Malware Analyser is freeware tool to perform static and dynamic analysis on malware executables, it can be used to identify potential traces of anti-debug, keyboard hooks, system hooks and DEP setting change calls in the malware.
This is a stepping release since for the first time the Dynamic Analysis has been included for file creations (will be improved for other network/registry indicators sooner) along with process dumping feature.
Features
- String based analysis for registry, API calls, IRC Commands, DLL’s called and VM Aware.
- Display detailed headers of PE with all its section details, import and export symbols etc.
- On Distro, can perform an ascii dump of the PE along with other options (check –help argument).
- For Windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
- ASCII dump on windows machine
- Code Analysis (disassembling)
- Online malware checking (http://www.virustotal.com)
- Check for Packer from the Database.
- Tracer functionality
- Signature Creation: Allows to create signature of malware
- CRC and Timestamp verification.
- Entropy based scan to identify malicious sections.
- Dump a process memory
- Dynamic Analysis (Still in beginning stage) for file creations.
You can download Malware Analyser v3.0 here:
Or read more here.
jim Jones says
Can I use it kernel32.dll?