Getting Started with CFF Explorer
Scenario: You are tasked with performing static analysis on a flagged sample.
Tool: CFF Explorer
Question 1: Can you pull the md5 and SHA-1 hash value of the sample?
Question 2: Can you identify when the sample was created? What other detail can you extract from the file header?
Question 3: Can you identify the compiler used? What else is interesting?
#note: Use a separate isolated machine to perform this task.