Scanning the suspect binary with multiple anti-virus scanners helps in determining whether malicious code signatures exist for the suspect file. The signature name for a particular file can provide additional information about the file and its capabilities. By visiting the respective antivirus vendor websites or searching for the signature in search engines, you can yield further details about the suspect file. Such information can help in your subsequent investigation and can reduce the analysis time.
3. Multiple Anti-Virus Scanning
3.1 Scanning the Suspect Binary with VirusTotal
VirusTotal (http://www.virustotal.com) is a popular web-based malware scanning service. It allows you to upload a file, which is then scanned...