Building an Automated Behavioral Malware Analysis Environment using Open Source Software

by Jim Clausing
Sept. 1, 2017 0 comments SANS Institute tools

This paper describes how an automated behavioral malware analysis environment for analyzing malware targeted at Microsoft Windows can be built using free and open source software. The environment described here is an evolving work-in-progress, but what is in place to date is the culmination of lessons learned over the last two years of development by the author. This work was done as part of the author's employment with the AT&T Chief Security Office. While the author uses the royal “we” in places throughout the paper, the work is that of the author except where noted.