VirusBattle SDK v0.4
Status: Jan 20th, 2016: VirusBattle access is restricted for experiment.
The VirusBattle SDK (vbSDK) provides access UL Lafayette's VirusBattle Automated Malware Analysis webservice. These are python scripts providing, both, command-line and python package, access to VirusBattle. Furthermore, VirusBattle uses a RESTful interface and thus can be accessed with any programming language.
This wiki documents the command-line access. Documentation of the python package access and RESTful interface will be developed later (on demand).
VirusBattle provides the following automated malware analysis services.
- Unpacking: Unpack PE-32 files for a large variety of unpackers using VM Introspection- monitoring execution below ring 0.
- Reverse Engineering: Calculate abstract semantics- BinJuice of basic blocks in disassembly, generate Callgraph Graphs, APIFlow Graphs and extract strings.
- Semantic Matching: Make code similarity queries at both procedure and binary levels of granularity.
OVERVIEW OF OPERATIONS
- GETTING STARTED
- USE CASES
- USAGE INSTRUCTIONS
- DATA MODEL
- COMMAND REFERENCE