Open Source automatic analysis tool for Flash available

by | Apr 16, 2019

FireEye has released an Open Source tool to automate the analysis of SWF files in Flash. It’s called FLASHMINGO and it enables analysts to triage suspicious Flash samples and investigate them further with minimal effort. It can be both integrated into various analysis workflows as a stand-alone application or can be used as a powerful library.

Even though Flash is set to reach its end of life at the end of 2020 and most of the development community has moved away from it a long time ago, from FireEye they predict that “we’ll see Flash being used as an infection vector for a while. Legacy technologies are juicy targets for attackers due to the lack of security updates”, says Carlos Garcia Prado in a blog post published in FireEye website.

FLASHMINGO provides malware analysts a flexible framework to quickly deal with pesky Flash samples without getting bogged down in the intricacies of the execution environment and file format.

“FLASHMINGO is a collection of plug-ins that operate on the SWFObject and extract interesting information. Users can easily extend the tool’s functionality via custom Python plug-ins”, explains Prado.

Several useful plug-ins covering a wide range of common analysis are already included with FLASHMINGO:

  • Find suspicious method names.

  • Find suspicious constants.

  • Find suspicious loops.

  • Retrieve all embedded binary data.

This tool can be downloaded from the FireEye public GitHub Repository.

For more details see the source article here.

SHARE

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Recent posts

VDI: The most secure environment for hybrid working

Today is Data Privacy Day. The purpose of this date is to raise awareness and promote privacy and data protection best practices. It was initiated by the European Commission, the Council of Europe, and the Data Protection authorities of the European Union’s member states. Their main goal was to drive attention to the importance of privacy, user data protection, and compliance of the General Data Protection Regulation (RGPD). It is a regulation characterized by significant fines for non-compliance since its implementation in 2018.

How to avoid issues with virtual machines

Virtualization comes with a wide range of benefits for organizations. It helps cut IT costs and reduces downtime while increasing efficiency and productivity. It also increases the resiliency of networks, primarily when disasters occur, and promotes more green-friendly operations.

However, using virtual machines also comes with a set of downsides. Information security may get compromised, workloads mixed up, separation duties lost, among other issues. It is vital to know how you can get over these problems, and that’s what this article will discuss.

Let’s get started.

Archives


Stay up to date with all the news from UDS ENTERPRISE through our social networks. Follow us!

Skip to content