312-49 Question #552: Real Exam Question with Answer & Explanation

The correct answer is B: Strings search. ResourcesExtract is a tool that extracts embedded resources â€” including readable strings â€” from executable (EXE/DLL) files without executing them. Using it to examine malware for embedded text (URLs, file paths, registry keys, IP addresses, error messages) is a form of static

Submitted by stefanr· Apr 18, 2026Malware Forensics

Question

Shane has started the static analysis of a malware and is using the tool ResourcesExtract to find more details of the malicious program. What part of the analysis is he performing?

Options

AIdentifying File Dependencies
BStrings search
CDynamic analysis
DFile obfuscation

Explanation

ResourcesExtract is a tool that extracts embedded resources â€” including readable strings â€” from executable (EXE/DLL) files without executing them. Using it to examine malware for embedded text (URLs, file paths, registry keys, IP addresses, error messages) is a form of static strings search analysis. Static analysis means the malware is not run; it is examined as a file. This is distinct from dynamic analysis (which involves executing the malware in a controlled environment) and file obfuscation analysis.

Topics

#Static analysis#Malware analysis tools#ResourcesExtract#Strings extraction

Community Discussion

No community discussion yet for this question.

Full 312-49 Practice Browse All 312-49 Questions