Sign in
Follow

Testing Executable Using Virus Total

An easy way to quickly test an executable via Virus Total is to simply download the PCAPNG (session PCAP)

m1.png

Open up the session PCAP and follow the TCP Stream

m2.png

Find the download and recreate the URL (example: 104.37.245.82:8888/32.rar <<do NOT click)

m3.png

Upload the URL exe to Virus Total

m4.png

Verify that the binary is malicous.

 

m5.png

Comments

Powered by Zendesk