Questions:

Your organization has encountered ransomware attacks targeting several employees due to vulnerabilities associated with EternalBlue on specific workstations and servers.

The task involves downloading a sample of the ransomware malware and executing dynamic analysis within your controlled VM environment. Ensure all analysis activities are conducted from Kali Linux and Windows VM on Kali. Remember, no copying of the malware sample to a personal computer.

Steps to Perform:

Static Analysis:

Access the "WannaCry" folder within the network.

Conduct basic static analysis on the WannaCry malware.

Take screenshots documenting key findings, including file attributes, behavior, and structure.

Dynamic Analysis:

Use Kali Linux to access the Windows VM$.$

Within the Windows VM on Kali, download the sample ransomware malware.

Run the malware within a controlled environment $($VM$).$

Capture screenshots throughout the dynamic analysis process, documenting its behavior, network activities, and any identifiable changes or actions.

Analysis Report:

Compile all collected screenshots and findings into a document.

Describe the steps taken for both static and dynamic analyses.

Include screenshots highlighting critical phases of analysis, such as file details, execution, system changes, and network activity.

Write a summary outlining the malware's behavior, potential impact, and any identifiable patterns or characteristics.

Submission:

Once the analysis is complete and documented, submit the document for assessment.