Computer Hacking Forensic Investigator (CHFI v10) — Question 444

Shane has started the static analysis of a malware and is using the tool ResourcesExtract to find more details of the malicious program. What part of the analysis is he performing?

Answer options

• A. Identifying File Dependencies
• B. Strings search
• C. Dynamic analysis
• D. File obfuscation

Correct answer: B

Explanation

The correct answer is B, as Shane is using ResourcesExtract to perform a strings search, which is a common static analysis technique to extract readable text from a binary. Options A, C, and D are incorrect because they refer to different aspects of malware analysis that do not involve extracting strings from the program.