October 2018
Beginner to intermediate
436 pages
9h 36m
English
To try out the tools we have learned about, let's try doing some static analysis on ch4_2.exe. To help out, here's a list of what we need to find:
Jumping right into getting file information, we will use TrID (http://mark0.net/soft-trid-e.html) to identify the file type. Execute the following line:
trid cha4_2.exe
The TrID result tells us that we have here a Windows 32-bit executable file that is UPX packed:

Knowing that this is a UPX packed file, we can try the UPX (https://upx.github.io/) tool's decompress feature to help us ...