Σχεδιασμός & υλοποίηση επιβλαβούς λογισμικού με ενσωμάτωση anti-analysis μηχανισμών
KeywordsΕπιβλαβές λογισμικό ; Μηχανισμοί προστασίας ανάλυσης ; Αντιικά ; Ασφάλεια ηλεκτρονικών υπολογιστών ; Computer security ; Malware ; Anti-Analysis ; Antivirus ; Packing
This master thesis focuses on the problem of malware software development through the utilization of anti-Analysis mechanisms in the context of the Windows operating system. In particular, this study emphasizes on the designing and implementation processes of Ransomware-type malware software. This type of malware software, after being successfully executed, encrypts all user files in a target-folder by employing the AES (Advanced Encryption Standard) symmetric key encryption algorithm and subsequently sends the encryption key to a remote server. Moreover, extended research has been conducted on a wide range of anti-Analysis mechanisms such as protection against Debuggers and Disassemblers, or the avoiding of Virtual Machines, Sandboxes & AV machines. Furthermore, several additional protection mechanisms have been developed in the broad spectrum of anti-Analysis. The aforementioned protection mechanisms have been incorporated within the implemented malware software rendering it resilient to similar static and dynamic analysis tests. The overall efficiency of the proposed implementation has been justified through a series of experimental tests that have been conducted within the context of malware software analysis.