Q2. Explain signature-based malware techniques.

This is question 2 (7 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

Malware Analysis | B.E. Semester VII Winter 2024 | GTU Papers

Q: Q1. What are the goals of malware analysis? Explain in brief.

This is question 1 (3 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

Q: Q1. List out some of the malicious actions performed by malware.

This is question 1 (4 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

Q: Q1. Define the following terms: (1) Virus (2) Worm (3) Rootkit (4) Trojan (5) Botnet (6)Spyware (7) Information stealer

This is question 1 (7 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

Q: Q2. What is the role of dynamic link libraries in malware analysis?

This is question 2 (3 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

Q: Q2. Explain PE Headers and Sections in detail with suitable figures.

This is question 2 (4 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

Q: Q3. Explain any five common DLL files functionalities.

This is question 3 (3 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

Q: Q3. How does OllyDbg is applicable to analyze malware? Explain with suitable example.

This is question 3 (4 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

Q: Q3. What hex values "Magic" field in Optional header is set to? How to determine total size of header in Disk? Explain with suitable example.

This is question 3 (7 marks) from the GTU Malware Analysis BE Winter 2024 question paper. Subject code: 3174506.

What are the goals of malware analysis? Explain in brief.

[3 marks]

List out some of the malicious actions performed by malware.

[4 marks]

Define the following terms: (1) Virus (2) Worm (3) Rootkit (4) Trojan (5) Botnet (6)Spyware (7) Information stealer

[7 marks]

What is the role of dynamic link libraries in malware analysis?

[3 marks]

Explain PE Headers and Sections in detail with suitable figures.

[4 marks]

Why is it necessary to perform malware analysis? Give the reasons.

[7 marks]

Explain signature-based malware techniques.

[7 marks]

Explain any five common DLL files functionalities.

[3 marks]

How does OllyDbg is applicable to analyze malware? Explain with suitable example.

[4 marks]

What hex values "Magic" field in Optional header is set to? How to determine total size of header in Disk? Explain with suitable example.

[7 marks]

Explain Kernel Vs User mode debugging.

[3 marks]

Explain the level of abstraction in malware analysis.

[4 marks]

How ransomware works? How to apply prevention mechanism to defend ransomware attacks?

[7 marks]

List the IDA Pro functionalities.

[3 marks]

Explain Windows API concepts with respect to malware analysis.

[4 marks]

How to extract Indicators of Compromise (IOCs) from Malware using Basic Static Analysis? Explain with suitable example.

[7 marks]

Distinguish Hook Injection Vs. APC Injection.

[3 marks]

How does malware establish persistence? Analyze the Pegasus malware persistence in detail and write down the type of information being targeted with CVE details.

[4 marks]

Differentiate static and dynamic analysis. Why does malware analyst need to perform dynamic analysis?

[7 marks]

Explain the analysis of malicious Windows programs.

[3 marks]

Explain android malware characterization in brief.

[4 marks]

Give the name of two different tools that you would use as a malware analyst which is being used in different phases of malware analysis. Explain these tools with features and characteristics.1

[7 marks]

Why Emotet malware is considered as most dangerous malware in the World?

[3 marks]

Which attack vectors were applied by the hackers to deliver the Emotet malware? Explain in brief.

[4 marks]

Define polymorphic malware and metamorphic malware. Differentiate both with suitable example.

[7 marks]

Malware Analysis — Winter 2024

Questions25