Malware Tools Overview

Static Analysis	Behavioral Analysis	Code Analysis	Memory Analysis
Bintext	Procmon	IDA Pro	Volatility
CFF Explorer	Process Hacker	Immunity Debugger	Bulk Extractor
PE Studio	Process Explorer	Olly Debugger	Redline
PE-Bear	Wireshark	WinDbg	Rekall
Strings	Fakenet	JD - Gui
Hash my files	Capture Bat	Cutter
Resource Hacker	Regshot	Radare2
EXEInfoPE	FakeDNS	JustDecompile
HxD/XVI	API Monitor	x64dbg/x32dbg
FileAnlyzer	SSDEEP	GNU Debugger
PEID	Networkminer	Ghidra
apktool		IL Spy
FLOSS
DIE - Detect it easy

Additional Tools

This additional tools are not directly used to analyze a malware sample, but support the process of it by simplifying e.g. the decryption of encypted or encoded parts or commands

• CyberChef
• JavaScript beautifier

Sandboxes

Name	pros	Cloud	on Premise	Analysis Hosts
JoeSanbox	Free accounts with limited number of analysis available	✓	✓
Hybrid Analysis	Free accounts with limited number of analysis available	✓
Cuckoo Sandbox	"The Standard" for an open source sandbox		✓
Triage	Free accounts with limited number of analysis available	✓	✓
Any Run	Free accounts with limited number of analysis available	✓

VMs

• FireEye FlareVM
• FireEye ThreatPursiut-VM
• Remnux

Target

Windows

OSX

Linux

iOS

Android