You should use a hexadecimal editor to your liking, and you can always use tools as additional to your findings. -Perform a static analysis and know the correct architecture and type of file extension. - If the program is packaged, indicate the compressor name and estimated version, if it is not, indicate section names - Determine if the file has anomalous characteristics in section, and indicate which ones, if any. - What is the value of the current checksum of the file (CheckSUM) - Calculate the offset (address) of the import table (IAT). - Extract the list of API functions present in the IAT of the executable (all), then explain using MSDN, at least what "one" of these APIs is for - Determine the size of the executable/binary, Without Overlay (without additional data), indicating the size in KB
You should use a hexadecimal editor to your liking, and you can always use tools as additional to your findings.
-Perform a static analysis and know the correct architecture and type of file extension.
- If the program is packaged, indicate the compressor name and estimated version, if it is not, indicate section names
- Determine if the file has anomalous characteristics in section, and indicate which ones, if any.
- What is the value of the current checksum of the file (CheckSUM)
- Calculate the offset (address) of the import table (IAT).
- Extract the list of API functions present in the IAT of the executable (all), then explain using MSDN, at least what "one" of these APIs is for
- Determine the size of the executable/binary, Without Overlay (without additional data), indicating the size in KB
Hi, I need help with this?