SSMA - Simple Static Malware Analyzer
SSMA is a simple malware analyzer written in Python 3.
Searches for websites, e-mail addresses, IP addresses in the strings of the file.
Looks for Windows functions commonly used by malware.
Get results from VirusTotal and/or upload files.
Malware detection based on Yara-rules - https://virustotal.github.io/yara/
Detect well-known software packers.
Detect the existence of cryptographic algorithms.
Detect anti-debug and anti-virtualization techniques used by malware to evade automated analysis.
Find if documents have been crafted to leverage malicious code.
git clone https://github.com/secrary/SSMAcd SSMAsudo pip3 install -r requirements.txtpython3 ssma.py -h
You can just statically scan the file or upload to VirustTotal using your API-KEY.
python3 ssma.py file.exepython3 ssma.py -k api-key file.exe
Scan documents (i.e. MS Office Word):
python3 ssma.py -d doc.docx
To get ssdeep hashes use requirements_with_ssdeep.txt