Saturday, November 19, 2011

Hook Analyser 1.4 - Development

I had request from a few people asking, how this tool could be used for malware analysis. Since I'm currently working on the next release, so I decided to analyse a malware sample using Hook Analyser 1.4 (in development).

Please note; this release is not stable at the moment and I advice to continue using version 1.3 if you need to. 

Some of the interesting information I was able to extract -

File system indicators
Network indicators
Malware compile platform
Malware attribution (Pretty interesting)

Hook Analyser log files (generated during malware analysis) -

Analysis video - 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.