Open AccessLearning the Basic Strcuture of Several Ransomwares Using Static Analysis Tecgnique
Author(s) -
Amiruddin Amiruddin,
Candra Kurniawan,
Eka Hero Ramadhani,
Julio Rinaldi
Publication year - 2020
Publication title -
iop conference series. materials science and engineering
Language(s) - English
Resource type - Journals
eISSN - 1757-899X
pISSN - 1757-8981
DOI - 10.1088/1757-899x/1007/1/012072
Subject(s) - ransomware , malware , ransom , computer science , malware analysis , static analysis , encryption , computer security , programming language , political science , law
The ransomware can encrypt the files on the victim’s device and then offer a keyword to decrypt them with a ransom of money. Information about the basic structure of ransomware is needed so that an antivirus can detect its presence. To find out the structure of ransomware, static and/or dynamic analysis can be done. In this study, ransomware analysis was performed using static techniques. The choice of static techniques was based on the ease of doing the analysis and also it does not need to run the malware sample being analyzed. The result of the research shows that of the six ransomware samples analyzed, it is known that all of the samples used almost the same structure in the form of imphash, ssdeep, and library and there are even samples come from the same family of ransomware.