Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Baseline.bat for Dynamic Malware Analysis SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Baseline.bat for Dynamic Malware Analysis
I had created a short batch file to baseline the system information, executes the malware and then make the post infection baseline of the system information; this done using Sysinternal Tools, tshark and file directory listing commands to accomplish this. You can then move the baseline files into a linux system and compare the difference using a command like diff to check the difference before and after the infection.

You may view the detail usage here:
hxxp://blue-monsta-mostropi[dot]blogspot.sg/2015/05/baselinebat-for-dynamic-malware-analysis.html

Or download it here:
hxxps://drive[dot]google.com/file/d/0B64Bq-x1178hQ3RtOUhtdkZFbkk/view
Mostropi

27 Posts

Sign Up for Free or Log In to start participating in the conversation!