This Python tool ‘Malwoverview’ performs an initial and quick triage of malware samples, URLs and hashes

‘Malwoverview’ is a first response tool to check initial and fast triage in a directory containing malware samples, specific malware samples, suspect URLs, and domains. Additionally, it allows to download and send samples to main online sandboxes.

Main Tasks:

  1. Group different malware samples(PE/PE+) according to the import table (imphash)  and mark them with different colors.
  2. Display and evaluate hash information on Virus Total, Hybrid Analysis, Malshare, Polyswarm and URLhaus engines.
  3. Extract overlay from malware samples.
  4. Test suspicious files on Virus Total, Hybrid Analysis and Polyswarm.
  5. Make reports about a suspect domain.

Github: https://github.com/alexandreborges/malwoverview

Requirements

Leave a Reply

Your email address will not be published. Required fields are marked *