View Issue Details

IDProjectCategoryView StatusLast Update
0006071Kali Linux[All Projects] Queued Tool Additionpublic2020-02-13 14:23
Reportercrash Assigned To 
PrioritynormalSeverityfeatureReproducibilityN/A
Status acknowledgedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0006071: Malwoverview.py is a simple tool to perform an initial and quick triage of malware samples, URLs and hashes.
DescriptionMalwoverview.py is a simple tool to perform an initial and quick triage of malware samples, URLs and hashes. Additionally, Malwoverview is able to show some threat of intelligence information.

This tool aims to :

Determine similar executable malware samples (PE/PE+) according to the import table (imphash) and group them by different colors (pay attention to the second column from output). Thus, colors matter!
Show hash information on Virus Total, Hybrid Analysis, Malshare, Polyswarm and URLhaus engines.
Determining whether the malware samples contain overlay and, if you want, extract it.
Check suspect files on Virus Total, Hybrid Analysis and Polyswarm.
Check URLs on Virus Total, Malshare, Polyswarm and URLhaus engines.
Download malware samples from Hybrid Analysis, Malshare and HausURL engines.
Submit malware samples to VirusTotal, Hybrid Analysis and Polyswarm.
List last suspected URLs from Malshare and URLHaus.
List last payloads from URLHaus.
Search for specific payloads on the Malshare.
Search for similar payloads (PE32/PE32+) on Polyswarm engine.
Classify all files in a directory searching information on Virus Total and Hybrid Analysis.
Make reports about a suspect domain.
Additional Informationhttps://github.com/alexandreborges/malwoverview

Kali installation worked perfectly.
No external resources required.

Activities

g0tmi1k

2020-02-10 13:16

administrator   ~0012050

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

Issue History

Date Modified Username Field Change
2020-02-04 14:47 crash New Issue
2020-02-10 13:16 g0tmi1k Note Added: 0012050
2020-02-10 13:16 g0tmi1k Severity minor => feature
2020-02-10 13:16 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-02-10 13:16 g0tmi1k Product Version 2020.1 =>
2020-02-13 14:23 g0tmi1k Status new => acknowledged