[Pauldotcom] Malware URL Analysis
pj_mcgarvey at hotmail.com
Wed Apr 21 00:54:39 UTC 2010
This has been discussed before on the list so check the archives, but personally I use almost on a weekly basis, the various tools at: http://anubis.iseclab.org/, including the one to submit a URL.
I've also in the past used HTTrack to download files, and a proxy tool such as Fiddler to customize the requests and analyze the responses... all of course, from a VM or other dedicated analysis machine, off the production network.
As someone else mentioned, Google is your friend, so just googling the URL, or part of it usually gives you a good idea of the nature of the site. A google search like "site:threatexpert.com <filename>.exe" or "site:iseclab.org <URL>" will give you access to many already analyzed binaries.
From: craigfreyman at gmail.com
Date: Tue, 20 Apr 2010 09:44:40 -0600
To: Pauldotcom at mail.pauldotcom.com
Subject: [Pauldotcom] Malware URL Analysis
Is there a site like virustotal.com that you can submit URLs to see if they are malicious?
Hotmail is redefining busy with tools for the New Busy. Get more from your inbox.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pauldotcom