Introduction

Malware Analyzer is a comprehensive static analysis tool designed to analyze a variety of file types, including PE files, Microsoft Office documents (DOCX, XLSX, PPTX), and PDFs.

Key Features:

PE Files

• Imports: List of imported libraries and functions.
• Sections: Detailed information on different sections of the PE file.
• Extracted Strings: Strings extracted from the PE file for analysis.
• Threat Intelligence Report: Full detailed information report from four major threat intelligence sources—VirusTotal, Hybrid Analysis, MetaDefender, and Malware Bazaar.

Microsoft Office Files (DOCX, XLSX, PPTX)

• First Paragraph: Extracted first paragraph of the document for quick content overview.
• Metadata: Detailed metadata of the Office file.
• OLE Tools Output: Results from OLE tools such as OLEid, OLEvba, and Mraptor.
• Threat Intelligence Report: Full detailed information report from VirusTotal, Hybrid Analysis, MetaDefender, and Malware Bazaar.

PDF Files

• First PDF Paragraph: Extracted first paragraph from the PDF for a brief content overview.
• Didier Stevens Tools Output: Results from Didier Stevens' tools including PDF Parser and PDFID.
• Threat Intelligence Report: Full detailed information report from VirusTotal, Hybrid Analysis, MetaDefender, and Malware Bazaar.

Installation

To get started with Malware Analyzer, follow these steps:

1. Clone the Repository

   First, clone the repository to your local machine:

   git clone https://github.com/Yusuf-Amr/Malware-Analyzer.git
   cd Malware-Analyzer

2. Install Dependencies

   pip install -r requirements.txt

3. Add Your API Keys

   1. Open the reputation folder.
   2. Navigate to the api folder.
   3. Open the config.json file and add your API keys.

4. Run the Tool

   python3 main.py /filepath

Demo

Check: https://www.linkedin.com/posts/yusuf-amr_malwareanalysis-cybersecurity-threatintelligence-activity-7227797408234012673-VjSv?utm_source=share&utm_medium=member_desktop