Dynamic malware analysis tool for Windows as a final year
Equipped with features to hook into a Windows executable and
provide deep information on the type in information it is
accessing, along with modification tools at a low-level basis.
Maldive comes equipped with several features to help investigate
the behaviour and inner workings of a program
x86 View and Modification
The x86 instruction set of a .exe file can be viewed and
modified, allowing for the execution of altered programs to
see how using different instructions changes its behaviour.
Virtual Memory Scanner
The virtual memory space of a program can contain valuable
towards analysing a program for malicious intent. Maldive
investigates the virtual memory and extracts values and
provides a feature to search through the space.
The packets that are sent by the system can be viewed, showing
if there is outbound traffic to an external source that could
contain sensitive information.
The documents that were produced as part of this program are