Freki: An Automated Malware Analysis Tool

DOI: https://doi.org/10.5753/sbseg_estendido.2021.17340

Abstract


Malware analysis is of utmost importance for information security. However, while many tools attempt to automate this process, few have a local installation option and a centralized environment for analyzing and exposing results. Furthermore, API query limitations and high license prices make these tools unattractive for newcomers to the field. This work proposes Freki, an open-source tool for automated analysis of malicious programs. The solution features a simple and intuitive interface in which users can submit files for analysis and promptly obtain the results obtained by the system. In addition, the proposed system delivers a REST API that allows new analyzes and queries to already investigated binaries via hash, allowing Freki to be the basis for the development of new applications for malware analysis.

Keywords: Malware analysis, Computer forensics

References

Aslan, Ö. A. and Samet, R. (2020). A comprehensive review on malware detection approaches. IEEE Access, 8:6249–6271.

Carrera, E. (2015). pefile. https://github.com/erocarrera/pefile.

Chakkaravarthy, S. S., Sangeetha, D., and Vaidehi, V. (2019). A survey on malware analysis and mitigation techniques. Computer Science Review, 32:1–23.

Chesneau, B. (2009). Gunicorn wsgi http server for unix. https://gunicorn.org/.

FireEye (2020). capa. https://github.com/fireeye/capa.

Gandotra, E., Bansal, D., and Sofat, S. (2014). Malware analysis and classification: A survey. Journal of Information Security, 2014.

Kaur, G. and Nagpal, B. (2012). Malware analysis & its application to digital forensic. International Journal on Computer Science and Engineering (IJCSE), 4(04):622–626.

Kris Kendall, J. K. and Mikus, N. (2001). Foremost. http://foremost.sourceforge.net.

Malwarebytes (2020). 2020 state of malware report. [link].

Pallets (2010). Flask documentation. https://flask.palletsprojects.com/en/2.0.x/.

Singh, J. and Singh, J. (2018). Challenge of malware analysis: malware obfuscation techniques. International Journal of Information Security Science, 7(3):100–110.

SQLAlchemy (2018). Sqlalchemy - the database toolkit for python. https://www.sqlalchemy.org/.

VirusTotal (2012). Yara. https://github.com/VirusTotal/yara.
Published
2021-10-04
How to Cite

Select a Format
SOUZA, Cristian H. M.; SILVA, Felipe S. Dantas. Freki: An Automated Malware Analysis Tool. In: TOOLS - BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 21. , 2021, Evento Online. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2021 . p. 58-65. DOI: https://doi.org/10.5753/sbseg_estendido.2021.17340.