Saturday, December 2, 2023

Far Manager Tricks: Uncovering Malicious Strings Like a Pro

 Far Manager is a powerful file manager and text-based user interface for Windows, and it can be useful for various tasks, including malware analysis. To find whether a particular string is present in files within a folder, you can use the following steps:

1. Open Far Manager:

   Launch Far Manager and navigate to the directory where you want to search for the string.

2. Use the Find File Feature:

   Far Manager has a built-in feature for finding files that contain a specific string. To use this feature, press `Alt+F7` or go to the "Commands" menu and select "File search."

3. Specify Search Parameters:

   - In the "Search for" field, enter the string you want to search for.

   - You can set other parameters such as file masks, search in subdirectories, and more based on your requirements.

4. Initiate the Search:

   - Press `Enter` to start the search.

5. Review Search Results:

   - Far Manager will display a list of files that contain the specified string.

   - You can navigate through the list and select a file for further analysis.

6. View and Analyze Files:

   - After identifying files of interest, you can view their content by pressing `F3` or using the viewer panel.

   - Analyze the contents of the files to understand the context in which the string is present.

7. Navigate to the String:

   - If the string is found in a file, you can navigate to the specific occurrence by using the search feature within the viewer. Press `Alt+F7` while viewing the file and enter the string to locate its occurrences.

8. Repeat as Needed:

   - If you want to search for the same string in other directories or with different parameters, you can repeat the process.

Far Manager's search capabilities are powerful, and they can be customized to suit your specific needs. This method allows you to quickly identify files containing a particular string within a given folder or directory, facilitating malware analysis and investigation.

Post by


1 comment:

Anonymous said...

This is helpful!

Operating system - Part 1:

 In our blog, we published several articles on OS concepts which mostly on the perspective for malware analysis/security research. In few in...