page-66 http://mpcs.sci.am/index.php/mpcs/issue/view/43/6 doi: 10.51408/1963-0094
doi: 10.51408/1963-0094 The following malware was used: mimikatz, athena, engrat, grum, surtr, dyre. The research was conducted in a software-defined network based on the Windows Server 2016 Standard operating network with the Hyper-V role installed (https://www.microsoft.com/en-us/evalcenter/download-windows-server-2016), OS Ubuntu 21.04 is chosen as the execution environment (https://ubuntu.com/download/desktop/thank-you?version=22.04&architecture=amd64). Software development was carried out in IDE CLion (https://www.jetbrains.com/help/clion/configuring-available-python-interpreters.html). Also in the virtual environment, a test network was deployed with the pfSense (https://www.pfsense.org/download/) distribution kit with the Snort intrusion detection system installed with the latest updates, to compare the results