一次利用Python开源工具的恶意代码分析实践

AbstractThe proliferation of malicious code has caused great economic losses tomany users and enterprises.The producers of malicious code have done a lotof work on the anti-analysis technology of malicious code for the benefit,and the technical methods adopted are becoming more and more complicated,and it is very difficult to defend.Therefore,the detection and analysis ofmalicious code also becomes very important.This article mainly describes malicious code,classifies it,establishes theresearch of malicious code through the current status of malicious code,andlaunches a series of elaboration on malicious code analysis technology.Analysis of signatures,behavioral characteristics,and file integrity,malicious code calls the system dynamic link library when the simulationanalysis tool is running,and dynamic analysis of all possible execution pathsof malicious code in memory.Using various open source tools to analyzemalicious code,in order to avoid the flow of malicious code,implement thecapture behavior characteristics in the sandbox,and give a visual analysisreport,provide strong support for research analysis,detection of maliciouscode and subsequent technical research The analysis of malicious programsis a reference.Key word:Malicious code Open source tools Behavioral characteristicsBehavior analysis Sandbox technology