Static analysis is the technique of analyzing the suspect file without executing it. It is an initial analysis method that involves extracting useful information from the suspect binary to make an informed decision on how to classify or analyze it and where to focus your subsequent analysis efforts. you will learn the following: Identifying the malware's target architecture Fingerprinting the malware Scanning the suspect binary with anti-virus engines Extracting strings, functions, and metadata associated with the file Identifying the obfuscation techniques used to thwart analysis Classifying and comparing the malware samples Identifying File Type Using Manual Method The manual method of determining the file type is to look for the file signature by opening it in a hex editor. MZ $ xxd -g 1 log.exe | more 0000000: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 MZ.............. Identifying File Type Using Tools $ file mini mini: PE32 executable (GUI) Intel 80386, for MS Windows $ ...
provide insights into the world of digital forensics, by revising the best training materials and published technical and scientific articles in this domain, covering topics such as forensic tools, techniques, methodologies, and use cases