If you have an interest in malware analysis (like myself and some other of our writers), we have big news for you … Lenny Zeltser has just updated REMux to version 4! For those that aren’t familiar with this great Linux distro it is loaded with tools for static analysis as well as various services for simulating networks required for dynamic analysis.
One of the big updates includes an additional release of the REMnux in the Open Virtualization Format (OVF/OVA) format for those on VirtualBox or other VM platforms. Out of all the new tools I like ExifTool, which is great removing exif data from images and other files, and MASTIFF just released at ShmooCon this year. Here’s a complete list from Lenny’s blog post on the key updates and new tools.
- Core System: Upgraded the underlying Ubuntu OS components and packages; increased default RAM of the virtual appliance to 512MB; replaced OpenJDK with Oracle Java 7 runtime.
- Memory Analysis: Updated Volatility to version 2.2.
- PDF Analysis: Updated pdfid and pdf-parser, Origami, peepdf
- Web Analysis: Updated SWFTools, V8, libemu, NetworkMiner, Burp Proxy, Wireshark, Firefox and its add-ons.
- Other Changes: Updated xorsearch, DensityScout, Pyew, passive-dns, ClamAV, capabilities.yara; replaced FreeMind with XMind
- Windows Tools: Installed Wine; added OfficeMalScanner, Malzilla
- XOR Analysis: Added NoMoreXOR, brutexor, XORBruteForcer
- PE File Analysis: Added pev, dism-this, ExeScan, udis86 (udcli), autorule (/usr/local/autorule), distool
- Other File Analysis: Added extract_swf.py, ExifTool, MASTIFF
- Other Additions: Added hack-functions (/usr/local/hack-functions), bulk_extractor, ProcDot
Lenny will also be doing a free webcast on April 29th covering all the updates and new tools.
Source: “New Release of REMnux Linux Distro for Malware Analysis” – Zeltser.com