±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 36434
New Yesterday: 0 Visitors: 192

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Malware Forensics/Analysis Tools?

Forensic software discussion (commercial and open source/freeware). Strictly no advertising.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts

Senior Member

Malware Forensics/Analysis Tools?

Post Posted: Jun 23, 07 15:41

I am looking into different tools (commercial and freeware) that can assist in malware analysis, I have used NormanData and a collection of various tools monitoring malware in VMs to see what the code does regarding memory, registry keys, and filesystem manipluation, as well as some basic dissassemblers.

I'm not looking for commercial AV software as it does little in terms of showing what the malware is doing, and also can mostly only detect known/previously identified malware, not new malware. Likewsie submitting samples to AV vendors seldom results in them issuing detailed write ups of what the piece of malware was designed to do/does nor do they give full disclosure info that may assist in other areas of inevstigation.

Thanks & Regards,
#include <std.disclaimer.H> 

Senior Member

Re: Malware Forensics/Analysis Tools?

Post Posted: Jun 23, 07 16:17

Looks like you've pretty much got it covered...



Re: Malware Forensics/Analysis Tools?

Post Posted: Sep 29, 07 01:35

Its also worth considering some of the decompilers out there, particularly as you'll find that Malware executables are often packed using UXP and such like.

Typical programs such as IDA Pro and PE Explorer are worth a shot....  

Senior Member

Re: Malware Forensics/Analysis Tools?

Post Posted: Sep 29, 07 05:16

I know this thread is a couple of months old now, and you may be well on your way with this, but thought i'd mention, there are some articles (currently 4 parts) on WindowSecurity.com which involves taking malware apart and analysing it.

Never did finish reading it myself actually, so that's a job for this weekend.


Kind Regards

Kind Regards,\r\n\r\nMinesh 

Page 1 of 1