Malware Analyser 2.7

The tool has evolved from a tiny python script to one of the most powerful static analysis tool.

Some of the functionality includes:

1. String based analysis for registry , API calls , IRC Commands , DLL's called and VM Aware.

2. Display detailed headers of PE with all its section details, import and export symbols etc.

3.On Distro , can perform an ascii dump of the PE along with other options ( check --help argument).

4. For windows , it can generate various section of a PE : DOS Header , DOS Stub, PE File Header , Image Optional Header , Section Table , Data Directories , Sections

5. ASCII dump on windows machine.

6. Code Analysis ( disassembling )

7. Online malware checking ( www.virustotal.com )

8. Check for Packer from the Database.

9. Tracer functionality : Can be used to identify

Anti-debugging Calls tricks , File system manipulations Calls Rootkit Hooks, Keyboard Hooks , DEP Setting Change,Network Identification traces,

10. Signature Creation: Allows to create signature of malware