Malware Analyser v2.8 released
Malware Analyzer is an open source tool for analyzing malwares. It can perform the following functions:
- String based analysis for registry, API calls, IRC Commands, DLL’s called and VMAware.
- Display detailed headers of PE with all its section details, import and export symbols etc.
- On distros, can perform an ASCII dump of the PE along with other options (check –help argument).
- For windows , it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
- ASCII dump on windows machine.
- Code Analysis (disassembling)
- Online malware checking (www.virustotal.com )
- Check for Packer from the Database.
- Tracer functionality: Can be used to identify
- Anti-debugging Calls tricks, File system manipulations Calls Rootkit Hooks, Keyboard Hooks, DEP Setting Change, Network Identification traces.
- Signature Creation: Allows to create signature of malware.”
Changelog
- Added the CRC verification
- Added the Timestamp verification
- Added Entropy checks based on malicious sections
- Added Hardware Breakpoint Trace