Question 1: What are two items to consider when creating a malware analysis environment?
Could malware detect and react differently if a potential malware analysis tool/environment is detected? Give two possible examples.
Question 2: Give an example of an incident where it was discovered that a RAT was found in a corporate environment.
Identify one method a forensic investigator may use to identify a potential RAT program?