updating static

2025-12-30 04:14:29 +01:00 · 2017-03-23 22:03:36 -07:00
parent 827e2c0bcd
commit 92ce077de4
10 changed files with 43 additions and 1 deletions
--- a/triage.md
+++ b/triage.md
@@ -77,8 +77,10 @@ You can use the **Malware Analysis Report** template [HERE](https://securedorg.g
 2. Copy over the unknown file
 3. Check the file header by opening the file in the hex editor **HxD**
 * Notice the first 1 byte is **MZ** meaning it's a PE Binary
+![alt text](https://securedorg.github.io/images/triage1.png "MZ Header")
 4. Now right click the file and select **CFF explorer** to check the PE header
 * Note the imports it's using
+![alt text](https://securedorg.github.io/images/triage3.png "Imports")
 5. Calculate the hash using **quickhash**, go to virustotal.com and search the hash
 6. Open the file in **BinText** and record any interesting strings