When performing malware analysis, one of the tools that will be the corner-stone of your static analysis will be the strings tool While this tool is available for all the major operating systems and, you can use it from within Windows, Linux and Mac; the one thing that we will point out is that if you are proficient with scripting, you can utilize this tool to collect the information that you need and quickly perform / provide an analysis in seconds and move on to focus on your dynamic analysis. Working in a SOC or Response Operations environment we know that time is money and efficiency is king! This article will help you understand how to use strings but also hopefully provide you with some ideas as to how you can go about "automating" some of your analysis.

Register to read more …