Nytro Posted April 29, 2011 Report Posted April 29, 2011 Malware Analyser 3.0Malware Analyser is freeware tool to perform static and dynamic analysis on malwares.This is a stepping release since for the first time the Dynamic Analysis has been included for file creations ( will be improved for other network/registry indicators sooner) along with process dumping feature.It can be useful for:1. String based analysis for registry , API calls , IRC Commands , DLL's called and VM Aware.2. Display detailed headers of PE with all its section details, import and export symbols etc.3.On Distro , can perform an ascii dump of the PE along with other options ( check --help argument).4. For windows , it can generate various section of a PE : DOS Header , DOS Stub, PE File Header , Image Optional Header , Section Table , Data Directories , Sections5. ASCII dump on windows machine.6. Code Analysis ( disassembling )7. Online malware checking ( VirusTotal - Free Online Virus, Malware and URL Scanner )8. Check for Packer from the Database.9. Tracer functionality : Can be used to identifyAnti-debugging Calls tricks ,File system manipulations Calls,Rootkit Hooks,Keyboard Hooks ,DEP Setting Change,Network Identification traces,Privilege escalation traces ,Hardware Breakpoint traces10. Signature Creation: Allows to create signature of malware11. CRC and Timestamp verification.12. Entropy based scan to identify malicious sections.13. Dump a process memory14. Dynamic Analysis (Still in beginning Stage ) for file creations.Download:https://sourceforge.net/projects/malwareanalyser/files/malware_analyser%203.0.zip/downloadhttp://dl.packetstormsecurity.net/forensics/malware_analyser-3.0.zipSursa:http://www.malwareanalyser.com/home/index.php/2-uncategorised/1-malware-analyser Quote
