Identifying Libraries and Network Connections in Malicious Binaries
Which section of the PE header provides information about the imported functions and libraries?
Which of the following tools can be used to extract strings from a binary to understand potential functionalities?
What type of analysis involves running the binary in a controlled environment to observe its behavior?
Which imported function might indicate a binary is attempting to hide its presence on a system?
What might strings containing 'http://' or IP addresses in a binary suggest?
Which of the following is a common characteristic of a malicious binary's Import Table?