Tools for Malware Analysis

As there are a running campaign to send malware by mail disguised as invoice or price enquiry, I’d like to have some clue on what those malwares are suppose to do.

I will update the article with what I learn about the process of analysing reverse engineering malware.

The first step is to list the tools, and secure malware handling practice.

Regarding malware handling, I recall you shall handle them in virtual environment but I’d like to read more about it before I attempt anything on that line.

Step 1 – the tools

Virtual machine:

Oracle VM VirtualBox

OS:

REMNUX

This is an OS distribution to analyze both windows and Linux malware. The distro is based on Ubuntu.

https://remnux.org/

Online courses: https://www.sans.org/ ($7000,00)

Tools for linux malware only:

Automating Linux Malware analysis using Limon sandbox:

https://www.blackhat.com/docs/eu-15/materials/eu-15-KA-Automating-Linux-Malware-Analysis-Using-Limon-Sandbox-wp.pdf