Malware analysis arsenal: Top 15 tools

We live in an era where digital transformation is part of our lives. With this, malware has become a critical and huge threat to organizations and people around the globe that are faced every day with the most recent and sophisticated malicious schemas disseminated by well-organized cyber gangs. According to the Threat Report Q3 Portugal, many malware families were disseminated in Portugal during Q3 2021, as presented below.

Figure 1: Different malware families disseminated during Q3 2021 in Portugal (source).

The vehicle used by criminals to target victims is often the email or a simple SMS which can cost a company millions of dollars if the right controls are not in place.

Popular tools for reversing malware Debuggers/disassemblers IDA Pro

IDA is a multi-platform, multi-processor disassembler that interprets machine-executable code into assembly code, allowing the debugging and the reverse engineering process. IDA PRO is commercial software and the most used worldwide until Ghidra’s release in 2019 by NSA. IDA has a panoply of plugins developed by the community, and some popular pieces are VT-IDA Plugin, BinDiff and Bincat.

URL: https://hex-rays.com/ida-pro/

GHIDRA

GHIDRA is a software reverse engineering (SRE) framework created by NSA. This framework provides a suite of tools

Read More: https://resources.infosecinstitute.com/topic/malware-analysis-arsenal-top-15-tools/