Malware Analysis Tools Part 2

Malware Analysis Tools Part 2
Spread the love

Malware Analysis Tools Part 2

This article is the second parti of  Malware Analysis Tools through API headers and read Referred DLLs PE areas securely and without damage to devices.

 

Malware analysis takes place through several major steps, including:

Program Analysis: The process is done by reading the program’s Code Source and analyzing it from any gaps, embedded files, or external links.

File Fingerprinting process: The goal of this process is to prevent the loss of network data after activating the program for the purpose of examining, analyzing, identifying and tracking data over the network.

Malware scanning: This process is intended to scan files from malicious software through applications and tools as well as sites where these sites enable you to scan the file through known protection programs, for example: VirusTotal, Payload Security.

 

 

Dynamic malware analysis tools:

Dynamic analysis relies on building a Virtual Machine in order to work inside an imaginary system and building a laboratory that enables you to analyze malware with tools that you will use. In addition, malware will be analyzed using protection programs and monitoring of malware data and packet data made by malware.

 

It is also important to pay attention when using a dummy device to isolate it from your own device and not to share files so that you do not transfer malware to your personal device.

 

 

A comprehensive list of malware analysis tools:

  1. YARA– Pattern matching tool for analysts.
  2. Yara rules generator  Also, contains a good strings DB to avoid false positives.
  3. File Scanning Framework.
  4. hash deep
  5. Loki– Host-based scanner for IOCs.
  6. Malfunction.
  7. MASTIFF– Static analysis framework.

 Malware Analysis Tools Part 2

 

Malware Analysis Tools

mmker

I'm a Computer Engineer Information Technology fields, specially in Info-sec field. Also, i'm freelance instructor in Ethical Hacking, Secure Web Development, Penetration Testing and Security Awareness. I have the following certificates : CEH, CHFI, ECSA, LPT Master, & ISO 27001 LI.

Leave a Reply

Your email address will not be published. Required fields are marked *

twenty − fourteen =