Autovin

Autovin is a tool for analyzing the behavior of Windows PE-executables with special focus on the analysis of malware. Execution of Autovin results in the generation of a report file that contains enough information to give a human user a very good impression about the purpose and the actions of the analyzed binary.

The generated report includes,

- Files created by the malware.
- logs all generated network traffic.
- Detailed data about modifications made to the Windows registry
- Capture all running process

The analysis is based on running the binary in an emulated environment and watching i.e. analyzing its execution. The analysis focuses on the security-relevant aspects of a program’s actions, which makes the analysis process easier and because the domain is more fine-grained it allows for more precise results. It is the ideal tool for the malware and virus interested person to get a quick understanding of the purpose of an unknown binary.

Autovin is still a new project. If you have any questions, suggestion, bug reports or comments please do not hesitate to contact us at labs@security.net.my

Credit :

- Panda Security Malaysia
- vnsecurity.net
- security.org.my (Honeynet, Malaysian Chapter)