Home 0P3N Blog SSMA - Simple Static Malware Analyzer
Ready to Start Your Career?
Create Free Account
Jimakoch s profile image
By: Jimakoch
December 3, 2016

SSMA - Simple Static Malware Analyzer

By: Jimakoch
December 3, 2016
Jimakoch s profile image
By: Jimakoch
December 3, 2016

coding-1841550_1280

SSMA is a simple malware analyzer written in Python 3.

Features:

  • Searches for websites, e-mail addresses, IP addresses in the strings of the file.

  • Looks for Windows functions commonly used by malware.

  • Get results from VirusTotal and/or upload files.

  • Malware detection based on Yara-rules - https://virustotal.github.io/yara/

  • Detect well-known software packers.

  • Detect the existence of cryptographic algorithms.

  • Detect anti-debug and anti-virtualization techniques used by malware to evade automated analysis.

  • Find if documents have been crafted to leverage malicious code.

Usage

git clone https://github.com/secrary/SSMAcd SSMAsudo pip3 install -r requirements.txtpython3 ssma.py -h

You can just statically scan the file or upload to VirustTotal using your API-KEY.

Usage

python3 ssma.py file.exepython3 ssma.py -k api-key file.exe
image-2image-3

Scan documents (i.e. MS Office Word):

Usage

python3 ssma.py -d doc.docx

To get ssdeep hashes use requirements_with_ssdeep.txt Requirements:Python 3Download

Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry