Several Posts on Malware Analysis Tools

image

In the past weeks I published several posts describing malware analysis tools and approaches at other blogs:

  • Automating Static Malware Analysis With MASTIFF: MASTIFF is an open source framework for automating static malware analysis. This tool, created by Tyler Hudak, determines the type of file that is being analyzed and then applies only the static analysis techniques that are appropriate for that file type. MASTIFF offers a useful way for performing triage on a large set of suspicious files. Extra: See my MASTIFF demo as part of the recorded What’s New in REMnux v4 for Malware Analysis webcast.
  • Tools for Examining XOR Obfuscation for Malware Analysis: There are numerous ways of concealing sensitive data and code within malicious files and programs. Fortunately, attackers use one particular XOR-based technique very frequently, because offers sufficient protection and is simple to implement. Here’s a look at several tools for deobfuscating XOR-encoded data during static malware analysis. Extra: Experiment with Thomas Chopitea’s unXOR tool.

Also, on my own blog I took a look at Cylance’Accelerify tool for speeding up the lab system’s clock for malware analysis.

Lenny Zeltser

2 notes

Show

  1. lumbtr reblogged this from lennyzeltser
  2. lennyzeltser posted this

Blog comments powered by Disqus

  • posted 18 May, 2013

  • 2 notes for this post