🦦 ponchos blog.

Hashing Malware Files

This is a simple post on how to hash malware files (in FlareVM).

First, you will need to obtain a Malware file. There are various trustworthy sources you can download these files from.

Once you've extracted the malware contents, we can go ahead and open Cmder.

We can now pull the sha256 and Md5 hash from the malware file using the commands below.

cmder1

Command to get sha256 hash:

sha256sum.exe <name of malware file>

Comand to get Md5 hash:

md5sum.exe <name of malware file>

You now have 2 pieces of information to fingerprint the Malware file. The sha256 and md5 hashes.

Disclaimer:

If your FlareVM has been setup correctly, cmder should automatically pickup sha256sum.exe and md5sum.exe

Type into Cmder: ‘sha25’ and hit the ‘tab’ button, this will autocomplete the file name. If this doesn’t happen, type the complete file name and see if you can pull the hash, if this doesn’t work you will need to look at the setup of your Flare Tools.

Troubleshooting FlareVM Tools: Here

- 7 toasts