Analisis Perilaku Malware Dengan Metode Reverse Engineering Pada Ransomware Lockbit 2.0

Auzhan, Fairuz Azhar (2024) Analisis Perilaku Malware Dengan Metode Reverse Engineering Pada Ransomware Lockbit 2.0. Other thesis, Insitut Teknologi Sepuluh Nopember.

Text 5027201059-Undergraduate_Thesis.pdf - Accepted Version Restricted to Repository staff only until 1 October 2026. Download (3MB) | Request a copy

Abstract

Perkembangan pesat teknologi informasi telah membawa banyak manfaat bagi kehidupan manusia, namun juga membuka peluang bagi kejahatan siber yang semakin canggih. Salah satu ancaman siber yang paling meresahkan dalam beberapa tahun terakhir adalah ransomware, khususnya varian LockBit 2.0. Ransomware ini telah menyebabkan kerugian finansial yang signifikan bagi individu, organisasi, dan bahkan pemerintahan di seluruh dunia. Penelitian ini bertujuan untuk menganalisis perilaku malware LockBit 2.0 menggunakan metode reverse engineering. Metode yang digunakan meliputi analisis statis dan dinamis terhadap sampel malware LockBit 2.0. Analisis statis dilakukan menggunakan berbagai perangkat lunak untuk memeriksa struktur file, string, dan kode assembly, sementara analisis dinamis dilakukan dalam lingkungan terisolasi untuk mengamati perilaku malware saat dijalankan. Hasil penelitian menunjukkan bahwa LockBit 2.0 memiliki karakteristik yang membuat malware ini sangat berbahaya, seperti kemampuan mendeteksi lingkungan pengujian, mekanisme enkripsi yang kuat, manipulasi regitry pada windows, meminta tebusan uanguntuk mendapatkan kunci enkripsinya dan penyebaran otomatis diwindows secara cepat teknik yang digunakan LockBit 2.0 untuk menghindari deteksi dan analisis, termasuk penggunaan packer, obfuskasi kode, dan teknik anti-debugging.
======================================================================================
The rapid advancement of information technology has brought numerous benefits to human life, but it has also created opportunities for increasingly sophisticated cybercrimes. One of the most alarming cyber threats in recent years is ransomware, specifically the LockBit 2.0 variant. This ransomware has caused significant financial losses to individuals, organizations, and even governments worldwide. This research aims to analyze the behavior of LockBit 2.0 malware using reverse engineering methods. The methods employed include both static and dynamic analysis of LockBit 2.0 malware samples. Static analysis is conducted using various software tools to examine file structure, strings, and assembly code, while dynamic analysis is performed in an isolated environment to observe the malware's behavior when executed. The research findings indicate that LockBit 2.0 possesses characteristics that make it highly dangerous, such as its ability to detect testing environments, strong encryption mechanisms, manipulation of the Windows registry, ransom demands for decryption keys, and rapid automatic propagation in Windows. This study also reveals the techniques used by LockBit 2.0 to evade detection and analysis, including the use of packers, code obfuscation, and anti-debugging techniques.

Item Type:	Thesis (Other)
Uncontrolled Keywords:	Analisis Malware, Keamanan Siber, LockBit 2.0, Ransomware, Reverse Engineering =================================================================================== Malware Analysis, Cyber Security, LockBit 2.0, Ransomware, Reverse Engineering
Subjects:	T Technology > T Technology (General)
Divisions:	Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Information Technology > 59201-(S1) Undergraduate Thesis
Depositing User:	Fairuz Azhar Auzan
Date Deposited:	02 Aug 2024 20:58
Last Modified:	02 Aug 2024 20:58
URI:	http://repository.its.ac.id/id/eprint/112848

Actions (login required)

View Item