Chapter 11: Challenge Solutions

Chapter 2 – Static Analysis – Techniques and Tooling

The challenges in Chapter 2 cover the basic static analysis of binaries. The answers are as follows:

Challenge 1

The SHA256 sum of the sample is B6D7E579A24EFC09C2DBA13CA906227 90866E017A3311C1809C5041E91B7A930.
The ssdeep of the sample is 3072:C5OLkQW8JS0k0wcBalDIs3hlAp5+hQQE89X3Qo+PgaE3:CsWnGYlAp5+hR9sYaE.
Utilizing what we've learned from static cryptographic hashes, we can utilize OSINT sources such as VirusTotal to learn that this sample corresponds with the SolarMarker family of malware.

Challenge 2

For this challenge, you could locate the kill-switch domain for WannaCry just by utilizing the strings utility! The domain you should have uncovered was ...

Get Malware Analysis Techniques now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Malware Analysis Techniques by Dylan Barker

Chapter 11: Challenge Solutions

Chapter 2 – Static Analysis – Techniques and Tooling

Challenge 1

Challenge 2

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly