1) Open a CMD, go to the suspicious sample's folder, and type:
> certutil -hashfile suspicious_file.exe MD5
> certutil -hashfile suspicious_file.exe SHA256
2) Record the hashes shown in the output of those two commands above.
3) Open a web browser, go to https://www.virustotal.com/gui/home/search, and search the above-mentioned hashes.
No comments:
Post a Comment