Here are the results for two different PE samples, one with an embedded PE resource encoded as a Morse Code and another sample embedded and encoded as a base64. We can calculate the Entropy score using the sigcheck.exe utility that comes with the Microsoft Sysinternals Suite: > sigcheck.exe -h -a FILE_PATH NET Loader – code snippet Calculating the Entropy Score
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |