For this blog post, I'm not providing any opinions or reviews. I'm just listing the service, URL, and a basic description as quoted by the provider.
These are the malware analysis services and software that I am currently aware of from the Buster Sandbox link, or via other sources. If you know of any other good malware analysis services, please feel free to drop me an email and I will add it to the list.
Note: Joe Sandbox has an online service with three account types. It is described more fully here: http://www.joesecurity.org/service.php
- Windows executable (exe,dll)
– Adobe PDF (Beta Testing)
– Zip file (with password “panda”)
– RAR compressed file (without password)
– 7zip Compressed file (without password)
– Autovin File Extractor compressed file
- BitBlaze Malware Analysis Service - Currently Offline
The generated report includes detailed data about modifications made to the Windows registry or the file system or other processes and of course it logs all generated network traffic. The analysis is based on running the binary in an emulated environment and watching."
or submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL."
Standalone Malware Sandboxing Software
Such results include:
* Relevant Windows API calls tracing of all recursively spawned processes.
* Network traffic dump generated during malware execution.
* Files being downloaded and deleted during execution.
* Screenshots taken during malware the whole analysis process."
Mass Malware Analysis: A Do-It-Yourself Kit."
The changes made to system can be of several types: file system changes, registry changes and port changes."https://vicheck.ca/
PDF files - samples/sample-pdf.file
Packet Captures - samples/sample-http-exploit.pcap
This project contains the source code which runs at the website http://jsunpack.jeek.org/.