52ky 发表于 2022-9-12 12:52:05

病毒分析工程师专用病毒分析工具

MyMonitor是一款病毒监控分析工具软件。在分析病毒过程中,要么使用各种监控工具进行监控,可是这要从很多的信息中筛选病毒信息,工作费事枯燥,而更为烦恼的是看那些冗杂的反汇编代码,如果病毒样本没有加密,没有加壳那还要简单些,可是当今盛行的病毒使用了很多的反分析技术,如反调试,花命令,加壳,加密,双进程,远程注入,服务等等。一旦病毒使用这些反分析技术,这使得病毒分析工作变的非常艰难。这儿推荐mymonitor,可以将病毒样本直接拖放到mymonitor监控工具中,然后它将监控该样本所调用的大多数病毒相关的api,待病毒退出后将生成一份报告。这样,分析人员无需再去解密,脱壳,去花命令。它简化了病毒分析工作。

(MyMonitor is a virus monitoring and analysis tool software. In the process of virus analysis, various monitoring tools are used for monitoring, but it is necessary to screen virus information from a lot of information, and the work is tedious and tedious, and what is more annoying is to look at those complicated disassembly codes. If the virus sample is not encrypted , It would be simpler without a packer, but today's popular viruses use a lot of anti-analysis techniques, such as anti-debugging, flower commands, packers, encryption, dual processes, remote injection, services and so on. Once the virus uses these anti-analysis techniques, it makes the virus analysis work very difficult. Mymonitor is recommended here. You can drag and drop the virus sample directly into the mymonitor monitoring tool, and then it will monitor most of the virus-related APIs called by the sample, and will generate a report after the virus exits. In this way, analysts no longer need to decrypt, unpack, and spend commands. It simplifies virus analysis.)




页: [1]
查看完整版本: 病毒分析工程师专用病毒分析工具