Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Malware Analysis > API Call Analysis > Flashcards

API Call Analysis Flashcards

1
Q

Which are the best API indicators for extracting the file and writing it on disk for execution?

A

FindResource, LoadResource, SizeOfResource and LockResource API calls near WriteFIle and CreateProcess calls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name some best PE Examiner tools?

A

CFF Explorer, Detect It Easy (DIE), PE viewer, 010 Editor, Hex Editor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name calling conventions of functions ?

A

cdecl, standard call, Fast call, This Call

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which API call is made to create mutex? or which API is imported to create mutex?

A

CreateMutexA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Why malwares created mutex?

A

To avoid reinfecting the same machine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the basic functionality of mutex?

A

Main functionality of mutex is to specialize resources, mutex ensure that single resource is not accessible by multiple parties. Malware authors use mutex to determine if target machine already infected or not.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Is Mutex name an IOC ?

A

Yes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Name typical API imports for keyloggers?

A

GetKeyState, GetAsyncKeyState, GetWindowText, OpenClipboard, GetClipBoardData,CloseClipboard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Malware Analysis (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions