Malware Analyzer is a comprehensive static analysis tool designed to analyze a variety of file types, including PE files, Microsoft Office documents (DOCX, XLSX, PPTX), and PDFs.
Key Features:
- Imports: List of imported libraries and functions.
- Sections: Detailed information on different sections of the PE file.
- Extracted Strings: Strings extracted from the PE file for analysis.
- Threat Intelligence Report: Full detailed information report from four major threat intelligence sources—VirusTotal, Hybrid Analysis, MetaDefender, and Malware Bazaar.
- First Paragraph: Extracted first paragraph of the document for quick content overview.
- Metadata: Detailed metadata of the Office file.
- OLE Tools Output: Results from OLE tools such as OLEid, OLEvba, and Mraptor.
- Threat Intelligence Report: Full detailed information report from VirusTotal, Hybrid Analysis, MetaDefender, and Malware Bazaar.
- First PDF Paragraph: Extracted first paragraph from the PDF for a brief content overview.
- Didier Stevens Tools Output: Results from Didier Stevens' tools including PDF Parser and PDFID.
- Threat Intelligence Report: Full detailed information report from VirusTotal, Hybrid Analysis, MetaDefender, and Malware Bazaar.
To get started with Malware Analyzer, follow these steps:
-
Clone the Repository
First, clone the repository to your local machine:
git clone https://github.com/Yusuf-Amr/Malware-Analyzer.git cd Malware-Analyzer
-
Install Dependencies
pip install -r requirements.txt
-
Add Your API Keys
- Open the reputation folder.
- Navigate to the api folder.
- Open the config.json file and add your API keys.
-
Run the Tool
python3 main.py /filepath