Malware Analysis

A curated list of awesome malware analysis tools and resources

Contents

• Malware Collection

  • Virus Share
  • Virus Total

• Static Analysis

  • Windows Portable Executable Format

  • Static Feature / Attribute Parser

  • Static Feature / Attribute List

• Dynamic Analysis

  • How to make Sandbox
  • Dynamic Feature / Behavoir Parser
  • Dynamic Feature / Behavoir List

• Paper

Static Analysis

Static Analysis can be done by checking physical states of file. In our case , we used executable file as static samples and to check the physical states of windows executable file Windows provide Portable Executable Format (PE Format) which describes the structure of executable (image) files and object files under the Windows family of operating systems. These files are referred to as Portable Executable (PE) files.

Dynamic Analysis

Behaviour Analysis is similar to Dynamic Analysis therefore we created sandbox to find the behaviour of our malicious and good samples and these behaviour includes Registry Operations , Files Operations , Api's Calls , Dll loaded , Mutex Information etc