“Malware Analyzer is an open source tool for analyzing malwares. It can perform the following functions:
String based analysis for registry, API calls, IRC Commands, DLL’s called and VMAware.
Display detailed headers of PE with all its section Details, import and export symbols etc.
On distros, can perform an ASCII dump of the PE along with other options (check –help argument).
For windows , it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
ASCII dump on windows machine.
Code Analysis (disassembling)
Online malware checking (www.VirusTotal.com )
Check for Packer from the Database.
Tracer functionality: Can be used to identify
Anti-debugging Calls tricks, File system manipulations Calls Rootkit Hooks, Keyboard Hooks, DEP Setting Change, Network Identification traces.
Signature Creation: Allows to Create signature of malware.”
