onHacks

Brief note…

You might have noticed that I used md5 as filenames in the previous (old!) post. In most cases, it is fine.

However, what if the malware depends on a file called hgz.dll? You can calculate hgz.dll as md5, then find the filename out, now put that in the VM again – fine. But you see it is a troublesome process… that you can’t easily automate. There are other cases… of course.

Well, you get the point!