$1.$ REPORT: Refer to the links above:

a$)$ Select THREE $(3)$ different malwares from the link provided and study $/$ analyse it $($make certain you select malwares for which you can find the source code, compiled code, or $$ best yet $$ both$).$

b$)$ Set the scene in a small literature review about the type of malware you$$ve selected.

c$)$ Report must include Title page, Table of Contents, Citations $/$ References in APA Harvard style.

$2.$ ANALYSIS: Discuss your findings and investigative steps. You should cover as a minimum the following points:

a$)$ The malware$$s functionality in detail aiming for complete code coverage $($ignoring library functions$).$

b$)$ Details on any remote$-$control infrastructure.

c$)$ Methods to detect$/$control the malware across the network or on the machine.

d$)$ Methods to remove the malware safely. Analysis should include some screenshots showing how the malware was analyse and $($perhaps$)$ used $$ with citations $/$ references in APA Harvard style.

e$)$ Include an abstract after the contents page to highlight salient points

You may assume you are presenting to a technical audience and hence it is expected for you to include explanations of sections of disassembly$/$network traces$/$etc$.$ Remember also that a defence team will have your work verified.

Remember to include some network capture in your investigation. You may come across protocols that you have not used before and if so$,$ you will need to investigate how they work $-$ such as learning what commands can be sent and received

$4$ Final words

Running malware: Do not run malware on your working PC $($it$$s as simple as that$).$ Make certain you have a full backup of the VM you will be working with to study the malware, that HOST ONLY Network is configured, and keep your host computer disconnected from any and all networks during the time you are working with the malware $($depending upon which malware you choose, you may wish to run it to capture network activity$).$

Plagiarism You may very well find analysis and background information on the malware. It is acceptable to use portions of these sources IF they are reliable $/$ high$-$quality sources. It is NOT acceptable to simply copy and paste portions of existing materials concerning this topic $($other than code $$ which you may copy as$-$is$,$ IF it is provided with permission to do so$).$