In the below example I am showing the MD5 hash (a type of hash) of an executable " malware.exe", which is "60e29751634c36ca26fd6acef4d9554e" md5sum malware.exeĦ0e29751634c36ca26fd6acef4d9554e malware.exeīelow is a simple code written using Notepad in C language (high level language) to simply print the message "Hello Peeps" on the screen. Hash: a function that maps data of arbitrary size (can be a file) to a fixed-size value. You cannot run (execute) DLLs on their own, you basically call the APIs within a DLL from other executable ". drv, etc.)ĭynamic Link Library (DLL): A type of PE that Windows exports most of its functions (called Application Programming Interfaces APIs) in. Portable Executable (PE): A file format for Windows executable files, this includes (.exe. You'd be surprised how much info can be pulled from an executable without running it. This includes using many tools and research. Static Malware Analysis: As opposed to Dynamic Malware Analysis (where you run the code (executable) in a protected environment to understand its behaviour), Static Malware Analysis is the study of this code (executable) without actually running it. Malware Analysis: This is the study of malware's behaviour, to understand what a certain malware is intended to do, what malware family it belongs to, and eventually how to protect against it. Malware: well that's short for Malicious Software, as in code that is written with the intent of performing malicious actions on a Victim's machine.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |