Tuesday, 27 September 2016
2 comments

A Simple Static Malware Analyzer SSMA Tool Written in Python 3

A Simple Static Malware Analyzer SSMA Tool

SSMA is a simple malware analyzer written in Python 3. 


Features: 


  1. Analyze PE file’s header and sections (number of sections, entropy of sections/PE file, suspicious section names, suspicious flags in the characteristics of the PE file, etc.) 
  2. Searches for possible domains, e-mail addresses, IP addresses in the strings of the file. 
  3. Checks if domain is blacklisted based on abuse.ch’s Ransomware Domain Blocklist and malwaredomains.com’s blocklist. 
  4. Looks for Windows functions commonly used by malware. 
  5. Get results from VirusTotal and/or upload files. 
  6. Malware detection based on Yara-rules 
  7. Detect well-known software packers. 
  8. Detect the existence of cryptographic algorithms. 
  9. Detect anti-debug and anti-virtualization techniques used by malware to evade automated analysis. 
  10. Find if documents have been crafted to leverage malicious code. 


Usage: 

git clone https://github.com/secrary/SSMA
cd SSMA
sudo pip3 install -r requirements.txt
python3 ssma.py -h
python3 ssma.py -k api-key file.exe

You can just statically scan the file or upload to VirustTotal using your API-KEY.

python3 ssma.py file.exe
python3 ssma.py -k api-key file.exe

Download

2 comments:

  1. I agree that if you plan to stay with a cheater don't try to find any information. However, in my case I needed it in my state in order to file for a divorce and come out of the relationship. You can't just say I think courts want proof or you end up spending a lot of time and money to fight it out! Finding out was hard, but I was relieved that I wasn't crazy and it's making my divorce go a lot smoother. He would never confess; therefore, I did the best thing for me...find out, no doubt, move on!!!contact [email protected]'s a professional and will surely help you out,tell him from Jes

    ReplyDelete

 
Toggle Footer
Top