• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
  • / yourpost
home / tools / AMIRA: Automatic malware analysis

AMIRA: Automatic malware analysis

05/10/2020 09:53 by Anastasis Vasileiadis

AMIRA is a service for automatic analysis of OSXCollector files. Automated analysis is performed via OSXCollector output filters.

More specifically, with One Filter to Rule Them All. AMIRA takes care of retrieving the output files from an S3 bucket, running the analysis filter, and then uploading the analysis results back to the S3.

amira github banner - AMIRA: Automatic malware analysis

Architecture

The service uses S3 bucket event alerts to enable resolution. You will need to configure an S3 bucket for the OSXCollector output files so that when a file is added there, the notification will be sent to a series of SQS (AmiraS3EventNotifications in the image below).

AMIRA periodically checks the order for any new messages and when downloaded will get the OSXCollector output file from the S3 bucket. It will then run the analysis filter on the recovered file.

The analysis filter executes all the filters contained in the OSXCollector output filter package sequentially. Some of them communicate with external resources, such as hashes and use Intel API threat machines, e.g. VirusTotal, OpenDNS Investigate or ShadowServer.

The initial output of OSXCollector extends with all this information and the last filter run by the analysis filter summarizes all the findings in human-readable form. Once the filter is complete, the analysis results will be loaded into the S3 results analysis bucket

component diagram 1024x403 1 - AMIRA: Automatic analysis of malware

 

Information about the installation and the use of the program, you will find here.

AMIRA: Automatic malware analysis was last modified: October 5, 2020, 9: 53 am by Anastasis Vasileiadis

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: toolstag: AMIRA, malware analysis

You May Also Like

Sigurlx: Internet mapping tool
Zmap: Simple and fast Network Scanner
reconftw: Simple and easy to use Recon script

About Us Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Previous Post: « Google Maps with updates for COVID-19 COVID-19 When will the vaccine be safe and ready?
Next Post: GIMP 2.10.22 the free… PhotoShop open source for everyone »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loading Cancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.