Malwasm is a Cuckoo Sandbox based open source tool that is designed to help malware reverse engineering tasks.

or

Once downloaded you have to extract all the .dll and .exe files of the subfolder

Pintool cannot be put directly inside malwasm due to licence issue. You have to download it by yourself.



Run analysis

You can directly run a sample analysis with utils/submit.py

# standard analysis of the a binary utils/submit.py malware/r.exe # only start record instruction when it pass on adr-start and stop on adr-stop utils/submit.py --options adr-start=0x401290,adr-stop=0x401384 malware/r.exe

If data insertion into malwasm db failed you can re run the insertion with utils/file2db -d /tmp/data/13508268572/ # where /tmp/data is the share folder utils/file2db -d /tmp/data/13508268572/ --pin-param foo # where /tmp/data is the share folder





If you want to clean the database you can use

utils/create_db.py --force

Note: data insertion can take some serious time, so just be patient!





Webservice

To see the report you have to run the webservice

web/malwasm_web.py