Getting Started with PEStudio
Scenario: You are tasked with performing static analysis on a flagged sample.
Tool: PEStudio
Question 1: Running the sample to PEStudio, can you pull the hash values?
Question 2: Can you present the indicators detected by PEStudio from our sample?
Question 3: Base on the results given, is the sample packed?
Question 4: Can you identify the strings that are interesting?
Question 5: Can you identify what type of malware is our sample?
#note: Use a separate isolated machine to perform this task.