Saturday, March 1, 2014

Daily Blog #252: Sunday Funday 3/2/14

Hello Reader,
          If you watched the forensic lunch this week you would have heard Marc Ochsenmeier,talk about his work doing static analysis of windows executables. I think Marc's tool is really cool but like all tools it has its limits, let's see how well you understand executable analysis in this weeks challenge.

The Prize:
A 32GB USB3 Kangaruu thumbdrive w/ write protection loaded with our Multiboot Image





The Rules:
  1. You must post your answer before Monday 3/3/14 2AM CST (GMT -5)
  2. The most complete answer wins
  3. You are allowed to edit your answer after posting
  4. If two answers are too similar for one to win, the one with the earlier posting time wins
  5. Be specific and be thoughtful 
  6. Anonymous entries are allowed, please email them to dcowen@g-cpartners.com
  7. In order for an anonymous winner to receive a prize they must give their name to me, but i will not release it in a blog post

The Challenge:
PeStudio does static analysis of exectuables. List and explain what behavior of an executable cannot be examined by this tool.