Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Baseline.bat for Dynamic Malware Analysis SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Baseline.bat for Dynamic Malware Analysis
I had created a short batch file to baseline the system information, executes the malware and then make the post infection baseline of the system information; this done using Sysinternal Tools, tshark and file directory listing commands to accomplish this. You can then move the baseline files into a linux system and compare the difference using a command like diff to check the difference before and after the infection.

You may view the detail usage here:

Or download it here:

27 Posts

Sign Up for Free or Log In to start participating in the conversation!