False
Item at position 5
E. Prevents users from accessing registry tools
True
False
Item at position 6
F. Hides all drives on computer
True
False
Item at position 7
G. Prevents users from changing remote administrator settings
True
False
Item at position 8
H. Searches for all possible drives on computer
True
False
Item at position 9
I. Checks for its privileges (this isn’t inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False
Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False
Item at position 11
K. Hooks the mouse
True
False
Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False
Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False
Item at position 14
N. Retrieves the current user’s username
True
False
Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False
Item at position 16
P. Adds mutex for IPKillerClient malware
True
False
Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False
Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False
Item at position 19
S. Copies potentially malicious files to the device.
True
False
Item at position 20
T. Adds a malicious cryptographic certificate to the system.
True
False
Project 2: Malware 4 (Phase I)
Malware Analysis (Project 2)
Phase I – Malware 4
You should answer the following questions about Malware 4 with True or False.
Item at position 1
A. Malware sets itself to run whenever Windows starts up
True
False
Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False
Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False
Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called “WinVBS.vbs”
True
False
Item at position 5
E. Prevents users from accessing registry tools
True
False
Item at position 6
F. Hides all drives on computer
True
False
Item at position 7
G. Prevents users from changing remote administrator settings
True
False
Item at position 8
H. Searches for all possible drives on computer
True
False
Item at position 9
I. Checks for its privileges (this isn’t inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False
Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False
Item at position 11
K. Hooks the mouse
True
False
Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False
Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False
Item at position 14
N. Retrieves the current user’s username
True
False
Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False
Item at position 16
P. Adds mutex for IPKillerClient malware
True
False
Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False
Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False
Item at position 19
S. Copies potentially malicious files to the device.
True
False
Item at position 20
T. Adds a malicious cryptographic certificate to the system.
True
False
Project 2: Malware 5 (Phase I)
Malware Analysis (Project 2)
Phase I – Malware 5
You should answer the following questions about Malware 5 with True or False.
Item at position 1
A. Malware sets itself to run whenever Windows starts up
True
False
Item at position 2
B. Malware looks up the computer name (possibly doing some reconnaissance)
True
False
Item at position 3
C. Potentially looks through Microsoft Outlook address book contents
True
False
Item at position 4
D. Creates and executes a Visual Basic Script (VBS) called “WinVBS.vbs”
True
False
Item at position 5
E. Prevents users from accessing registry tools
True
False
Item at position 6
F. Hides all drives on computer
True
False
Item at position 7
G. Prevents users from changing remote administrator settings
True
False
Item at position 8
H. Searches for all possible drives on computer
True
False
Item at position 9
I. Checks for its privileges (this isn’t inherently malicious, but the malware possibly performs some different behaviors if it has the proper permissions to do so)
True
False
Item at position 10
J. Hooks the keyboard (potentially a keylogger)
True
False
Item at position 11
K. Hooks the mouse
True
False
Item at position 12
L. Potentially monitors messages before they appear in a window to the user (possible reconnaissance)
True
False
Item at position 13
M. Communicates with external hosts via IP addresses or domain names, possibly indicative of C2 activity.
True
False
Item at position 14
N. Retrieves the current user’s username
True
False
Item at position 15
O. Adds mutex for Eclipse DDoS malware
True
False
Item at position 16
P. Adds mutex for IPKillerClient malware
True
False
Item at position 17
Q. Adds mutex for DarkDDoSer malware
True
False
Item at position 18
R. Contacts various SMTP servers (possibly for spamming)
True
False
Item at position 19
S. Copies potentially malicious files to the device.
True
False
Item at position 20
T. Adds a malicious cryptographic certificate to the system.
True
False
Project 2: Phase II Dissect some behaviors
Malware Analysis (Project 2)
Phase II
You must answer the following open questions with regard to Phase II. Make sure you follow all of the project write-up instructions to the letter. There will be no credit given for typographical mistakes.
Item at position 1
Type the IP address for Malware 1’s C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 1 type “none” without quotes):
Item at position 2
Type the IP address for Malware 2’s C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 2 type “none” without quotes):
Item at position 3
Type the IP address for Malware 3’s C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 3 type “none” without quotes):
Item at position 4
Type the IP address for Malware 4’s C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 4 type “none” without quotes):
Item at position 5
Type the IP address for Malware 5’s C2 Server in Dot-decimal notation (in case your analysis indicates there is no C2 Server being used by Malware 5 type “none” without quotes):
Item at position 6
External SMTP Servers Identification.
SMTP Servers DNS domain names in a comma- separated list, without spaces:
Project 2 Phase III
Cluster and Classify: 15 points
Upload your final malheur configuration file (config.mlw)
Phase IV Malheur Summary
The solution for this part must be submitted on grapescope.com and see what your autograder score before you send me the solution.