UC-30 Malware Analysis Using Reverse Engineering

Cybercrimes are a billion-dollar industry that is rapidly growing by the day. One of the biggest threats faced by companies is the infection of malware. New forms of malware are created daily and ever evolving to evade detection methods. Understanding how malware infects your system and how it eludes detection is crucial to keeping a company\u27s network and devices safe. During this project we will be using reverse engineering methods to better understand the functionality of malware, as well as how it eludes detection. We will be using IDAPro and WiDbg to perform the reverse engineering. Using this knowledge, we will create a set of security standards to help companies to protect themselves from these infections. We will also create a document on how to secure a virtual machine for malware analysis. This will help future students who also are interested in analyzing malware themselves. Our preliminary results include understanding some of the most used forms of malware evasion techniques. These techniques include stalling delays, which is when a piece of malware remains idle to defeat time-based antivirus scans. Another technique is action required delays, which is when a piece of malware will only execute once an action or group of actions are performed this will trigger the malware to execute. Another way that malware is able to evade detection is fragmentation. In this technique the malware will split into multiple different fragments, which alone do not raise flags as suspicious, then rejoin and execute.Advisors(s): Dr. Hossain ShahriarTopic(s): SecurityIT 498

Photochemistry of Furyl- and Thienyldiazomethanes: Spectroscopic Characterization of Triplet 3-Thienylcarbene

Photolysis (λ \u3e 543 nm) of 3-thienyldiazomethane (1), matrix isolated in Ar or N2 at 10 K, yields triplet 3-thienylcarbene (13) and α-thial-methylenecyclopropene (9). Carbene 13 was characterized by IR, UV/vis, and EPR spectroscopy. The conformational isomers of 3-thienylcarbene (s-E and s-Z) exhibit an unusually large difference in zero-field splitting parameters in the triplet EPR spectrum (|D/hc| = 0.508 cm–1, |E/hc| = 0.0554 cm–1; |D/hc| = 0.579 cm–1, |E/hc| = 0.0315 cm–1). Natural Bond Orbital (NBO) calculations reveal substantially differing spin densities in the 3-thienyl ring at the positions adjacent to the carbene center, which is one factor contributing to the large difference in D values. NBO calculations also reveal a stabilizing interaction between the sp orbital of the carbene carbon in the s-Z rotamer of 13 and the antibonding σ orbital between sulfur and the neighboring carbon—an interaction that is not observed in the s-E rotamer of 13. In contrast to the EPR spectra, the electronic absorption spectra of the rotamers of triplet 3-thienylcarbene (13) are indistinguishable under our experimental conditions. The carbene exhibits a weak electronic absorption in the visible spectrum (λmax = 467 nm) that is characteristic of triplet arylcarbenes. Although studies of 2-thienyldiazomethane (2), 3-furyldiazomethane (3), or 2-furyldiazomethane (4) provided further insight into the photochemical interconversions among C5H4S or C5H4O isomers, these studies did not lead to the spectroscopic detection of the corresponding triplet carbenes (2-thienylcarbene (11), 3-furylcarbene (23), or 2-furylcarbene (22), respectively)

Photochemistry of Furyl- and Thienyldiazomethanes: Spectroscopic Characterization of Triplet 3-Thienylcarbene

Photolysis (λ > 543 nm) of 3-thienyldiazomethane (<b>1</b>), matrix isolated in Ar or N₂ at 10 K, yields triplet 3-thienylcarbene (<b>13</b>) and α-thial-methylenecyclopropene (<b>9</b>). Carbene <b>13</b> was characterized by IR, UV/vis, and EPR spectroscopy. The conformational isomers of 3-thienylcarbene (<i>s</i>-<i>E</i> and <i>s</i>-<i>Z</i>) exhibit an unusually large difference in zero-field splitting parameters in the triplet EPR spectrum (|<i>D</i>/<i>hc</i>| = 0.508 cm^–1, |<i>E</i>/<i>hc</i>| = 0.0554 cm^–1; |<i>D</i>/<i>hc</i>| = 0.579 cm^–1, |<i>E</i>/<i>hc</i>| = 0.0315 cm^–1). Natural Bond Orbital (NBO) calculations reveal substantially differing spin densities in the 3-thienyl ring at the positions adjacent to the carbene center, which is one factor contributing to the large difference in <i>D</i> values. NBO calculations also reveal a stabilizing interaction between the sp orbital of the carbene carbon in the <i>s</i>-<i>Z</i> rotamer of <b>13</b> and the antibonding σ orbital between sulfur and the neighboring carbonan interaction that is not observed in the <i>s</i>-<i>E</i> rotamer of <b>13</b>. In contrast to the EPR spectra, the electronic absorption spectra of the rotamers of triplet 3-thienylcarbene (<b>13</b>) are indistinguishable under our experimental conditions. The carbene exhibits a weak electronic absorption in the visible spectrum (λ_max = 467 nm) that is characteristic of triplet arylcarbenes. Although studies of 2-thienyldiazomethane (<b>2</b>), 3-furyldiazomethane (<b>3</b>), or 2-furyldiazomethane (<b>4</b>) provided further insight into the photochemical interconversions among C₅H₄S or C₅H₄O isomers, these studies did not lead to the spectroscopic detection of the corresponding triplet carbenes (2-thienylcarbene (<b>11</b>), 3-furylcarbene (<b>23</b>), or 2-furylcarbene (<b>22</b>), respectively)

Critical geographies and the uses of sexuality: Deconstructing queer space

10.1177/0309132507085213Progress in Human Geography32189-10