Malware Analyser is freeware tool for malware analysis. It is widely used to perform static and dynamic analysis on malware executables. This tool can be used to identify potential traces of anti-debug, keyboard hooks, system hooks and DEP setting change calls in the malware.
IN this release dynamic Analysis has been included for file creations (will be improved for other network/registry indicators sooner) . Process dumping feature is also added.
Features
- String based analysis for registry, API calls, IRC Commands, DLL’s called and VM Aware.
- Display detailed headers of PE with all its section details, import and export symbols etc.
- On Distro, can perform an ascii dump of the PE along with other options (check –help argument).
- For Windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
- ASCII dump on windows machine
- Code Analysis (disassembling)
- Online malware checking (http://www.virustotal.com)
- Check for Packer from the Database.
- Tracer functionality
- Signature Creation: Allows to create signature of malware
- CRC and Timestamp verification.
- Entropy based scan to identify malicious sections.
- Dump a process memory
- Dynamic Analysis (Still in beginning stage) for file creations.
- You can download Malware Analyser v3.0 here:
Tracer functionality : Can be used to identify
- Anti-debugging Calls tricks ,
- File system manipulations Calls,
- Rootkit Hooks,
- Keyboard Hooks ,
- DEP Setting Change,Network Identification traces,
- Privilege escalation traces ,
- Hardware Breakpoint traces
Read More and download:
Would love to here from you...