Malware Analysis – Examining The Resources Section

Examining The Resources Section (.rsrc)

The resources section contains all the necessary files and information that are used/required by the executable. For example: icons, dialogs

 

Why is it important?

  • Attackers can utilize the resources section to store more malicious files and data like payloads, droppers, configuration info etc.
  • The resource section is also useful as it may contain information about the origin of the malware.

Tools We Will Be Using

  • Pestudio¬†
  • Resource Hacker
Liked it? Take a second to support Alexis on Patreon!
Share this post

1
Leave a Reply

Please Login to comment
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Alexis Recent comment authors
  Subscribe  
newest oldest most voted
Notify of