Practical Malware Analysis Starter Kit

Package last updated: 2016-05-14

This package contains most of the software referenced in Practical Malware Analysis. Some of the links have broken over time, some companies have folded or been bought. I’ve done what I can to compile it all in one place for my own convenience and I figured I’d share it. It contains:

Docs and Licenses when given are in their own folders.

I recommend you add the “Portable Binaries” folder to your Windows PATH.

WARNING: This is not a toy. There are malicious code samples provided in the labs. Poison Ivy is real C2 malware. Use extreme caution with this software.

COPYRIGHT: I do not claim copyright to any of the software packaged. All software provided was freely available online, and included in one place for your convenience.

PASSWORD: The password to open the zip is “malware” with no quotes. You will likely need to make exceptions in your AV for the folder you place and extract this package.

REGARDING SOFTICE: The provided build of SoftICE is a pirated scene release from 2000. I would consider it abandonware, as it has changed hands from NuMega to Compuware and again to Micro Focus, who has not released or updated the software. It has not received an update nor been available for purchase in ten years. If you are uncomfortable having this software, simply delete SoftICE427installnt.exe, SI405w9x.exe, and the SoftICE 4.05 NT and XP folder from Setup Binaries. It was exceedingly difficult to find the Windows XP version so I have included it for posterity.

REGARDING LORDPE: LordPE looks like a pirated scene release but was actually created as a scene tool.

Download: zip or torrent.

comments powered by Disqus