View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006071 | Kali Linux | [All Projects] Queued Tool Addition | public | 2020-02-04 14:47 | 2022-05-04 13:12 |
| Reporter | crash | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | N/A |
| Status | acknowledged | Resolution | open | ||
| Product Version | |||||
| Target Version | Fixed in Version | ||||
| Summary | 0006071: Malwoverview - initial and quick triage of malware samples, URLs and hashes. | ||||
| Description | Malwoverview.py is a simple tool to perform an initial and quick triage of malware samples, URLs and hashes. Additionally, Malwoverview is able to show some threat of intelligence information. This tool aims to : Determine similar executable malware samples (PE/PE+) according to the import table (imphash) and group them by different colors (pay attention to the second column from output). Thus, colors matter! Show hash information on Virus Total, Hybrid Analysis, Malshare, Polyswarm and URLhaus engines. Determining whether the malware samples contain overlay and, if you want, extract it. Check suspect files on Virus Total, Hybrid Analysis and Polyswarm. Check URLs on Virus Total, Malshare, Polyswarm and URLhaus engines. Download malware samples from Hybrid Analysis, Malshare and HausURL engines. Submit malware samples to VirusTotal, Hybrid Analysis and Polyswarm. List last suspected URLs from Malshare and URLHaus. List last payloads from URLHaus. Search for specific payloads on the Malshare. Search for similar payloads (PE32/PE32+) on Polyswarm engine. Classify all files in a directory searching information on Virus Total and Hybrid Analysis. Make reports about a suspect domain. | ||||
| Additional Information | https://github.com/alexandreborges/malwoverview Kali installation worked perfectly. No external resources required. | ||||
|
|
@kali-team, please could this be packaged up. @author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2020-02-04 14:47 | crash | New Issue | |
| 2020-02-10 13:16 | g0tmi1k | Note Added: 0012050 | |
| 2020-02-10 13:16 | g0tmi1k | Severity | minor => feature |
| 2020-02-10 13:16 | g0tmi1k | Category | New Tool Requests => Queued Tool Addition |
| 2020-02-10 13:16 | g0tmi1k | Product Version | 2020.1 => |
| 2020-02-13 14:23 | g0tmi1k | Status | new => acknowledged |
| 2020-06-17 14:57 | g0tmi1k | Severity | feature => minor |
| 2022-05-04 13:12 | g0tmi1k | Summary | Malwoverview.py is a simple tool to perform an initial and quick triage of malware samples, URLs and hashes. => Malwoverview - initial and quick triage of malware samples, URLs and hashes. |