X hits on this document

323 views

0 shares

0 downloads

0 comments

113 / 120

Trojan named “Alarm Clock” was written. The Alarm Clock program is a multi-

threaded, console-based application that allows you to interact with it while it continually

checks whether or not to sound the alarm. Obviously, the Alarm Clock program does a

bit more than its advertised function, and the goal of the exercise is to help build

familiarity with the Windows Systinternals tool suite through attempting to figure out

what the additional actions taken by the program are. Keep in mind that malware will not

necessarily accomplish its goals as quickly possible, it may spread out or pace malicious

activity in order to use fewer system resources—helping it stay under the radar of the

user. The user interface of the Alarm Clock application is shown in Fig. 10.3.

+------------------------------------ | Alarm Clock V1.0 +------------------------------------

  • (1)

    Display the current date and time

  • (2)

    Display the alarm date and time.

  • (3)

    Set the alarm date and time.

  • (4)

    Quit.

>> Type an option number and press En

[INFO] The current time is (05/02/09

+------------------------------------ | Alarm Clock V1.0 +------------------------------------

  • (1)

    Display the current date and time

  • (2)

    Display the alarm date and time.

  • (3)

    Set the alarm date and time.

  • (4)

    Quit.

>> Type an option number and press En

>> Specify the alarm date and time... >> The current date and time is (05/0 >> Type the alarm date and time to se

[INFO] Alarm set is successful. Figure 10.3. Console-based UI for the Alarm Clock

105

  • ---------

    +

|

  • ---------

    +

.

ter: 1

13:49:48).

  • ---------

    +

|

  • ---------

    +

.

ter: 3

(mm/dd/yy HH:MM:SS). 2/09 13:49:53). t ==> 05/03/09 08:00:00

example software Trojan.

Document info
Document views323
Page views324
Page last viewedSun Dec 04 18:27:54 UTC 2016
Pages120
Paragraphs2913
Words25794

Comments