Malware Analyser v3.0 – A Static & Dynamic Malware Analysis Tool

Outsmart Malicious Hackers


Malware Analyser is freeware tool to perform static and dynamic analysis on malware executables, it can be used to identify potential traces of anti-debug, keyboard hooks, system hooks and DEP setting change calls in the malware.

This is a stepping release since for the first time the Dynamic Analysis has been included for file creations (will be improved for other network/registry indicators sooner) along with process dumping feature.

Features

  • String based analysis for registry, API calls, IRC Commands, DLL’s called and VM Aware.
  • Display detailed headers of PE with all its section details, import and export symbols etc.
  • On Distro, can perform an ascii dump of the PE along with other options (check –help argument).
  • For Windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
  • ASCII dump on windows machine
  • Code Analysis (disassembling)
  • Online malware checking (http://www.virustotal.com)
  • Check for Packer from the Database.
  • Tracer functionality
  • Signature Creation: Allows to create signature of malware
  • CRC and Timestamp verification.
  • Entropy based scan to identify malicious sections.
  • Dump a process memory
  • Dynamic Analysis (Still in beginning stage) for file creations.

You can download Malware Analyser v3.0 here:

malware_analyser 3.0.zip

Or read more here.


Posted in: Countermeasures, Forensics, Malware, Programming

, , , , , , , , ,

Recent in Countermeasures:
- mongoaudit – MongoDB Auditing & Pen-testing Tool
- Why Are Hackers Winning The Security Game?
- Barnyard2 – Dedicated Spooler for Snort Output

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,594 views
- Password Hasher Firefox Extension - 118,127 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,802 views


One Response to Malware Analyser v3.0 – A Static & Dynamic Malware Analysis Tool

  1. jim Jones May 24, 2011 at 1:03 am #

    Can I use it kernel32.dll?