Tag Archives: Malware Research

PE-sieve – Tool to Detect Malware Running on System

PE-sieve is a light-weight tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis. This tool is intended to help malware analysts, malware hunters, and incident responders in

RetDec – Machine-code Decompiler Based on LLVM

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system

Cuckoo Sandbox – Automated Malware Analysis Framework

Cuckoo Sandbox is an open source automated malware analysis system. It’s used to automatically run and analyze files and collect comprehensive analysis results that outline what the malware does while running inside an isolated operating system. Cuckoo Sandbox is an

sems – Sandbox and Virtual Machine Detection Tool

sems is a good tool that can be used by malware researchers to verify if the existing virtual environment detected by malwares.

PortEx- Java Library for Static Analysis of PE File

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. some of the features are:

New release YARA 3.0

Over this week a new version of Yara have been released. YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or

McAfee FileInsight 2.1

FileInsight McAfee – free HEX- editor for Windows. Includes all the standard features HEX- editor . It has convenient interface for editing files in hex ​​and text. Able to read the structure of exe- files and organize them by entry