Malware, CPU and Snapshot Analysis - singirikondamani/Noted GitHub Wiki

Malware Analysis using the tool : BinText.exe(Windows)

Method-1:

  • Step 1: Login to the windows Machine
  • Step 2: Download or search in E directory malware threats folder the BinText.exe tool and open it by double clicking it.
  • Step 3: Browser the file and upload the face.exe file as example
  • Step 4: Results will display at the below terminal and investigate it according to answer and search the keyword as well. image

To inspect the ELF file extensions to identify the CPU or other details by using the Ghidra (Linux, windows)

  • Step 1 : Open the tool by going into the disassembling tools/Ghidra folder
  • Step 2: Double click on .Bat file to open the tool
  • Step 3: Create the project and upload the ELF file or drag and drop the results pop-up appears image

To inspect the Snapshot of the OS registry and perform by using: Regshot

  • Step 1 : Download the tool for the internet:Source to download and install the ANSI build in system
  • Step 2: Open the tool run the shot 1 and shot 2 after sometime
  • Step 3: Click the compare button and it gives a report and identifies the change by search option.