Scribd
Upload
7 views14 pages

LAB8 - Digital Forensics Technology and Practices - WORKSHEET2

The document outlines a lab worksheet focused on digital forensics, specifically malware analysis using tools in Kali Linux. It includes step-by-step instructions for creating and analyzing files, generating hashes, and using VirusTotal for malware detection. The lab emphasizes the importance of understanding malware behavior and detection techniques in cybersecurity and digital forensics practices.

Uploaded by

raymondafuye
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views14 pages

LAB8 - Digital Forensics Technology and Practices - WORKSHEET2

The document outlines a lab worksheet focused on digital forensics, specifically malware analysis using tools in Kali Linux. It includes step-by-step instructions for creating and analyzing files, generating hashes, and using VirusTotal for malware detection. The lab emphasizes the importance of understanding malware behavior and detection techniques in cybersecurity and digital forensics practices.

Uploaded by

raymondafuye
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 14

Lab 8 Worksheet Digital Forensics

Technology and Practices

Table of Contents

Introduction...............................................................................................................................................................2
Screenshot 1 – Creation of Yourname.TXT file...........................................................................................................3
Screenshot 2 – Finding the File Type of the Yourname.TXT file.................................................................................4
Screenshot 3 – Finding the File Type of the Yourname file........................................................................................5
Screenshot 4 – Creation of Yourname.exe file...........................................................................................................6
Screenshot 5 – Get the Hash of the Yourname.exe File.............................................................................................7
Screenshot 6 – Identify the File Type of Yourname.exe.............................................................................................8
Screenshot 7 – Getting the strings of the Yourname.exe File....................................................................................9
Screenshot 8 – Creating Yourname.exe Malware....................................................................................................10
Screenshot 9– Finding the File Type of the Yourname file with .Doc Extension......................................................11
Screenshot 10– Use Virustotal to Analyze Yourname file with .Doc Extension........................................................12
Conclusion...............................................................................................................................................................13
APA References........................................................................................................................................................14

1
Introduction

Students: In the box below, please explain the purpose of doing this lab below and explain
how it is relevant to Computer Forensics.

Introduction
Malware analysis is a crucial aspect of digital forensics, allowing investigators to detect, classify, and analyze
malicious files to understand their behavior and impact. The objective of this lab was to explore file examination
and malware creation techniques using tools in Kali Linux. By analyzing file types, extracting metadata,
generating hashes, and using detection tools like VirusTotal, we gained insights into how digital forensic
experts investigate suspicious files.
This lab is highly relevant to Digital Forensics Technology and Practices because malware investigations are a
key part of cybersecurity incident response and threat intelligence. We used Linux command-line utilities such
as file, md5sum, strings, and msfvenom to manipulate and analyze executable files. Additionally, we explored
how attackers disguise malware by renaming and altering file extensions. These skills are essential for detecting
and mitigating malware threats in enterprise security and law enforcement investigations.

2
Screenshot 1 – Creation of Yourname.TXT file

1. Create a file at the terminal that says hello world and send the output of the file to yourname.txt,
where yourname is your first name. Take a screenshot of sending hello world to your file. The use of
anyone else’s name may result in an academic integrity review by your professor. Please label your
screenshot to receive full credit.

Take a screenshot of the Your Name Text File being Created

Fig1. Screenshot of Beatrice.txt file being Created

3
Screenshot 2 – Finding the File Type of the Yourname.TXT file

2. Use the file command in Linux to identify the file type of the yourname.txt file, where yourname is
your first name. The use of anyone else’s name may result in an academic integrity review by your
professor. Please label your screenshot to receive full credit.

Take a screenshot of using the File Command on the Your Name Text File

Fig2. Screenshot of file command on beatrice.txt

4
Screenshot 3 – Finding the File Type of the Yourname file (no Extension)

3. Use the file command in Linux to identify the file type of the yourname file, where yourname is your
first name. The use of anyone else’s name may result in an academic integrity review by your
professor. Please label your screenshot to receive full credit.

Take a screenshot of using the File Command on the Your Name Text File

Fig3: Screenshot of file type on beatrice

5
Screenshot 4 – Creation of Yourname.exe file

4. Copy nc.exe to yourname.exe, where yourname is your first name. Take a screenshot of listing the
files and folders, including yourname.exe. The use of anyone else’s name may result in an academic
integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of the Your Name. EXE File being Listed

Fig4: Screenshot of beatrice.exe file being listed

6
Screenshot 5 – Get the Hash of the Yourname.exe File

5. Use the md5sum command at the terminal to get the hash of the yourname.exe file. The use of
anyone else’s name may result in an academic integrity review by your professor. Please label your
screenshot to receive full credit.

Take a screenshot of using the md5sum command to get the hash of the Yourname. EXE File

Fig 5: Screenshot of using md5sum command to get the hash of the Beatrice.exe

7
Screenshot 6 – Identify the File Type of Yourname.exe

6. Use the file command at the terminal to identify the file type of the yourname.exe file. The use of
anyone else’s name may result in an academic integrity review by your professor. Please label your
screenshot to receive full credit.

Take a screenshot of using the File Command to Identify the Your Name. EXE File

Fig 6: Screenshot of using the File Command to identify Beatrice.exe file

8
Screenshot 7 – Getting the strings of the Yourname.exe File

7. Use the strings command at the terminal to get information about the contents of the
yourname.exe file. The use of anyone else’s name may result in an academic integrity review by
your professor. Please label your screenshot to receive full credit.

Take a screenshot of using the Strings Command to get information about the Your Name. EXE File

Fig7: Screenshot of using the Strings Command to get information about Beatrice.exe
file

9
Screenshot 8 – Creating Yourname.exe Malware

8. Use the msfvenom command at the terminal to create malware called yourname.exe. The use of
anyone else’s name may result in an academic integrity review by your professor. Please label your
screenshot to receive full credit.

Take a screenshot of using the msfvenom Command to get create the Your Name. EXE File

Fig8: Screenshot of using the msfvenon command to get create the Beatrice.exe file

10
Screenshot 9– Finding the File Type of the Yourname file with .Doc Extension

9. Use the file command in Linux to identify the file type of the yourname file with a .doc extension,
where yourname is your first name. The use of anyone else’s name may result in an academic
integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of using the File Command on the Your Name File with the .Doc Extension

11
Screenshot 10– Use Virustotal to Analyze Yourname file with .Doc Extension

10. Use the virustotal website to analyze the yourname file with a .doc extension, where yourname is
your first name. The use of anyone else’s name may result in an academic integrity review by your
professor. Please label your screenshot to receive full credit.

Take a screenshot of the using virustotal on the Your Name File with the .Doc Extension

Fig10: screenshot showing using virustotal on the Beatrice.doc extension

12
Conclusion

Students: In the box below, please explain the purpose of doing this lab below and explain
how in is relevant to Digital Forensics Technology and Practices. Highlight any new learning
that occurred while doing this lab.
Hint: Discuss tools and commands used in the lab.

Conclusion
This lab provided hands-on experience in malware analysis and forensic techniques, highlighting how malicious
files can be identified, manipulated, and investigated. By using file identification tools, hashing algorithms, and
online scanning services like VirusTotal, we were able to analyze the properties of executable files and detect
signs of malware. We also learned how cybercriminals disguise malware by changing file extensions, making it
more challenging for traditional antivirus solutions to detect threats.

The practical experience gained in this lab reinforces the importance of digital forensics in cybersecurity
investigations. Understanding how malware operates and how to detect it is crucial for forensic analysts,
cybersecurity professionals, and incident responders. This knowledge helps organizations defend against cyber
threats by identifying malicious files, preventing infections, and improving threat intelligence.

13
APA References

Students: Please list at least 5 relevant APA References.


1. Crossley, D. (2021). What to do if you find a dodgy file and don’t know what to do. Retrieved from
https://crossleydan.medium.com/what-to-do-if-you-find-a-dodgy-file-and-dont-know-what-to-do-
343694a5b122

2. Cybersecurity & Infrastructure Security Agency (CISA). (n.d.). VirusTotal and malware analysis tools.
Retrieved from https://www.cisa.gov/resources-tools/services/virustotal
3. Razak, M. F. A., Anuar, N. B., Salleh, R., & Firdaus, A. (2016). The rise of “malware”: Bibliometric

analysis of malware study. Journal of Network and Computer Applications, 75, 58–76.

https://doi.org/10.1016/j.jnca.2016.08.022

4. TechTarget. (n.d.). What is malware? Retrieved from


https://www.techtarget.com/searchsecurity/definition/malware
5. ScienceDirect. (n.d.). Malware analysis techniques. Retrieved from
https://www.sciencedirect.com/topics/computer-science/malware-analysis

14

You might also like