14 DAY TRIAL // Adobe Systems released an open source tool called Adobe Malware Classifier, designed to aid administrators, security experts and virus analysts determine if a binary file contains pieces of malware.
“Part of what we do at PSIRT is respond to security incidents. Sometimes this involves analyzing malware. To make life easier, I wrote a Python tool for quick malware triage for our team,” Karthik Raman, member of the Product Security Incident Response Team at Adobe, wrote.
“I’ve since decided to make this tool, called ‘Adobe Malware Classifier,’ available to other first responders (malware analysts, IT admins and security researchers of any stripe) as an open-source tool, since you might find it equally helpful,” he explained.
The new application can aid in the development of malware detection signatures, shortening the timeframe in which systems remain vulnerable.
The four machine learning algorithms used by the tool, J48, J48 Graft, PART, and Ridor, analyze seven key features of the Win32 binary that’s being investigated.
After being analyzed, the unknown binary is catalogued as clean, malicious, or unknown. Adobe Malware Classifier is available for download here
Note. My Twitter account has been erroneously suspended. While this is sorted out, you can contact me via my author profile or follow me at @EduardKovacs1