It’s been about 2 years since I’ve been active in the security scene, and I’ve got the itch again, wanting to pick it back up.
I’m looking for a soft push in the right direction, specifically with something I’m currently looking at which has me interested. I’ve been sent an exe file, and I know briefly what it does, but I’m wanting to gather the following information. If anyone has any suggestions on apps or methods, please let me know, and I’ll go off and do the research.
I’m not sure what language the code is, within the exe I’ve been sent.
What’s an efficient method of determining the language?
I’ve been using Wireshark to determine the IP’s which are being contacted after launching the exe, is there better/more prefered methods now? What do other people use?
How can I determine what exactly the exe is doing on the system? I’d like to know what files on the disk are being accessed by it, and if any changes on the system have been made. Is there any recommendations of tools to use to perform this?