I had created a short batch file to baseline the system information, executes the malware and then make the post infection baseline of the system information; this done using Sysinternal Tools, tshark and file directory listing commands to accomplish this. You can then move the baseline files into a linux system and compare the difference using a command like diff to check the difference before and after the infection.
You may view the detail usage here:
Or download it here:
May 14th 2015
4 years ago