As Sobari, Yusuf Shalahuddin Al Ayyubii (2018) Analisa Forensik Pada Aplikasi Re-Loader Activator 2.6 By R@1N Menggunakan Teknik Windows Live Forensics Dan Dinamic Malware Analysis (Studi Kasus : Microsoft Windows 7). Undergraduate thesis, Institut Teknologi Sepuluh Nopember.
Preview |
Text
05211240000172-Undergraduate_Theses.pdf - Accepted Version Download (5MB) | Preview |
Abstract
Salah satu dampak dari penggunaan software bajakan adalah ancaman terinfeksi malicious software (malware) yang sangat merugikan pengguna. Microsoft Windows menjadi software yang paling banyak dibajak dengan aplikasi Re-loader sebagai aplikasi pembajaknya. Re-loader dapat mengaktifkan Windows layaknya aplikasi resmi namun illegal.
Penelitian ini melihat dampak dari digunakannya Re-loader pada Windows 7 dengan menggunakan analisa Windows secara langsung (Live Windows Analysis) dan analisa malware dinamis (Dynamic Malware Analysis). Kemudian, Chain of Custody (CoC) digunakan untuk menangani barang bukti. Penelitian ini juga membuat Indicators of Compromise (IoC) untuk mendeteksi penggunaan Re-loader pada perangkat lain dan juga sebagai barang bukti.
Setelah dilakukan penelitian, Re-loader membawa malware yang cukup berbahaya. Re-loader juga meninggalkan 4 file prefetch yang dapat digunakan sebagai barang bukti. IoC yang dibuat berdasarkan barang bukti juga dapat mendeteksi Reloader pada perangkat yang berbeda. =============== One impact of the use of pirated software is the threat of infected by malicious software (malware) that is very detrimental to the user. Microsoft Windows became the most heavily hijacked software with Re-loader app as its hijacker app. Re-loaders can easily activate Windows so it can be used like an official but illegal application.
This study looks at the impact of using Re-loader on Windows 7 by using Windows Live analysis and dynamic malware analysis. Then, Chain of Custody (CoC) is used to handle the evidence. This study also makes Indicators of Compromise (IoC) to detect the use of Re-loader on other devices and also as evidence that someone has done piracy of Windows 7.
After doing research, Re-loader does carry dangerous malware. The re-loader also leaves 4 prefetch files that can be used as evidence. IoC made on the basis of evidence can also detect Re-loaders on different devices.
Item Type: | Thesis (Undergraduate) |
---|---|
Uncontrolled Keywords: | Digital Forensics, Dynamic Malware Analysis, Indicators of Compromise, Live Windows Forensics, Malware |
Subjects: | Q Science > QA Mathematics > QA76.9.A25 Computer security. Digital forensic. Data encryption (Computer science) T Technology > T Technology (General) > T58.5 Information technology. IT--Auditing |
Divisions: | Faculty of Information and Communication Technology > Information Systems > 57201-(S1) Undergraduate Thesis |
Depositing User: | Yusuf Shalahuddin Al Ayyubi As Sobari |
Date Deposited: | 18 Oct 2018 04:46 |
Last Modified: | 09 Nov 2020 09:29 |
URI: | http://repository.its.ac.id/id/eprint/52701 |
Actions (login required)
View Item |