Which statement describes static malware analysis?

Static malware analysis is analyzing a malware sample by examining its code and structure without running it. This approach looks at the actual binary or source (when available) to uncover what the program is capable of, how it might operate, and what indicators it leaves behind. Analysts inspect strings for commands orURLs, examine imports to see which APIs the program relies on, and study headers, sections, and packing or obfuscation techniques to infer its behavior. They may disassemble or decompile the code to trace control flow and data flow, identify persistence mechanisms, or locate hard-coded artifacts like registry keys or file paths. Because nothing is executed, this method is safer and can be done quickly on a captured sample, but it won’t reveal actions that only occur at runtime; for that, dynamic analysis, which observes behavior by running the code (often in a sandbox), is used.