This repository contains Python scripts and tools for analyzing malware and performing various analysis tasks on binary files. The scripts utilize popular libraries like pefile for parsing PE files, hashlib for calculating file hashes, and OTXv2 for retrieving threat intelligence data from AlienVault OTX.
- Hexadecimal Editor: View the hexadecimal representation of a binary file.
- File Hashes: Calculate MD5, SHA-256, and SHA-1 hashes of the file.
- Import Analysis: Analyze imported DLLs and their functions in PE files.
- AlienVault OTX Integration: Retrieve threat intelligence data using MD5 hash from AlienVault OTX.
- String Extraction: Extract printable strings from the binary file.
- Python 3.x
- pefile: Install using
pip install pefile - OTXv2: Install using
pip install OTXv2
- Clone the repository:
git clone https://github.com/your-username/PythonMalwareAnalysis.git - Replace
OTX_API_KEYwith your valid AlienVault OTX API key in the Python scripts. - Run the Python scripts using
python script_name.pyand provide the path to the binary file you want to analyze.
Disclaimer: The tools provided in this repository are for educational and research purposes only. Use them responsibly and only on files you trust or have the permission to analyze. The authors are not responsible for any misuse of these tools.
Contributions to this repository are welcome! If you have improvements or new features to add, feel free to submit a pull request. Please ensure your code is well-documented and follows the established coding style.