So you got a malicious email attachment that is a JAR file. You want to analyze it. First, a jar file is simply a zipped file, so use your favorite unzipping tool like 7zip or WinZip and extract the file. You'll find a bunch of java .class files which are simply java compiled code. To view and analyze that code, download a Java Decompiler like JAD. Then extract like below, and now you have a bunch of .java (Java code files) to analyze. You'll need to put on your programming skills as well as get past all the obfuscation techniques that the attacker put in place to make his code unreadable, but it's a start!
jad.exe -o -dtest -sjava *.class
More about neonprimetime
Top Blogs of all-time
Top Github Contributions
Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.
No comments:
Post a Comment