Posts Tagged ‘Malware Analyses’

McAfee FileInsight 2.1

FileInsight McAfee – free HEX- editor for Windows. Includes all the standard features HEX- editor . It has convenient interface for editing files in hex ​​and text. Able to read the structure of exe- files and organize them by entry , section , import table with a list of imported functions and displays it in [...]

Share

Process Hacker 2.32 – Utility to manage Windows process and services

Process hacker is one of the leading tool for manipulating processes and services, this is important for monitoring the changes when you are investigating a malicious code. you will need this tool in your sandbox to identify any new process created during executing the malicious code. Utility provides detailed debugging information for the selected process, [...]

Share

PE-bear Portable Executable reversing tool

PE-bear is a project that can be used for reversing malwares, the tool provides a very useful interface to compare two portable executable files and see the difference. Some of the features are: views multiple files in parallel recognizes known packers (by signatures) fast disassembler – starting from any chosen RVA/File offset visualization of sections [...]

Share

Hook Analyser 2.5 Malware Analysis tool

Hook Analyser is another tool that you can use for reversing applications and analyzing malicious program. The tool allows investigator to launch and capture applications, hook specific process that you find suspicious, conduct a static analysis for malwares and extracting executable from a running process. Hook Analyser has a three mode for monitoring applications: Automatic [...]

Share

pev PE analysis toolkit

Reversing PE executable files require a special tools because the payload that may contain the malware in PE files is packed inside another executable file that can be a legitimate. This makes a standard static analyses tool wont be able to analyze the payload. the same to antiviruses some packed executable files may evade the [...]

Share

CrowdInspect Malware Forensic Program

Forensic  tools are important to help in analyzing DLLs and processes running on operating system, here you can consider some free programs such as CrowdInspect.  CrowdInspect is a free  tool for Microsoft Windows systems that helps to detect any suspicious connection created with external network. the tool helps investigator to list processes and what is [...]

Share
avg_antivirus

AVG Describes the Blackhole Kit as Most Active Threat on the Web

Security Software Company AVG have released their Community Powered Threat Report for the first quarter of this year, the blackhole exploit kit remains the first web threat by 43% of total malicious websites detected. Blackhole exploit is maintained and constantly update the source code, it is a polymorphic kit and using obfuscation to trick and [...]

Share