[MAKD]Part2 - String Obfuscation - Malware Analysis - Looping through binary strings(ProductReview)

Microsoft has strings(link below for download) as a program to 'extract' the text content of an application. With the extraction, you can gather and search through strings that the binary has. Such action is a simple way to get hints on how a program works.
During the basic malware analysis phase, finding string indicators is one of a must-do. We can gather a lot of sufficient data that would give us a big lift on our debugging. But relying on this phase would not be enough for malware authors or app developer found a way and are trying to deter your analysis.

Packing or obfuscation is the malware author's secret ingredient to make their files more difficult to examine. Obfuscated programs are ones whose execution the malware author has attempted to hide. Packed programs are a subset of obfuscated programs in which the malicious program is compressed and cannot be analyzed.

Finding meaningful strings in an application is like finding artifacts to uncover the real history and create an analysis on the functions and capabilities. In this blog, I will show you how analyzing an extracted strings will sure help a forensic analyst decode the hidden mystery behind a certain malware, and an attacker cracked the application he wanted to compromised. I will also discuss how I integrated Fireeye's FLOSS and blend it with my tool .

0:00 Intro
2:03 What is FLOSS
2:56 RUN
3:30 The Algorithm/Mechanics
4:27 Input File
5:09 Output
6:58 Dissecting String Output
11:28 Outtro