Pierluigi Paganini February 06, 2019

Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules..

I’v been working on cybersecurity for most than 10 years. During my career, I’ve held numerous roles which took me facing many problems: I had to solve technical issues as well as management, economic and financial ones. Every time I needed a “tool” to help a decision or to solve a technical question I started by seeking on “sourceforge/github” looking for something that would fit my needs. If what I needed wasn’t there, I’ve always built it on my own by using what was available at that time. Nowadays, those tools are still producing data which I believe might be useful to many people. Today I’d like to introduce you a simple but interesting malware catching tool base on static YARA rules that is available HERE.

It takes sample feeds and it analyses them against hundreds of YARA rules. Some of them are publicly available some other have been written on my own. The engine is quite slow right now, but it has analysed several recent Samples. You might decide to get deep into last processed samples by clicking on table raw (which highlights last 10 processed samples) or to search for a specific hash by pasting your desired sha256 and clicking on the “Search” button.

In both ways, a modal form will appear showing out the rules that match the hash you asked for. Since it’s a personal platform it could be quite slow so far. Hope you enjoy it! Have fun

About the author: Marco Ramilli, Founder of Yoroi

I am a computer security scientist with an intensive hacking background. I do have a MD in computer engineering and a PhD on computer security from University of Bologna. During my PhD program I worked for US Government (@ National Institute of Standards and Technology, Security Division) where I did intensive researches in Malware evasion techniques and penetration testing of electronic voting systems.

I do have experience on security testing since I have been performing penetration testing on several US electronic voting systems. I’ve also been encharged of testing uVote voting system from the Italian Minister of homeland security. I met Palantir Technologies where I was introduced to the Intelligence Ecosystem. I decided to amplify my cybersecurity experiences by diving into SCADA security issues with some of the biggest industrial aglomerates in Italy. I finally decided to found Yoroi: an innovative Managed Cyber Security Service Provider developing some of the most amazing cybersecurity defence center I’ve ever experienced! Now I technically lead Yoroi defending our customers strongly believing in: Defence Belongs To Humans

Edited by Pierluigi Paganini

(Security Affairs – MartyMcFly, malware)

[adrotate banner=”5″]

[adrotate banner=”13″]