Author: David Zimmer
Date: 11.13.13 - 2:41am
I have slowly been doing updates to the SysAnalyzer/Malcode Analyst Pack codebase in my personal time, which i have just released live, that add some new automated analysis capabilities.
Here is a quick video detailing some of the updates. If the video looks fuzzy, make sure to set the quality to HD.
One correction for the video, i doubled checked the database, the reason some of the system dlls were showing up in red and being saved is because of windows update, sysanalyzer was detecting the patched files and alerting on it ;)
One other thing not shown in the video, is that you can manually open analysis folders in the report viewer interface after the fact. Its basically a specialized file system browser with malware analysis tools built in like directory hashing etc. You can even open the top level folder than contains a bunch of analysis folders, and compare and contrast them all from one interface jumping back and forth. This is turning out to be quite handy.
The Malcode Analyst Pack has also still been receiving some updates