• Tutorials
  • Courses
  • Tracks

Cyber Quiz Day 47

Last Updated :
Discuss
Comments

Question 1

During static analysis, which type of information is most likely revealed by string extraction tools like strings or BinText?

  • The runtime behavior of the malware

  • The encryption keys stored in the registry

  • The system files modified during execution

  • Network indicators such as URLs or IP addresses

Discuss it

Question 2

Which of the following outputs from a strings scan would most likely indicate command-and-control (C2) behavior?

  • Resource Hacker

  • BinText

  • sha256sum

  • RegShot

Discuss it

Question 3

Which threat intelligence service provides behavioral sandbox reports and execution traces (in report-only mode) without letting users run code manually?

  • VirusTotal

  • YARA Rules

  • sha256sum

  • Hybrid Analysis

Discuss it

Question 4

When using VirusTotal, which of the following is NOT a reliable indicator of malware?

  • Detection ratio from multiple AV engines

  • File hash matching known samples

  • “Microsoft” digital signature validation

  • Detection name inconsistencies across engines

Discuss it

Question 5

An executable claims to be signed by “Microsoft Corporation,” but the digital certificate is expired and mismatched. What does this most likely indicate?

  • The software is outdated

  • It is likely a repacked or forged malware sample

  • The signing server was temporarily down

  • The OS didn’t recognize the signature

Discuss it

Question 6

You analyze a suspicious EXE and find no readable strings. What could be a possible reason?

  • The file is corrupted

  • The malware uses packing or encryption to obfuscate strings

  • The strings command failed to execute

  • The file has no data section

Discuss it

Question 7

When analyzing a malware sample on Hybrid Analysis, which section of the report primarily lists network connections and contacted hosts?

  • File Information

  • Behavior Summary

  • Network Analysis

  • Signature Matches

Discuss it

Question 8

Why should analysts avoid uploading sensitive in-house samples to VirusTotal?

  • VirusTotal deletes all uploaded samples

  • Uploaded files are shared with multiple security vendors

  • VirusTotal does not support binary uploads

  • It automatically executes the malware

Discuss it

Question 9

What does the presence of the string "Wininet.dll" within a binary typically indicate?

  • The malware uses Windows networking APIs for internet communication

  • The malware modifies local system files

  • The malware installs kernel drivers

  • The malware disables antivirus

Discuss it

Question 10

What is the main advantage of static string and metadata analysis before dynamic execution?

  • It requires administrator privileges

  • It immediately reveals runtime behavior

  • It helps identify indicators and functionality safely without executing the malware

  • It modifies malware for analysis

Discuss it

There are 10 questions to complete.

Take a part in the ongoing discussion