Saturday, March 2, 2013

Open Source Malware Analysis By Malwr Com

Malware is a big security threat in the present environment. Some malware are so sophisticated that they cannot be detected by any technology or software present as on date. They are detectable after a lapse of considerable period of time that may at times be years.

There are some very good free and open source malware detection and removal tools and softwares as on date and more and more are added on regular basis. These include Malwarebytes, ClamAV, etc. More can be found at the Sourceforge page.

Malwr is another free malware analysis service. It allows you to analyse suspicious files and extract information on their process and network behavior while being executed. It's built on top of an open source malware analysis system called Cuckoo Sandbox.

In order to use Malwr.com you just need to choose the file to analyse, solve the captcha and submit it. You can choose an analysis package between the ones available, if none is specified, Cuckoo Sandbox will try to detect if it's a PE32 or a PDF file and choose the appropriate package.

If the file format is not recognised, the analysis will be aborted. You can also specify your email address to receive a notification when your analysis is ready.

Malwr.com is powered by the Shadowserver Foundation. It is a product worth trying and commenting.