Real World Forensics
The three files below are part of a current malware infestation of NAS devices, routers, and even DVRs.
This infestation is quite interesting from many aspects; one quite unusual aspect is exactly how it answers the "Profit!" side of the malware equation.
cmd.so D72BNr mzkk8g
(The above files were provided courtesy of the SANS Institute.)
For extra credit: You can earn up to 3 points on your final grade for the class if you can use a virtual machine under qemu (or equivalent) to study the live execution of any portion of this code. Your write-up should include (at a minimum) a trace of all of the system calls that you manage to see execute.
Your Work Product:
Please turn in your answers to the three above questions via Blackboard. Please submit a PDF file or a text file.
If you do tackle the extra credit section, please clearly label the section "For Extra Credit".