{"title":"恶意软件分析与多个功能","authors":"M. N. A. Zabidi, M. A. Maarof, A. Zainal","doi":"10.1109/UKSim.2012.40","DOIUrl":null,"url":null,"abstract":"Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pingaji, which could assist the work of malware analyst to get the static features of malware. pingaji contains several modules - Application Programming Interface (API) calls extractor, binary entropy information, anti virtual machine and anti debugger detector and XOR encrypted strings decrypt or. pingaji was developed in order to assist our work in getting malware features. pingaji is focusing on ripping Microsoft Windows executable binaries' malicious features.","PeriodicalId":405479,"journal":{"name":"2012 UKSim 14th International Conference on Computer Modelling and Simulation","volume":"86 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"Malware Analysis with Multiple Features\",\"authors\":\"M. N. A. Zabidi, M. A. Maarof, A. Zainal\",\"doi\":\"10.1109/UKSim.2012.40\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pingaji, which could assist the work of malware analyst to get the static features of malware. pingaji contains several modules - Application Programming Interface (API) calls extractor, binary entropy information, anti virtual machine and anti debugger detector and XOR encrypted strings decrypt or. pingaji was developed in order to assist our work in getting malware features. pingaji is focusing on ripping Microsoft Windows executable binaries' malicious features.\",\"PeriodicalId\":405479,\"journal\":{\"name\":\"2012 UKSim 14th International Conference on Computer Modelling and Simulation\",\"volume\":\"86 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-03-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 UKSim 14th International Conference on Computer Modelling and Simulation\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/UKSim.2012.40\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 UKSim 14th International Conference on Computer Modelling and Simulation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/UKSim.2012.40","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pingaji, which could assist the work of malware analyst to get the static features of malware. pingaji contains several modules - Application Programming Interface (API) calls extractor, binary entropy information, anti virtual machine and anti debugger detector and XOR encrypted strings decrypt or. pingaji was developed in order to assist our work in getting malware features. pingaji is focusing on ripping Microsoft Windows executable binaries' malicious features.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
