using Hyper$-$V Manual complete the questions below with screenshots

$\mathrm{.}1.$ Does the entire file match any existing antivirus signature? $2.$ When was the file compiled? To answer this question, you can use either the report of VirusTotal.com or the PEview tool. As discussed in class, PEview shows the sections that make up a portable executable file. The "Time Date Stamp" shows when the files were compiled. This is often used as an indication of the time zone the attackers live in$.$ See the PEview screenshot below that indicates $2000/10/07$ as the file compilation time. In your answer, include the screenshot of the tool you used to show the compilation time. $3.$ Is there any difference in what the sandbox reports with the report of VirusTotal.com? if yes, support your answer with examples of the differences you found in the reports. $4.$ Are there any indications that the file is packed or obfuscated? To answer this question, use PEiD. As discussed in class, PEiD shows what language the code was written in$,$ or what packer was used if the file is packed. The following screenshot from PEiD indicates a code that is identified as "Microsoft Visual C$++"$ file, which shows the tested code is unpacked. To support your answer, provide a screenshot of the tool to show the related information. $5.$ Do any imports hint at what this malware does? If so$,$ what imports are they? As we discussed in class, Ghidra provides detailed information on the imports used in a code. First run the Ghidra tool on your malware box. Then, in the top left$-$hand corner, you should see a window that contains the sections of the malware, this is the Program Trees section: The Symbol Tree section is very useful as this contains the imports, exports, and functions that the malware is using to perform its malicious activities. By clicking on Imports we can see which libraries have been imported by the malware, clicking on a DLL reveals the imported functions associated with that library. From looking through the imports, it is then possible to identify any interesting functions that the malware is using, this is great for a malware analyst as it means we can double click on these imports to see if they are being used by the malware and try to understand what activity it may perform on a compromised host. To provide your answer, do the same steps and include a screenshot for each. $6.$ What would you guess is the purpose of the malware?