Utilizing Capa in Kali Linux for Wannacry Malware Identification and Analysis
DOI:
https://doi.org/10.57235/aurelia.v4i1.4775Keywords:
WannaCry Ransomware, Malware Analysis, Kali Linux, Common Access Platform Assistant (CAPA), CybersecurityAbstract
Purpose: This study aims to analyze the WannaCry ransomware using Kali Linux and the Common Access Platform Assistant (CAPA) method to provide a deeper understanding of the malware's attack tactics, capabilities, and behaviors. Methods/Study design/approach: The research was conducted by installing CAPA version 7.4.0 downloaded from GitHub, followed by file extraction and access permission configuration. The WannaCry malware was obtained from the "thezoo" repository on GitHub, extracted, and analyzed using CAPA commands in the Linux terminal. The analysis results were presented in tables showing the malware's tactics, techniques, and behaviors. Result/Findings: The analysis revealed that CAPA effectively identified various tactics and techniques used by WannaCry, confirming its classification as malware. Validation through antivirus services indicated that 68 out of 72 services flagged the file as malicious, emphasizing the importance of robust cybersecurity measures. Novelty/Originality/Value: This study offers new insights into the working mechanisms of WannaCry ransomware and highlights the effectiveness of the CAPA method in malware analysis. The findings contribute to a better understanding of cybersecurity threats and provide valuable information for professionals in the field to enhance defense strategies against malware.
Downloads
References
Asaad, R. R. (2021). Penetration testing: Wireless network attacks method on Kali Linux OS. Academic Journal of Nawroz University, 10(1), 7–12.
Konecka, S., Bentyn, Z. (2024). Cyberattacks as Threats in Supply Chains. European Research Studies Journal. (27) 3 : 778-796
Pandey, A. K., et al. (2020). Trends in malware attacks: Identification and mitigation strategies. In Critical Concepts, Standards, and Techniques in Cyber Forensics (pp. 47–60). IGI Global.
Wijaya, A. H., & Fitrani, A. S. (2019). Wannacry identification for computer data security. JICTE (Journal of Information and Computer Technology Education), 3(1), 22–28.
Downloads
Published
Issue
Section
Citation Check
License
- Authors certify that the work reported here has not been published before and contains no materials the publication of which would violate any copyright or other personal or proprietary right of any person or entity.
- Authors dont transfer or license the copyright of publishing to AURELIA: Jurnal Penelitian dan Pengabdian Masyarakat Indonesia Research to publish the article in any media format, to share, to disseminate, to index, and to maximize the impact of the article in any databases.
- Authors hereby dont agree to transfer a copyright for publishing to AURELIA: Jurnal Penelitian dan Pengabdian Masyarakat Indonesia a Publisher of the manuscript.
- Authors reserve the following:
- all proprietary rights other than copyright such as patent rights;
- the right to use all or part of this article in future works of our own such as in books and lectures;
- use for presentation in a meeting or conference and distributing copies to attendees;
- use for internal training by author's company;
- distribution to colleagues for their research use;
- use in a subsequent compilation of the author's works;
- inclusion in a thesis or dissertation;
- reuse of portions or extracts from the article in other works (with full acknowledgement of final article);
- preparation of derivative works (other than commercial purposes) (with full acknowledgement of final article); and
- voluntary posting on open web sites operated by author or author’s institution for scholarly purposes, but it should follow the open access license of Creative Common CC BY-NC License.
