SSMA is a simple malware analyzer written in Python 3.

Features:

• Searches for websites, e-mail addresses, IP addresses in the strings of the file.

• Looks for Windows functions commonly used by malware.

• Get results from VirusTotal and/or upload files.

• Malware detection based on Yara-rules - https://virustotal.github.io/yara/

• Detect well-known software packers.

• Detect the existence of cryptographic algorithms.

• Detect anti-debug and anti-virtualization techniques used by malware to evade automated analysis.

• Find if documents have been crafted to leverage malicious code.

Usage

git clone https://github.com/secrary/SSMAcd SSMAsudo pip3 install -r requirements.txtpython3 ssma.py -h

You can just statically scan the file or upload to VirustTotal using your API-KEY.

Usage

python3 ssma.py file.exepython3 ssma.py -k api-key file.exe

Scan documents (i.e. MS Office Word):

Usage

python3 ssma.py -d doc.docx

To get ssdeep hashes use requirements_with_ssdeep.txt Requirements:Python 3Download