FlareVM Tips and Tricks
If you use Mandiants FlareVM, these commands should come in handy.
If you don't use FlareVM and want to. This is how you can install it: Instructions -- Make sure Microsoft Defender is disabled as f*ck before running the PwSh script to kick off the installer.
I usually use
Cmder as a replacement for the bog standard and quite frankly, boring
Helpful FlareVM Commands:
cup all - Update Flare tools - I sometimes have to run this command as sudo
Disclaimer: Run this command on a clean image of your FlareVM… or not, I can’t tell you what to do.
floss <filename> - Extracts strings from a file.
flarestrings <malware.exe> | rank_strings --scores - What FLOSS does but better.
strings -n 6 <.\filename.exe> - Strings cmd the -n is the String length, 6 being the length.
upx -d <filename> - Unpack Packed Malware - A good tool overal, can be flaky.
[sudo] cinst <toolname> - Install additional packages. E.g. [sudo] cinst ollydbg
man <toolname> - To view the Man(ual) page of a tool which will give you a better insight into that tool.
tldr <toolname> - Short but informative page of the tool, basic overview / commonly used cmds etc.
help - Used in Cmder will show you all of the different commands one can use.
Thank you for reading.