7. Beacons


To make the malware run properly, open Process Explorer and kill the vmx32to64.exe process. Then delete this file:


Run the Malware

Run the beacon.exe sample and capture its beacons.

If you are using the Win 2008 VM I handed out, beacon.exe is in the Documents folder. If you are using some other machine, download beacon.7z and unzip it with the password:

Find the domain name of the Command and Control server the beacons are sent to. Use the form below to put your name on the WINNERS PAGE.
Your Name:
Domain name (like this: www.aol.com):

Posted 6-27-17
Title changed 5-6-18 11:38 am
Font changed 1-7-19