Dropbox Malware

Handy Tools And Websites For Malware Analysis

585

Malware Analysis:

  1. VirusTotal: One of the most famous Multi-Antivirus scanning Website, VirusTotal aggregates many antivirus products and online scan engines to check for viruses that the user’s own antivirus may have missed, or to verify against any false positives. Files up to 256 MB can be uploaded to the website or sent via email.Anti-virus software vendors can receive copies of files that were flagged by other scans but passed by their own engine, to help improve their software and, by extension, VirusTotal’s own capability.
  1. Joe Sandbox: Joe Sandbox Complete executes files and URLs fully automated in a controlled environment and monitors the behavior of applications and the operating system for suspicious activities. All activities are compiled into comprehensive and extensive analysis reports. Analysis reports, which contain key information about potential threats, enable cyber-security professionals to deploy, implement and develop appropriate defense and protections.Joe Sandbox Complete enables you to install and use Joe Sandbox Desktop, Joe Sandbox Mobile and Joe Sandbox X for in-depth malware analysis on Windows, Android and macOS.
  1. Forcepoint CSI: This online security research tool allows you to perform security assessments of websites or IP addresses and contact Forcepoint Security Labs for additional consulting. Using Forcepoint Advanced Classification Engine (ACE) analytics, all activity is monitored and documented in a detailed report. Service highlights include:
  • Classification Details
  • Vulnerability Scanner
  • Reputation Analysis
  • Malicious Code Highlighter

4. Brightcloud: Integrated by leading security vendors worldwide, Webroot BrightCloud® Threat Intelligence Services  give proactive protection against modern threats. URL/IP  can be queried online with this service.

5: Honeydrive: HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more.

6: MxToolbox: Any diagnostics related with Public email services, one stop is Mxtoolbox. MxToolbox supports global Internet operations by providing free, fast and accurate network diagnostic and lookup tools. Millions of technology professionals use this tools to help diagnose and resolve a wide range of infrastructure issues.

Malware Samples, Reverse Engineering :

http://contagiodump.blogspot.com/

http://dasmalwerk.eu/

http://www.virusign.com/

https://malshare.com/

http://www.kernelmode.info/forum/

Kapil Jha
Kapil Jha has been an IT security consultant since 2007. He started as a Information Security Consultant, while working with organization like McAfee, AOL, HCL, Arrow ECS , beIN Media , he developed his knowledge around enterprise business, security governance , security products and also processes like ISO 27001 and PCI. Kapil has helped a lot of enterprise organizations to have a safe and secure environment by testing, auditing and providing recommendations.

Kapil Jha Web Site