Malware Analyser 3.0

[Nytro]

Malware Analyser 3.0

Malware Analyser is freeware tool to perform static and dynamic analysis on malwares.

This is a stepping release since for the first time the Dynamic Analysis has been included for file creations ( will be improved for other network/registry indicators sooner) along with process dumping feature.

It can be useful for:

1. String based analysis for registry , API calls , IRC Commands , DLL's called and VM Aware.

2. Display detailed headers of PE with all its section details, import and export symbols etc.

3.On Distro , can perform an ascii dump of the PE along with other options ( check --help argument).

4. For windows , it can generate various section of a PE : DOS Header , DOS Stub, PE File Header , Image Optional Header , Section Table , Data Directories , Sections

5. ASCII dump on windows machine.

6. Code Analysis ( disassembling )

7. Online malware checking ( VirusTotal - Free Online Virus, Malware and URL Scanner )

8. Check for Packer from the Database.

9. Tracer functionality : Can be used to identify

Anti-debugging Calls tricks ,

File system manipulations Calls,

Rootkit Hooks,

Keyboard Hooks ,

DEP Setting Change,Network Identification traces,

Privilege escalation traces ,

Hardware Breakpoint traces

10. Signature Creation: Allows to create signature of malware

11. CRC and Timestamp verification.

12. Entropy based scan to identify malicious sections.

13. Dump a process memory

14. Dynamic Analysis (Still in beginning Stage ) for file creations.

Download:

https://sourceforge.net/projects/malwareanalyser/files/malware_analyser%203.0.zip/download
http://dl.packetstormsecurity.net/forensics/malware_analyser-3.0.zip

Sursa:

http://www.malwareanalyser.com/home/index.php/2-uncategorised/1-malware-analyser