Malware Analyser is freeware tool to perform static and dynamic analysis on malware executables, it can be used to identify potential traces of anti-debug, keyboard hooks, system hooks and DEP setting change calls in the malware.
This is a stepping release since for the first time the Dynamic Analysis has been included for file creations (will be improved for other network/registry indicators sooner) along with process dumping feature.
- String based analysis for registry, API calls, IRC Commands, DLL’s called and VM Aware.
- Display detailed headers of PE with all its section details, import and export symbols etc.
- On Distro, can perform an ascii dump of the PE along with other options (check –help argument).
- For Windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
- ASCII dump on windows machine
- Code Analysis (disassembling)
- Online malware checking (http://www.virustotal.com)
- Check for Packer from the Database.
- Tracer functionality
- Signature Creation: Allows to create signature of malware
- CRC and Timestamp verification.
- Entropy based scan to identify malicious sections.
- Dump a process memory
- Dynamic Analysis (Still in beginning stage) for file creations.
You can download Malware Analyser v3.0 here:
Or read more here.
Recent in Countermeasures:
- AxCrypt – Open Source Windows File Encryption Software
- Smooth-Sec – IDS/IPS (Intrusion Detection/Prevention System) In A Box
- HoneyDrive Desktop v0.2 Released – Honeypot LiveCD
- Viruses & Malware Monitored on a Dynamic World Map
- NSDECODER – Automated Website Malware Detection Tool
- Whitetrash – Dynamic Web White-listing for Squid
Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 118,892 views
- Password Hasher Firefox Extension - 116,787 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,515 views