Malware infects a host with exploiting known and unknown vulnerabilities. Among the list of current detections methods, one of them is by using malware signatures in which it is considered fast and works with acceptable computing overhead. The signature generation begins with analysis done by the malware analysts. Since most antiviruses are commercial, least known to the public the method being done for large scale malware signature detection.
One method of detecting malware is by using dynamic analysis, where the behaviour of malware being monitored. The other one is by using static analysis, where it involves the process of diassembling the binary. Here I will share how we can use Python, a powerful interpreted language to do a malicious call analysis.
Drop page: here