±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35770
New Yesterday: 2 Visitors: 74

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Malware Forensics/Analysis Tools?

Forensic software discussion (commercial and open source/freeware). Strictly no advertising.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

MindSmith
Senior Member
 

Malware Forensics/Analysis Tools?

Post Posted: Jun 23, 07 15:41

I am looking into different tools (commercial and freeware) that can assist in malware analysis, I have used NormanData and a collection of various tools monitoring malware in VMs to see what the code does regarding memory, registry keys, and filesystem manipluation, as well as some basic dissassemblers.

I'm not looking for commercial AV software as it does little in terms of showing what the malware is doing, and also can mostly only detect known/previously identified malware, not new malware. Likewsie submitting samples to AV vendors seldom results in them issuing detailed write ups of what the piece of malware was designed to do/does nor do they give full disclosure info that may assist in other areas of inevstigation.

Thanks & Regards,
_________________
#include <std.disclaimer.H> 
 
  

keydet89
Senior Member
 

Re: Malware Forensics/Analysis Tools?

Post Posted: Jun 23, 07 16:17

Looks like you've pretty much got it covered...

H  
 
  

contentengineer.com
Newbie
 

Re: Malware Forensics/Analysis Tools?

Post Posted: Sep 29, 07 01:35

Its also worth considering some of the decompilers out there, particularly as you'll find that Malware executables are often packed using UXP and such like.

Typical programs such as IDA Pro and PE Explorer are worth a shot....  
 
  

Minesh
Senior Member
 

Re: Malware Forensics/Analysis Tools?

Post Posted: Sep 29, 07 05:16

I know this thread is a couple of months old now, and you may be well on your way with this, but thought i'd mention, there are some articles (currently 4 parts) on WindowSecurity.com which involves taking malware apart and analysing it.

Never did finish reading it myself actually, so that's a job for this weekend.

www.windowsecurity.com...Part1.html

Kind Regards

Minesh
_________________
Kind Regards,\r\n\r\nMinesh 
 

Page 1 of 1