Practical Malware Analysis Lab 1–1A

  1. Upload the files to http://www.VirusTotal.com/ and view the reports. Does either file match any existing antivirus signatures?
41 Security vendors flagged this file
48 Security Vendors flagged this file as malicious
.exe file
.dll file
  • KERNEL32.DLL — common DLL that contains core functionality, such as access and manipulation of memory, files, and hardware.
  • WS2_32.DLL — networking DLL. A program that accesses either of these most likely connects to a network or performs network-related tasks.
  • MSVCRT.DLL — Module containing standard C library functions such as printf, memcpy, and cos. It is a part of the Microsoft C Runtime Library.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store