[BLUE TEAMING] - Investigate viruses using commands and open source tools like VirusTotal
<aside>
💡 file command
- Determines the file's type, regardless of the file extension
</aside>
<aside>
💡 strings command
- Can give pointers to the different functions called inside the file, IP addresses, domain names, URLs, etc.
</aside>
<aside>
💡 VirusTotal
- Upload files/hashes to to see more information
- If you don't want to upload the file, calculate the md5 with theÂ
md5sum command and search by hash instead
- After file analysis check all the tabs, including detection, details, relations, behavior, and community.
</aside>
Questions âž–
No need to spoonfeed here