.
The labs include two sections of answers. The first section consists of short answers, which should be used if you did the lab yourself and just want to check your work. The second section includes detailed explanations for you to follow along with our solution and learn how we found the answers to the questions posed in each lab.
and view the reports. Does either file match any existing antivirus signatures?. Does it match any existing antivirus definitions? . Does it match any existing antivirus definitions? . Does it match any existing antivirus definitions? Q:
2. Are there any indications that this file is packed or obfuscated? If so, what are these indicators? If the file is packed, unpack it if possible.
Q:
3. When was this program compiled?
Q:
4. Do any imports hint at this program’s functionality? If so, which imports are they and what do they tell you?
Q:
5. What host- or network-based indicators could be used to identify this malware on infected machines?
Q:
6. This file has one resource in the resource section. Use Resource Hacker to examine that resource, and then use it to extract the resource. What can you learn from the resource?
Q:
2. Are there any indications that this file is packed or obfuscated? If so, what are these indicators? If the file is packed, unpack it if possible.
Q:
3. When was this program compiled?
Q:
4. Do any imports hint at this program’s functionality? If so, which imports are they and what do they tell you?
Q:
5. What host- or network-based indicators could be used to identify this malware on infected machines?
Q:
6. This file has one resource in the resource section. Use Resource Hacker to examine that resource, and then use it to extract the resource. What can you learn from the resource?
Войти в систему
Войти с помощью соц. сетей:
