In the malware analysis course I teach at SANS Institute, I explain how to reverse-engineer malicious software. It is an interesting, but time-consuming process if you don’t have the right skills and tools at hand. There are several free malware analysis sandboxes and services that can examine malicious artifacts automatically. They can save time and provide an overview of the specimen’s capabilities, so that analysts can decide where to focus their more manual analysis efforts:
- Akana (Android files)
- Binary Guard True Bare Metal
- BitBlaze Malware Analysis Service
- Comodo Automated Analysis System and Valkyrie
- Deepviz Malware Analyzer
- Detux Sandbox (Linux binaries)
- EUREKA Malware Analysis Internet Service
- Joe Sandbox Document Analyzer (PDF, RTF and MS Office files)
- Joe Sandbox File Analyzer (EXE and DLL files)
- Joe Sandbox APK Analyzer (Android files)
- Malwr (also see MalwareViz)
- VxStream Sandbox (Hybrid Analysis)
If you’re interested in setting up your own automated malware analysis tools, take a look at my note regarding Free Toolkits for Automating Malware Analysis. These are the services I have come across.
If you know of another reliable and free service I didn’t list, please let me know. My other lists of on-line security resources outline Blocklists of Suspected Malicious IPs and URLs and On-Line Tools for Malicious Website Lookups.