Max Payne 3 Setup.exe File Download -

Section C — Forensics and analysis (30 points) 9. (6 pts) You have a downloaded file named "MaxPayne3_Setup.exe" of unknown provenance. Describe a step-by-step static analysis workflow to assess the file before execution. Include tools and expected findings. 10. (8 pts) Describe a dynamic analysis sandbox workflow for the executable. Specify how you would instrument the VM, what behavioral indicators you would monitor, and how you would safely extract artifacts. 11. (8 pts) Explain how to inspect network traffic from the installation process. Include specific tools, filtering techniques, and how to distinguish legitimate game-related traffic (patch checks, DRM) from malicious exfiltration or command-and-control. 12. (8 pts) Detail how to analyze persistence mechanisms on Windows that an infected installer might create (registry entries, scheduled tasks, services, startup folders). Provide command-line commands or PowerShell snippets to enumerate and remove suspicious entries.