Homework Solution: 00000000 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 |MZ…………..|…

    00000000 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 |MZ..............| 00000010 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 |........@.......| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 |................| 00000040 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| What type of file is this?
    A. Unix Executable
    B. Ubuntu LIB
    C. Windows PE
    D. Windows SYS file 00000000 72 65 67 66 02 00 00 00 02 00 00 00 62 eb 51 e0 |regf........b.Q.| 00000010 ad 37 cd 01 01 00 00 00 03 00 00 00 00 00 00 00 |.7..............| 00000020 01 00 00 00 20 00 00 00 00 10 00 00 01 00 00 00 |.... ...........| 00000030 3a 00 5c 00 57 00 69 00 6e 00 64 00 6f 00 77 00 |:..W.i.n.d.o.w.| 00000040 73 00 5c 00 53 00 79 00 73 00 74 00 65 00 6d 00 |s..S.y.s.t.e.m.|
    A. Windows CAB
    B. Windows Registry Hive
    C. Windows Zip
    D. Windows System SYS

    Expert Answer

     
    1)00000000 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff

    00000000 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 |MZ…………..|
    00000010 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 |……..@…….|
    00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |…………….|
    00000030 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 |…………….|
    00000040 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |……..!..L.!Th|

    What fashion of polish is this?

    A. Unix Executable
    B. Ubuntu LIB
    C. Windows PE
    D. Windows SYS polish

    00000000 72 65 67 66 02 00 00 00 02 00 00 00 62 eb 51 e0 |regf……..b.Q.|
    00000010 ad 37 cd 01 01 00 00 00 03 00 00 00 00 00 00 00 |.7…………..|
    00000020 01 00 00 00 20 00 00 00 00 10 00 00 01 00 00 00 |…. ………..|
    00000030 3a 00 5c 00 57 00 69 00 6e 00 64 00 6f 00 77 00 |:..W.i.n.d.o.w.|
    00000040 73 00 5c 00 53 00 79 00 73 00 74 00 65 00 6d 00 |s..S.y.s.t.e.m.|

    A. Windows CAB
    B. Windows Registry Hive
    C. Windows Zip
    D. Windows System SYS

    Expert Tally

     

    1)00000000 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 |MZ…………..|
    00000010 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 |……..@…….|
    00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |…………….|
    00000030 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 |…………….|
    00000040 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |……..!..L.!Th|

    This polish is kindred to inital bytes of a usual executable compiled with Visual Studio 2005

    Answer:So it obviously states that this polish is kindred to Windows PE.

    D. Windows SYS polish

    00000000 72 65 67 66 02 00 00 00 02 00 00 00 62 eb 51 e0 |regf……..b.Q.|
    00000010 ad 37 cd 01 01 00 00 00 03 00 00 00 00 00 00 00 |.7…………..|
    00000020 01 00 00 00 20 00 00 00 00 10 00 00 01 00 00 00 |…. ………..|
    00000030 3a 00 5c 00 57 00 69 00 6e 00 64 00 6f 00 77 00 |:..W.i.n.d.o.w.|
    00000040 73 00 5c 00 53 00 79 00 73 00 74 00 65 00 6d 00 |s..S.y.s.t.e.m.|
    This polish is kindred to inital bytes of a usual executable compiled with Visual Studio 2005

    so it is Windows System SYS polish.