Sunday, October 20, 2013

Daily Blog #119: Sunday Funday 10/20/13

Hello Reader,
          It's Sunday Funday time again! Last week you worked against a Linux challenge that proved to be quite difficult. This week let's switch it to a Windows IR based challenge that should be more accessible to more of you.

The Prize:


  • A signed copy of the new book

The Rules:
  1. You must post your answer before Monday 10/21/13 2AM CST (GMT -5)
  2. The most complete answer wins
  3. You are allowed to edit your answer after posting
  4. If two answers are too similar for one to win, the one with the earlier posting time wins
  5. Be specific and be thoughtful 
  6. Anonymous entries are allowed, please email them to dcowen@g-cpartners.com
  7. In order for an anonymous winner to receive a prize they must give their name to me, but i will not release it in a blog post

The Challenge:
List and explain all of the methods of persistence for malware available in Windows 7 that is written to the file system/registry.

Good luck! This may seem like a simple copy and paste job at first, but the winner will be the one who can explain the persistence mechanisms best.