Darknet – The Darkside

Malware Analyser is freeware tool to perform static and dynamic analysis on malware executables, it can be used to identify potential traces of anti-debug, keyboard hooks, system hooks and DEP setting change calls in the malware.

This is a stepping release since for the first time the Dynamic Analysis has been included for file creations (will be improved for other network/registry indicators sooner) along with process dumping feature.

Features

• String based analysis for registry, API calls, IRC Commands, DLL’s called and VM Aware.
• Display detailed headers of PE with all its section details, import and export symbols etc.
• On Distro, can perform an ascii dump of the PE along with other options (check –help argument).
• For Windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
• ASCII dump on windows machine
• Code Analysis (disassembling)
• Online malware checking (http://www.virustotal.com)
• Check for Packer from the Database.
• Tracer functionality
• Signature Creation: Allows to create signature of malware
• CRC and Timestamp verification.
• Entropy based scan to identify malicious sections.
• Dump a process memory
• Dynamic Analysis (Still in beginning stage) for file creations.

You can download Malware Analyser v3.0 here:

malware_analyser 3.0.zip

Or read more here.