Malware Analyser 3.1

Skip to first unread message


Apr 30, 2011, 2:05:50 AM4/30/11
to malwareanalyser
Hi Guys, hope you had a great easter break. I'm working on the next
release i.e. 3.1. My primary focus is on the DLL's analysis and
Process analysis.

I hope to release the version by late end of May.



May 29, 2011, 2:34:02 AM5/29/11
to malwareanalyser
MalwareAnalyser is a great tool!
I would suggest adding the possibility to scan all files in a folder/
subfolders for mass-processing.


Jun 12, 2011, 4:25:16 AM6/12/11
to malwareanalyser

Malware Analyser 3.1 is out.

Here is the release notes:

Version : 3.1

Release Notes : 30/04/2011

--Added DLL analysis

Release Noted: 12/06/2011

--Added Batch Mode Scan: Scan all DLL and Exe in directories and sub-

Thanks to VSA for giving idea.


Jun 12, 2011, 2:09:36 PM6/12/11
to malwareanalyser
It's great! Thanks!

Btw, is there currently a way to disable certain features? E.g. if I
want to do a batch scan, but I do not want to disassemble the first
block or not scan online, can I deactivate those (or maybe can I
enable just the ones I need)?

I saw some few mistypos in the program, like e.g. Usagae,
Disaassembling, etc. ;)

Could you please explain a bit the SIgnature based scans? Like e.g. in
the following cases, do I need to create signatures (or am I missing a
signature db?) for those functions or does it mean that it did not
find anything?

-----------Performing signatures based scan---------------

[+]Displaying Interesting System Calls Made.

[-]Signatures not found.....

[+]Displaying Registry Hives Edited.

[-]Signatures not found.....

[+]Displaying A Little Online Behaviour.

[-]Signatures not found.....

[+]Displaying the Loaded DLLs.

[-]Signatures not found.....

[+]Commands Inside the Malware.

[-]Signatures not found.....

[+]Sys Calls Made.

[-]Signatures not found.....

[+]Searching if malware is VM aware
[-]Signatures not found.....

Thanks for your help and great tool! :)

Beenu Arora

Jun 12, 2011, 9:37:43 PM6/12/11
to, malwareanalyser
Hey VSA ,

For now it's scanning for everything but I would introduce the optional scan feature in the next build.

Regarding the typos , I'll get rid of them in next release.

Also the signatures based scan is part of core functionality and one may not add themselves. If you've a signature then please send across and I would add you on contributors list.

Thanks for reviewing it and appreciate your efforts.


Sent from my iPhone

Reply all
Reply to author
0 new messages