Zero Wine is a malware's behavior analysis tool. Just upload your suspicious PE file (windows executable) through the web interface and let it analyze the behaviour of the process.
Release Date:
Topics:
License:
Operating System:
Intended Audience:
User Interface:
Database Environment:
Programming Language:
Registered:
Ratings and Reviews
- Thumbs up: 2
- Thumbs down: 0
-
Thumbs up
-
Thumbs up
Project Feed
-
zerowine 0.0.2 file released: zerowine_vm-0.0.2.1.tar.gz.md5
Joxean Koret - 2009-01-10 * Added python-ptrace to the virtual machine. * Added script memory_dump.py to dump the malware while running. * Added an small database of Virtual Machine detection tricks. * Updated PEFile to the latest version. * Added detection for anti-debugging techniques. * Added support to download memory dumps. * Drastically reduced the prebuilt Virtual Machine's image.
-
zerowine 0.0.2 file released: zerowine_vm-0.0.2.1.tar.gz
Joxean Koret - 2009-01-10 * Added python-ptrace to the virtual machine. * Added script memory_dump.py to dump the malware while running. * Added an small database of Virtual Machine detection tricks. * Updated PEFile to the latest version. * Added detection for anti-debugging techniques. * Added support to download memory dumps. * Drastically reduced the prebuilt Virtual Machine's image.
-
File released: /zerowine/0.0.2/zerowine_vm-0.0.2.1.tar.gz.md5
-
File released: /zerowine/0.0.2/zerowine_vm-0.0.2.1.tar.gz
-
Zerowine version 0.0.2 released
I'm pleased to announce the new version of Zerowine, a sandbox for malware analysis. The following are the new (sexy) features I added to the project: * Added python-ptrace to the virtual machine. * Added script memory_dump.py to dump the malware while running (commonly unpacked). * Added an small database of Virtual Machine detection tricks. * Updated PEFile (By Ero Carrera) to the latest version. * Added detection for anti-debugging techniques. * Added support to download memory dumps. * Drastically reduced the prebuilt Virtual Machine's image.
-
zerowine 0.0.2 file released: zerowine_vm-0.0.2-src.tar.gz
Joxean Koret - 2009-01-10 * Added python-ptrace to the virtual machine. * Added script memory_dump.py to dump the malware while running. * Added an small database of Virtual Machine detection tricks. * Updated PEFile to the latest version. * Added detection for anti-debugging techniques. * Added support to download memory dumps. * Drastically reduced the prebuilt Virtual Machine's image.
-
File released: /zerowine/0.0.2/zerowine_vm-0.0.2-src.tar.gz
-
Zero Wine: Malware Behavior Analysis
Zero wine is a sandbox created with WINE and QEmu to (automatically) analyze malware. It's behavioral based: Just upload your malware to the zero wine's web server and let it analyze the malware's behavior by running it in a isolated double virtual environment (Wine running under QEmu). The very first release consist in a prebuilt QEmu virtual machine (the recommended way) or the source code (see the file INSTALL).
-
zerowine zerowine 0.0.1 (prebuilt QEmu virtual machine) file released: zerowine_vm.tar.bz2
-
zerowine zerowine 0.0.1 file released: zerowine-0.0.1.tar.gz
Rate and Review
Related Projects
-
-
-
Malware Analysis Virtual Machine Monitor
This project aims to build a hardware supported VMM for malware analysis. We are using AMD SVM and Linux. Our hypervisor is designed for minimal detectability. It is very small (~150KB), simple and well documented. It could be modified for other purposes
Zero Wine Malware Analysis Tool Actions
About SourceForge
Develop Software
Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use
