Live Forensics Analysis Of Malware Identified Email Crimes To Increase Evidence Of  Cyber Crime

Yudhi Prawira Prawira; Samsudin Samsudin

doi:10.31849/digitalzone.v13i12.11570

Yudhi Prawira Prawira North Sumatra State Islamic University
Samsudin Samsudin North Sumatra State Islamic University

DOI: https://doi.org/10.31849/digitalzone.v13i12.11570

Keywords: Digtal Forensics, Email, Malware Emotet, Live Forensics, Digital Proof

Abstract

Now days Email is the most important aplplication on the internet, this make email one of the industry’s most targeted sector for commiting cyber crimes. Email phishing and spam not only harm many parties but also consumes a lot of network bandwidth. Most spam are emotet malware. Trojan malware that targets internet users financial system to steal financial information and personal data by sending phishing. In this research, digital forensics analysis email crimes identified malware using live forensics and tools analyze digital evidence of email content, as wall as offVise, Wireshark, and Procmon to analyze malware activities. The results of the investigation of the email content carried out using software found digital evidence that could be used as a reference that attachment downloaded by the victim was Emoted type malware, when the victim opened it, this malware will be installed automatically on the victim’s computer.

.

Downloads

Download data is not yet available.

References

M. I. P. Nasution et al., “Biometrics for e-money transaction,” AIP Conf. Proc., vol. 2030, no. November, 2018, doi: 10.1063/1.5066942.

R. Ch, T. R. Gadekallu, M. H. Abidi, and A. Al-Ahmari, “Computational system to classify Cyber Crime offenses using machine learning,” Sustain., vol. 12, no. 10, 2020, doi: 10.3390/SU12104087.

M. McGuire and S. Dowling, Cyber Crime: A review of the evidence, no. October. 2013. [Online]. Available: London, England, United Kingdom

J. X. Li, “Cyber crime and legal countermeasures: A historical analysis,” Int. J. Crim. Justice Sci., vol. 12, no. 2, pp. 196–207, 2017, doi: 10.5281/zenodo.1034658.

APWG, “Phishing Activity Trends Report Quarter 4 2021,” apwg.org, 2022. https://apwg.org/trendsreports/ (accessed Jun. 21, 2022).

H. M. and M. H., “A Survey of Email Service; Attacks, Security Methods and Protocols,” Int. J. Comput. Appl., vol. 162, no. 11, pp. 31–40, 2017, doi: 10.5120/ijca2017913417.

E. Gbenga, J. Stephen, H. Chiroma, A. Olusola, and O. Emmanuel, “Heliyon Machine learning for email spam filtering : review , approaches and open research problems,” vol. 5, no. February, 2019, doi: 10.1016/j.heliyon.2019.e01802.

T. Gangavarapu, C. D. Jaidhar, and B. Chanduka, “Applicability of machine learning in spam and phishing email filtering: review and approaches,” Artif. Intell. Rev., vol. 53, no. 7, pp. 5019–5081, 2020, doi: 10.1007/s10462-020-09814-9.

J. Hemalatha, S. A. Roseline, S. Geetha, S. Kadry, and R. Damaševičius, “An efficient densenet‐based deep learning model for Malware detection,” Entropy, vol. 23, no. 3, pp. 1–23, 2021, doi: 10.3390/e23030344.

J. Page, “Exploring Emotet, an Elaborate Everyday Enigma,” A J. Emerg. Med. Serv. JEMS, vol. 14, no. 8, pp. 1–25, 2019.

D. Kalla and S. Kuraku, “Emotet Malware – A Banking Credentials Stealer,” IOSR J. Comput. Eng., vol. 22, no. 4, pp. 31–40, 2020, doi: 10.9790/0661-2204023140.

M. N. Al-azhar, Digital Forensic Practical Guidlines for Computer Investigation. Jakarta, 2012. [Online]. Available: https://lmsspada.kemdikbud.go.id/mod/page/view.php?id=57379

A. P. Saputra and N. Widiyasono, “Analisis Digital Forensik pada File Steganography (Studi kasus : Peredaran Narkoba),” J. Tek. Inform. dan Sist. Inf., vol. 3, no. 1, pp. 179–190, 2017, doi: 10.28932/jutisi.v3i1.594.

R. A. K. N. Bintang, R. Umar, and U. Yudhana, “Perancangan perbandingan live forensics pada keamanan media sosial Instagram, Facebook dan Twitter di Windows 10,” Pros. SNST ke-9 Tahun 2018 Fak. Tek. Univ. Wahid Hasyim, vol. 1, no. 1, pp. 125–128, 2018.

I. Riadi, S. Sunardi, and M. E. Rauli, “Identifikasi Bukti Digital WhatsApp pada Sistem Operasi Proprietary Menggunakan Live Forensics,” J. Tek. Elektro, vol. 10, no. 1, pp. 18–22, 2018, doi: 10.15294/jte.v10i1.14070.

Soni, Y. Prayudi, B. Sugiantoro, D. Sudyana, and H. Mukhtar, “Server Virtualization Acquisition Using Live Forensics Method,” vol. 190, pp. 18–23, 2019, doi: 10.2991/iccelst-st-19.2019.4.

Mustafa, I. Riadi, and R. Umar, “Rancangan Investigasi Forensik Email Dengan Netode National Institute Of Standards And Technology (NIST),” vol. 1, no. 1, pp. 121–124, 2018.

N. H. Ardhi, “Pelacakan geolocation pada forensik email terintegrasi dengan twitter geo-social network,” repository.uinjkt.ac.id, 2020, [Online]. Available: https://repository.uinjkt.ac.id/dspace/bitstream/123456789/53623/1/NAUFAL HERDYPUTRA ARDHI-FST.pdf

R. Umar, I. Riadi, and B. F. Muthohirin, “Live forensics of tools on android devices for email forensics,” Telkomnika (Telecommunication Comput. Electron. Control., vol. 17, no. 4, pp. 1803–1809, 2019, doi: 10.12928/TELKOMNIKA.v17i4.11748.

Badan Standarisasi Nasional. SNI 27037:2014 tentang Teknologi Informasi-Teknik Keamanan-Pedoman Identifikasi, pengumpulan, Akuisisi, dan Preservasi Bukti Digital. Jakarta, 2014.

A. R. Supriyono, B. Sugiantoro, Y. Prayudi, and K. Kunci, “EKSPLORASI BUKTI DIGITAL PADA SMART ROUTER MENGGUNAKAN METODE LIVE FORENSICS,” vol. 10, no. 02, pp. 38–45, 2019.

M. Lupascu, D. T. Gavrilut, and D. Lucanu, “An overview of obfuscation techniques used by malware in visual basic for application scripts,” Proc. - 2018 20th Int. Symp. Symb. Numer. Algorithms Sci. Comput. SYNASC 2018, pp. 280–287, 2018, doi: 10.1109/SYNASC.2018.00051.