Tag Archives: Malware Research
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. some of the features are:
FileInsight McAfee – free HEX- editor for Windows. Includes all the standard features HEX- editor . It has convenient interface for editing files in hex and text. Able to read the structure of exe- files and organize them by entry
Process hacker is one of the leading tool for manipulating processes and services, this is important for monitoring the changes when you are investigating a malicious code. you will need this tool in your sandbox to identify any new process
PE-bear is a project that can be used for reversing malwares, the tool provides a very useful interface to compare two portable executable files and see the difference. Some of the features are: views multiple files in parallel recognizes known
Security software company Symantec is alerting of a new malware that is using a disassembled malicious file to evade antimalware protection. Cybercriminals have created a hidden .dat files attached to the email with a shortcut used to reassemble the malware.