O'Reilly logo

Windows Forensic Analysis DVD Toolkit, 2nd Edition by Harlan Carvey

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Executable File Analysis

Solutions in this chapter:

▪ Static Analysis
▪ Dynamic Analysis
Summary
Solutions Fast Track
Frequently Asked Questions

Introduction

At times during an investigation you may come across a suspicious executable file on which you would like to perform some analysis to get an idea of what it does or what function it performs. Many times, an intruder may leave scripts or configuration files behind, and these files are generally text files that can be opened and viewed. In the case of scripts, some knowledge of programming may be necessary to fully understand the function of the file.
In Chapter 5, we discussed file signature analysis, a method for determining whether a file has the correct file extension based on the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required