Malware Static Analysis with UPX Packer
UPX is a famous tool that is used to pack and unpack a PE file and used by both benign and malicious software for their own gain.
Category: Static Analysis Tools
HashMyFiles
Malware Static Analysis with HashMyFiles
HashMyFiles by Nirsoft is a small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system. You can easily copy the MD5/SHA1 hashes list into the clipboard, or save them into text/html/xml file.
HashMyFiles can also be launched from the context menu of Windows Explorer, and display the MD5/SHA1 hashes of the selected file or folder.
Static Analysis Tool Lists
Strings for Windows
Malware Static Analysis with Windows Sysinternals
Strings is a malware static analysis tool for extracting ascii and unicode strings from a file. This can reveal valuable information such as URL, IP Aaddress and functions used.
In this topic we will discuss command prompt base strings analysis in Windows Architecture.
Static Analysis Tool Lists
Strings for Linux
Malware Static Analysis with Linux Strings Tool
Strings is a malware static analysis tool for extracting ascii and unicode strings from a file. This can reveal valuable information such as URL, IP Aaddress and functions used.
In this topic we will discuss cli base strings analysis in Linux Architecture.
Static Analysis Tool Lists
TRiD
Malware Static Analysis with Trid
Trid a static analysis tool in windows and is a file like tool from linux, this detects the file type of a PE file that helps the analyst to prepare the environment for further analysis and runs by executing it inside the cmd prompt.
Note: Trid will look for a file called “triddefs.trd” in order to execute, make sure you place it in the same directory together.
Static Analysis Tool Lists
PEView
Malware Static Analysis with PEView
PeView is a static analysis tool that can be used to extract information about the PE header of an executable, specially the modules and the entry point.