Saferwall: One of the best Sandbox for malware analysis

Saferwall is an analytics platform open source software .

It has the following goals:

  • Provides a collaborative platform for sample sharing between malware researchers.
  • Acts as a system expert to help researchers create an automated malware analysis report.
  • Analyzes the platform to find new malware.
  • Quality assurance for pre-release signature.

 

Specifications

  • Static analysis:
  1. Crypto hashes, device recognition
  2. Ex of Strings
  3. Portable executable file analysis program
  • Multiple AV scanner including important ones  virus protection:

Installation

Saferwall takes advantage of kubernetes for its high availability, scalability and huge system behind it.
Everything runs in the . You can either deploy it in the cloud or host it yourself.
To facilitate the operation of a Kubernetes cluster, you can use since . It automatically provides a suite of kubernetes hosted on AWS, GCE, DigitalOcean or OpenStack but also on dedicated servers. Currently only AWS is officially supported.

Steps for development in AWS:

  1. Clone the project: git clone https://github.com/saferwall/saferwall
  2. Using linux debian, make sure the build-essentials are installed with: sudo apt-get install build-essential.
  3. Rename envna .env and fill in the AVS codes you have.
  4. Install the make saferwall.
  5. Edit deployments / values.yaml to suit your needs.
  6. elasticsearch logs:

Project architecture

Here is a basic workflow that occurs when scanning a file:

  • The frontend communicates with the backend via REST APIs.
  • Backend uploads samples to storage.
  • Backend forwards a message to the scan queue.
  • The consumer retrieves the file and copies it to the shared nfs, avoiding sampling it in any container.
  • Consumers call scanning services asynchronously (such as AV scanners) via gRPC calls and wait for results.

You can download the program from here.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).