SSMA — Simple Static Malware Analyzer
Simple but powerful malware analysis tool
SSMA is a simple malware analyzer written in Python 3 by Lasha Khasaia.
Features:
- Searches for websites, e-mail addresses, IP addresses in the strings of the file.
- Looks for Windows functions commonly used by malware.
- Get results from VirusTotal and/or upload files.
- Malware detection based on Yara-rules.
- Detect well-known software packers.
- Detect the existence of cryptographic algorithms.
- Detect anti-debug and anti-virtualization techniques used by malware to evade automated analysis.
- Find if documents have been crafted to leverage malicious code.
Installation
Pretty simple, with git and pip:
git clone https://github.com/secrary/SSMA cd SSMA sudo pip3 install -r requirements.txt python3 ssma.py -h
References