Used the strings command in a terminal to examine the binary for recognizable text that could act as a signature.
(e.g., detecting a specific file name or command?) OneDayataTime-S2-Ch.12c-pc.zip
This write-up covers the analysis of malicious files to create a for detection. The goal was to identify unique strings within a suspicious zip file ( OneDayataTime-S2-Ch.12c-pc.zip ) to create a rule that alerts on the presence of the malware. 2. Methodology File Examination: Unzipped OneDayataTime-S2-Ch.12c-pc.zip . Used the strings command in a terminal to