Day 189 of learning Cybersecurity until I get a job as a SOC analyst

Описание: In the C:\Samples\MalwareAnalysis directory of this section's target,
there is a file called potato.exe. Use pestudio (C:\Tools\pestudio\pestudio)
to examine this executable's sections and provide the entropy of the .text section as your answer.

Hits:
Potato.exe
pestudi
sectionn entropy under .txt

Answer 5.885

In the C:\Samples\MalwareAnalysis directory of this section's target,
there is a file called potato.exe. Use x64dbg (C:\Tools\x64dbg\release\x64)
to open this executable and navigate to the Symbols tab. Enter the exported Kernel32.dll
function whose name starts with "Attach". Answer format: Attach_

Hits:
potato.exe
x64dbg
Tab Symbols
Kernel32 with the starts of Attach

#cybersecurityjourney #soc101