🛡️ Malware Analysis Tool — Internship Project
Project Title: Malware Analysis Tool Description: Developed during my cybersecurity internship to perform static and dynamic analysis of Windows executables. A Python-based tool designed to help security analysts and interns inspect binaries, extract metadata, monitor runtime behavior, and generate structured analysis reports.
🚀 Project Overview
This project was completed as part of my internship to showcase practical skills in malware analysis. The tool provides a command-line interface to conduct both static and dynamic analysis of Portable Executable (PE) files on Windows, with detailed reporting in JSON or CSV format.
It is useful for:
Malware reverse engineering
Threat research
Incident response
Security training and learning
✅ Key Features Static Analysis
✅ Compute file hashes: MD5, SHA1, SHA256
✅ Extract PE metadata: Entry point, imports, image base, sections, etc.
✅ Disassemble the first instructions of binaries using Capstone.
✅ Optional YARA rules scanning for known threats.
Dynamic Analysis
✅ Monitor running processes
✅ Inspect network connections
✅ Watch file changes in a directory during execution (sandbox monitoring)
Reporting
✅ Generate structured reports in JSON or CSV formats
✅ Organized output for analysis and documentation
CLI-based Control
--static → Run static analysis only
--dynamic → Run dynamic analysis only
--all → Run both static and dynamic analysis
--output → Specify report output path
⚙️ Installation
Clone the repository:
git clone https://github.com//Malware-Analysis-Tool.git
Navigate into the project folder:
cd Malware-Analysis-Tool
Create a Python virtual environment:
python -m venv venv
Activate the virtual environment:
Windows PowerShell:
.\venv\Scripts\Activate.ps1
Windows CMD:
.\venv\Scripts\activate.bat
Install dependencies:
pip install -r requirements.txt
🚀 Usage
Run analysis using:
python main.py --file "C:\path\to\sample.exe" --static --output reports\static_report.json
Examples:
python main.py --file "C:\samples\test.exe" --static
python main.py --file "C:\samples\test.exe" --dynamic
python main.py --file "C:\samples\test.exe" --all --output reports\final_report.json
📁 Output
Reports are saved in the specified folder in JSON or CSV format for easy viewing and documentation.
💼 Internship Outcome
This project was developed as a capstone project during my internship to demonstrate applied knowledge in malware analysis and threat intelligence. It can be expanded to include advanced YARA scanning, automated sandboxing, and integration with threat intelligence platforms.
📂 Repository
View the project on GitHub: 🔗(https://github.com/shaikhobaid76/Malware_Tool/tree/main)
🛠 Technologies Used
Python 3
pefile
capstone
psutil
watchdog
yara-python (optional)
📝 License
This project is for educational purposes only. Do not use for malicious purposes.