The Automated Malware Analysis Tool is a security-focused Python application that scans files for potential malware threats. It integrates static analysis, behavioral monitoring, and VirusTotal API checks to provide comprehensive insights into file safety.
-
Static Analysis
- Uses signature-based detection to identify malware.
- Extracts PE file metadata and hashes for deep inspection.
-
Behavior Monitoring
- Observes system processes and registry changes for suspicious activity.
- Detects unauthorized modifications in startup keys.
-
VirusTotal Integration
- Queries VirusTotal to check if the file is flagged by known antivirus engines.
- Uploads new files for analysis if they are not found in the VirusTotal database.
-
Automated Reporting
- Stores scan results in a database.
- Generates a detailed log of all scans for further analysis.
-
User-Friendly GUI
- Built with
customtkinterfor an intuitive scanning experience. - Displays real-time status updates and scan results.
- Built with
- Python: Core programming language.
- SQLite: Stores analysis reports for review.
- Requests: Fetches data from VirusTotal API.
- Psutil: Monitors running processes.
- Tkinter (CustomTkinter): Provides a user-friendly interface.
- PEFile: Parses Portable Executable (PE) files for static analysis.
- Go to VirusTotal API
- Sign in / Sign up
- Copy your API key
- Paste it in API_KEY inside
config.env
git clone https://github.com/whitehatboy005/Automated-Malware-Analysis
cd Automated-Malware-Analysispip install -r requirements.txtnotepad config.envpython main.pyThis project is licensed under the terms of the MIT license.