Scenario: You are tasked with performing static analysis on a flagged sample.
Tool: CFF Explorer
Question 1: Can you pull the md5 and SHA-1 hash value of the sample?
Question 2: Can you identify when the sample was created? What other detail can you extract from the file header?
Question 3: Can you identify the compiler used? What else is interesting?
#note: Use a separate isolated machine to perform this task.
⚠️ YOU ARE TRYING TO DOWNLOAD A FILE THAT CONTAINS MALICIOUS EXECUTABLE ⚠️
eyehatemalwares is “PAY WHAT YOU CAN” project.
The zip file associated with this lab is password protected.
For hands-on experience, click the “Donate” button and you will be redirected to eyehatemalwares Paypal donation homepage or scan the QR Code below.
Click the “Download” button again to download the lab zip file.
After successful donation, email us the zip file name and the Paypal transaction details for the password.
Thank you for helping us build this community!
We will make sure that your donation will be use to bring more value to the community.
Contact us: About
– EHM Team