Malware Analyser is a freeware tool to perform static and dynamic analysis of the malwares.
- String based analysis for registry, API calls, IRC Commands, DLL’s called and VMAware.
- Display detailed headers of PE with all its section details, import and export symbols etc.
- On distros, can perform an ASCII dump of the PE along with other options (check –help argument).
- For windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
- ASCII dump on windows machine.
- Code Analysis (disassembling)
- Online malware checking (www.virustotal.com)
- Check for Packer from the Database.
- Tracer functionality: Can be used to identify
- Anti-debugging Calls tricks, File system manipulations Calls Rootkit Hooks, Keyboard Hooks, DEP Setting Change, Network Identification traces.
- Signature Creation: Allows to create signature of malware.
- Batch Mode Scan to Scan all DLL and Exe in directories and sub-directories
–Added Traces signatures