Usr6 Posted April 10, 2013 Report Posted April 10, 2013 I’m pleased to announce the release of version 4 of the REMnux Linux distribution for reverse-engineering malicious software. The new version includes a variety of new malware analysis tools and updates the utilities that have already been present on the distro.What’s new in REMnux v4? See the details below and register for a free webcast where I will showcase some of the key additions. You can download the latest release at REMnux.org.What’s New in REMnux v4REMnux is now available as a Open Virtualization Format (OVF/OVA) file for improved compatibility with virtualization software, including VMware and VirtualBox. (A proprietary VMware file is also available. You can also get REMnux as an ISO image of a Live CD.)Key updates to existing tools and components:Core system: Upgraded the underlying Ubuntu OS components and packages; increased default RAM of the virtual appliance to 512MB; replaced OpenJDK with Oracle Java 7 runtime.Memory analysis: Updated Volatility to version 2.2.PDF analysis: Updated pdfid and pdf-parser, Origami, peepdfWeb analysis: Updated SWFTools, V8, libemu, NetworkMiner, Burp Proxy, Wireshark, Firefox and its add-ons.Other changes: Updated xorsearch, DensityScout, Pyew, passive-dns, ClamAV, capabilities.yara; replaced FreeMind with XMindNew tools added to REMnux:Windows tools: Installed Wine; added OfficeMalScanner, MalzillaXOR analysis: Added NoMoreXOR, brutexor, XORBruteForcerPE file analysis: Added pev, dism-this, ExeScan, udis86 (udcli), autorule (/usr/local/autorule), distoolOther file analysis: Added extract_swf.py, ExifTool, MASTIFFother additions: Added hack-functions (/usr/local/hack-functions), bulk_extractor, ProcDotGetting Started With REMnuxThe one-page REMnux Usage Tips cheat sheet outlines some of the more popular tools installed on REMnux. Feel free to customize it to incorporate your own tips and tricks.The recorded Malware Analysis Essentials Using REMnux webcast provides a good overview and examples of some of the tools for performing static malware analysis.If you find REMnux useful, take a look at the reverse-engineering malware course that my colleagues and I teach at SANS. It makes use of REMnux and various other tools.Tune into the webcast I’ll conduct to highlight some of the additions to the latest version of REMnux. If you haven’t already, download the REMnux distro at REMnux.org.Thank you to the developers of the OS and tools installed on REMnux for their contributions to the community. Thank you to the individuals who provided feedback, instructions and recommendations for improving the REMnux distribution.Sursa:New Release of REMnux Linux Distro for Malware Analysis Quote
