Firstly, I want to thank the loyal users of the Hook Analyser project.
It's been a while since I released a new version. There are few reasons for the delay, predominantly, trying to add new capabilities to the tool.
For the last few months, I have been focused on the Machine Learning (ML) capability - trying to find ways to leverage it within the malware analysis and threat intelligence space. Specifically, identifying methods to prepare an algorithm using defined features and classifiers (for malware analysis), training the algorithms using "training data" and predicting new datasets.
As a result, I'm glad to say that this release has that capability, and will help you to classify a file as malware or clean file quickly!
Here is an example -
You can download the new release from here - https://goo.gl/U1PDSh
Interested to see how community is utilising Hook Analyser? Following are some noteworthy mentions -
- toolsmith: There Is No Privacy - Hook Analyser vs. Hacking Team
- https://isc.sans.edu/diary/Keeping+the+RATs+out%3A+the+trap+is+sprung+-+Part+3/18415
- https://www.youtube.com/
watch?v=35teUHnZNGU (@59:00) - https://digital-forensics.sans.org/summit-archives/DFIR_Summit/7-Sins-of-Malware-Analysis-Dominique-Kilman.pdf
- http://binaryhax0r.blogspot.com.au/2013/01/cve-2012-4792-hook-analyser.html
- http://www.darknet.org.uk/2014/05/hook-analyser-3-1-malware-analysis-tool/
- https://www.owasp.org/images/5/5b/RevEngMal.pptx