View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0006071Kali LinuxQueued Tool Additionpublic2020-02-04 14:472022-05-04 13:12
Reportercrash Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status acknowledgedResolutionopen 
Summary0006071: Malwoverview - initial and quick triage of malware samples, URLs and hashes.
Description

Malwoverview.py is a simple tool to perform an initial and quick triage of malware samples, URLs and hashes. Additionally, Malwoverview is able to show some threat of intelligence information.

This tool aims to :

Determine similar executable malware samples (PE/PE+) according to the import table (imphash) and group them by different colors (pay attention to the second column from output). Thus, colors matter!
Show hash information on Virus Total, Hybrid Analysis, Malshare, Polyswarm and URLhaus engines.
Determining whether the malware samples contain overlay and, if you want, extract it.
Check suspect files on Virus Total, Hybrid Analysis and Polyswarm.
Check URLs on Virus Total, Malshare, Polyswarm and URLhaus engines.
Download malware samples from Hybrid Analysis, Malshare and HausURL engines.
Submit malware samples to VirusTotal, Hybrid Analysis and Polyswarm.
List last suspected URLs from Malshare and URLHaus.
List last payloads from URLHaus.
Search for specific payloads on the Malshare.
Search for similar payloads (PE32/PE32+) on Polyswarm engine.
Classify all files in a directory searching information on Virus Total and Hybrid Analysis.
Make reports about a suspect domain.

Additional Information

https://github.com/alexandreborges/malwoverview

Kali installation worked perfectly.
No external resources required.

Activities

g0tmi1k

g0tmi1k

2020-02-10 13:16

administrator   ~0012050

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

Issue History

Date Modified Username Field Change
2020-02-04 14:47 crash New Issue
2020-02-10 13:16 g0tmi1k Note Added: 0012050
2020-02-10 13:16 g0tmi1k Severity minor => feature
2020-02-10 13:16 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-02-10 13:16 g0tmi1k Product Version 2020.1 =>
2020-02-13 14:23 g0tmi1k Status new => acknowledged
2020-06-17 14:57 g0tmi1k Severity feature => minor
2022-05-04 13:12 g0tmi1k Summary Malwoverview.py is a simple tool to perform an initial and quick triage of malware samples, URLs and hashes. => Malwoverview - initial and quick triage of malware samples, URLs and hashes.