Malware analysis consists of two phases - static and dynamic analysis. Dynamic analysis, or analyzing the behavior of a sample, has already been automated in numerous projects. Static analysis, or analyzing key characteristics of a sample, has not. Therefore, responders must run tools by hand or put together scripts that automate the process. This leads to situations where analysis occurs more slowly or inefficiently.
To alleviate this, we have developed MASTIFF, a new open-source static analysis automation framework. This presentation will introduce MASTIFF and discuss:
Demonstrations of MASTIFF on malicious files will also be performed.