Malware Analysis Tools
Below is a list of free Malware analysis tools that can be used to analyze malware. Please let us know if you have more.
Dependency Walter is a free application that can be used to scan 32 and 64 bit Windows modules (.exe, .dll, .ocx, etc.) and is used to list all the imported and exported functions of a module. Dependency Walker can also displays the dependencies of the file which will result in a minimum set of required files. Dependency Walker also displays detailed information about those files including the file path, version number, machine type, debug information etc.
Dependency Walker can be downloaded here.
Resource Hacker, also sometimes called ResHackers, is a free program that is used to extract resources from Windows binaries. Resource Hacker can extract, add and modify most resources like strings, images, menus, dialogs, VersionInfo, Manifest resources etc. The latest version of Resource Hacker, which is version 4.2.4, was released in July 2015.
Resource Hacker can be downloaded using the following link: Resource Hacker
FileAlyzer is also a free tool to read information stored in PE file headers and sections but offers slightly more features and functionality than PEview. Nice features are the VirusTotal tab which can be used to submit malware to VirusTotal for analysis and the functionality to unpack UPX and PECompact packed files.
FileAlyzer can be downloaded using the following link: FileAlyzer.
PEview is a free and easy to use application to browse through the information stored in Portable Executable (PE) file headers and the different sections of the file. In the following tutorials we will be learning how to read those headers when we’re examining real malware.
PEview can be downloaded using the following link: PEview.