‘Malwoverview’ is a first response tool to check initial and fast triage in a directory containing malware samples, specific malware samples, suspect URLs, and domains. Additionally, it allows to download and send samples to main online sandboxes.
- Group different malware samples(PE/PE+) according to the import table (imphash) and mark them with different colors.
- Display and evaluate hash information on Virus Total, Hybrid Analysis, Malshare, Polyswarm and URLhaus engines.
- Extract overlay from malware samples.
- Test suspicious files on Virus Total, Hybrid Analysis and Polyswarm.
- Make reports about a suspect domain.