Examining The Resources Section (.rsrc)
The resources section contains all the necessary files and information that are used/required by the executable. For example: icons, dialogs
Why is it important?
- Attackers can utilize the resources section to store more malicious files and data like payloads, droppers, configuration info etc.
- The resource section is also useful as it may contain information about the origin of the malware.
Tools We Will Be Using
- Resource Hacker
Share this post