If you aren't aware, there is a book dedicated to malware researchers/enthusiasts out there, namely "Malware Cookbook" . I haven't get the book in my hand, but the codes used in the book are already in google code, here
I tried several Python scripts written by the author, purposely in order to help my research in malware detection. One tool, pe_scanner.py considered outstanding, since it has support for malware entropy analysis, yara for malware classification and PEID support for PE identification.
I also managed to file bugreports and "patch".. since analyzing 30,000 malware sample is tedious, time consuming and possibly leads to migrain.
(not exactly bug report, but the problem faced when a given PE having corrupt header, and I have to segregate into different folder, unable to proceed with this kind of binary)
(F-prot AV having different line of reporting... so )
I am yet to commit my customized codes, possibly I'll put in github later on.
No comments:
Post a Comment