FlareVM Tips and Tricks
If you use Mandiants FlareVM, these commands should come in handy.
If you don't use FlareVM and want to. This is how you can install it: Instructions -- Make sure Microsoft Defender is disabled as f*ck before running the PwSh script to kick off the installer.
I usually use Cmder
as a replacement for the bog standard and quite frankly, boring cmd
program.
Helpful FlareVM Commands:
cup all
- Update Flare tools - I sometimes have to run this command as sudo
Disclaimer: Run this command on a clean image of your FlareVM… or not, I can’t tell you what to do.
floss <filename>
- Extracts strings from a file.
flarestrings <malware.exe> | rank_strings --scores
- What FLOSS does but better.
strings -n 6 <.\filename.exe>
- Strings cmd the -n is the String length, 6 being the length.
upx -d <filename>
- Unpack Packed Malware - A good tool overal, can be flaky.
[sudo] cinst <toolname>
- Install additional packages. E.g. [sudo] cinst ollydbg
man <toolname>
- To view the Man(ual) page of a tool which will give you a better insight into that tool.
tldr <toolname>
- Short but informative page of the tool, basic overview / commonly used cmds etc.
help
- Used in Cmder will show you all of the different commands one can use.
Thank you for reading.