毕业论文恶意代码分析实例.docx
- 文档编号:27076682
- 上传时间:2023-06-26
- 格式:DOCX
- 页数:35
- 大小:575.78KB
毕业论文恶意代码分析实例.docx
《毕业论文恶意代码分析实例.docx》由会员分享,可在线阅读,更多相关《毕业论文恶意代码分析实例.docx(35页珍藏版)》请在冰豆网上搜索。
毕业论文恶意代码分析实例
【毕业论文】恶意代码分析实例
恶意代码实例分析
2011年5月
1
1虚拟环境及所用软件介绍................................................................1
1.1虚拟环境介绍......................................................................................................1
1.1.1VmwareWorkstation7.1.4........................................................................1
1.1.2GostXPSP3装机版YN9.9.....................................................................1
1.2检查软件介绍.....................................................................................................1
1.2.1ATool1.0.1.0.............................................................................................1
1.2.2Regmon7.04汉化版................................................................................1
1.2.3FileMon7.04汉化版................................................................................2
1.2.4TCPView3.04...........................................................................................2
1.2.5procexp.exe..............................................................................................2
1.2.6IceSword1.22中文版..............................................................................2
2木马冰河分析与检测......................................................................3
2.1木马冰河V2.2介绍............................................................................................32.2样本分析............................................................................................................3
2.2.1进程监测..................................................................................................3
2.2.2文件监测..................................................................................................3
2.2.3注册表监测...............................................................................................4
2.2.4系统通信端口监测.....................................................................................52.3样本外部特征总结..............................................................................................52.4木马清除方法.....................................................................................................5
3xueranwyt.exe木马分析与监测.....................................................7
3.1木马xueranwyt.exe介绍....................................................................................73.2样本分析............................................................................................................7
3.2.1进程监测...................................................................................................7
3.2.2文件监测..................................................................................................7
3.2.3注册表监控...............................................................................................8
3.2.4端口监测..................................................................................................83.3样本外部特征总结..............................................................................................83.4解决方案............................................................................................................9
42.exe木马分析与监测..................................................................10
4.1木马样本2.exe介绍.........................................................................................104.2样本分析..........................................................................................................10
4.2.1进程监控................................................................................................10
4.2.2文件监控................................................................................................10
4.2.3注册表监控.............................................................................................11
4.2.4端口检测................................................................................................114.3样本外部特征总结............................................................................................124.4解决方案..........................................................................................................12
2
5红蜘蛛样本分析与检测..............................................................13
5.1样本介绍..........................................................................................................135.2样本分析..........................................................................................................13
5.2.1进程检测................................................................................................13
5.2.2文件检测................................................................................................13
5.2.3注册表监控.............................................................................................14
5.2.4端口监控................................................................................................145.3样本外部特征总结............................................................................................145.4解决方案..........................................................................................................15
6031gangsir.ch.exe样本分析........................................................16
6.1样本介绍..........................................................................................................166.2样本分析..........................................................................................................16
6.2.1进程监控................................................................................................16
6.2.2文件监控................................................................................................16
6.2.3注册表监控.............................................................................................17
6.2.4端口监控................................................................................................176.3样本特征总结...................................................................................................176.4解决方案..........................................................................................................18
7015gangsir.CN.exe样本监测与分析............................................19
7.1样本简介..........................................................................................................197.2样本分析..........................................................................................................19
7.2.1进程监控................................................................................................19
7.2.2文件监控................................................................................................19
7.2.3注册表监控.............................................................................................20
7.2.4端口监控................................................................................................207.3样本外部特征总结............................................................................................207.4解决方案..........................................................................................................21
8027gangsir.CN.exe样本监测与分析............................................22
8.1样本信息介绍...................................................................................................228.2样本分析..........................................................................................................22
8.2.1进程监控.................................................................................................22
8.2.2文件监控................................................................................................22
8.2.3注册表监控.............................................................................................22
8.2.4端口监控................................................................................................238.3样本外部特征总结............................................................................................238.4解决方案...........................................................................................................24
9050gangsir.CN.exe样本分析与监测............................................25
9.1样本简介..........................................................................................................259.2样本分析..........................................................................................................25
3
9.2.1进程监控................................................................................................25
9.2.2文件监控................................................................................................25
9.2.3注册表监控.............................................................................................26
9.2.4端口监控................................................................................................269.3样本外部特征总结............................................................................................269.4解决方案..........................................................................................................26
10.....................................................................................................27
10.1样本简介........................................................................................................2710.2样本分析........................................................................................................27
10.2.1进程监控..............................................................................................27
10.2.2文件监控..............................................................................................27
10.2.3注册表监控...........................................................................................28
10.2.4端口监控.............................................................................................
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 毕业论文 恶意代码 分析 实例