Automating Malware Analysis

Tools used - BlueJupyter

To start the docker container-

	sudo docker run -it -p 8888:8888 -v /home/remnux/blue-jupyter/malware-analysis/dropbox/:/src/malware-analysis/dropbox bluejupyter

To start bluejupyter-

	jupyter notebook

Now, if you want to add malware into the dropbox, copy it from the PMAT-labs repository into the /home/remnux/blue-jupyter/malware-analysis/dropbox/ directory and it will also copy into the container.

Virus Total API key- 1c3515cbc69ca640a1665a68901637fea29486882c3525322b1c8b4b15d4b35b

To access bluejupyter , goto on a web browser-file:///root/.local/share/jupyter/runtime/nbserver-1-open.html

http://127.0.0.1:8888/?token=012620ea2760b5df1901e08ad4c16a447dd29714a4f6b7de

Extract .7z files in linux terminal -

	7z x test.7z -ppassword

Procedure

Put the malware samples in dropbox folder and run Malware-Analysis.ipynb Hashes. After running the full script, we get the output in saved-specimens folder.

PreviousYARA rules NextMASM 64 Bit Assembly

Last updated 2 months ago