Project Goals

  • Familiarize yourself with the types of behaviors exhibited by real-world malware samples and learn how to safely analyze these behaviors using JoeSandboxCloud.
    • Joe Sandbox detects and analyzes potentially malicious files and URLs across Windows, Android, macOS, Linux, and iOS. It performs in-depth malware analysis and generates comprehensive, detailed reports.
  • Introduce fundamental concepts of malware analysis through hands-on exercises.
    • Work with safe, non-malicious samples to explore static and dynamic analysis techniques.
    • Practice de-obfuscating and executing provided samples to understand their functionality.
    • Submit correct API or network requests to receive flags.

Additional Information:

  • All phases of this project must be submitted through Gradescope.
  • The minimum system requirement is 4 GB RAM for the VM and 8 GB RAM on your host machine.
  • A Frequently Asked Questions (FAQ) page is available for reference.
  • The FAQ will be updated regularly. Therefore, before asking a question, make sure to review the entire FAQ. If your question is not answered there, feel free to post it in the Ed Discussion FAQ thread for this project.

Accessing Project Resources

Setup Instructions (0 points)

  1. Download the VM:
    Obtain the project VM from the Canvas Malware Analysis Assignment page. The same file is linked on both Phase 1 and Phase 2 pages—you only need to download it once.

    ⚠️ The file size is over 9 GB. Download it early—do not wait until the last minute!

  2. System Requirements:
    This VM is designed for x86 (Intel) architecture. Students must use a compatible machine. See the Ed Discussion post on VM troubleshooting if you encounter problems.

  3. Import the VM into VirtualBox:
    Double-click the .ova file to automatically launch the import process via VirtualBox.

  4. Login Credentials:
    Use the username and password provided on Canvas to log in to the VM.

  5. Start the Project Environment:
    Open a Terminal window in the VM and run the following command:

    ./StartContainer.sh

  6. Access the Project Files:
    The container will load all necessary files for the project. Navigate to the appropriate directory before beginning each phase:

    • Phase 1: /home/malware/phase1
    • Phase 2: /home/malware/phase2

Table of contents