Книга: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Назад: General Rules for Malware Analysis
Дальше: Antivirus Scanning: A Useful First Step

.

This chapter discusses multiple ways to extract useful information from executables. In this chapter, we’ll discuss the following techniques:

  • Using antivirus tools to confirm maliciousness

  • Using hashes to identify malware

  • Gleaning information from a file’s strings, functions, and headers

Each technique can provide different information, and the ones you use depend on your goals. Typically, you’ll use several techniques to gather as much information as possible.

sss
sss

© RuTLib.com 2015-2018