FLOSS

a powerful tool developed by Mandiant that functions similarly to the Linux strings tool but is optimized for malware analysis, making it ideal for revealing any concealed details

PS C:> floss.exe C:\Tools\Malware\MerryChristmas.exe | Out-file analysis.txt
 * the floss cmd will scans for strings in the binary MerryChrismas.exe. 
   If any hardcoded variables were defined in the malware, Floss should find them
 * FLOSS is installed by default on FLAREVM

PreviousYARA NextBRIM

Last updated 4 months ago