It's still under development: goals are adding some functions to make it more advanced and light-weight. Beside other analyze tools, it contains different kind of files to analyze such as .exe, .py, .txt etc. I'm trying to add analyze functions for other kinds of f.types (js | pdf | xls(x) | dll etc.), deep but understandable analyze, integrate to other free services such as VirusTotal, CTI & Malware-based which everyone can use easily. If you have wishes to implement it, don't hesitate :)
Mugetsu - performs several key functions:
-
File Type Analysis: It identifies the type of file being analyzed (Python script, executable, or text file) based on the file extension.
-
Metadata Extraction: It retrieves metadata such as file size and creation time, providing insights into the file's attributes.
-
File Hash Calculation: It calculates the SHA-256 hash of the file, enabling further analysis and comparison.
-
VirusTotal Integration: It interacts with the VirusTotal API to analyze file hashes, retrieving scan results and identifying potential malicious activity.
-
Packer and Obfuscation Detection: It examines executable files for common packers and obfuscation techniques, detecting suspicious features that may indicate malicious intent.
-
String Extraction and Analysis: It extracts strings from binary files and analyzes them for potential indicators of malicious activity, such as suspicious URLs or encoded data.
-
Color-Coded Output: It provides color-coded output to highlight important information and potential threats, enhancing readability and interpretation of analysis results.
-
Command-Line Interface (CLI): It offers a command-line interface for user interaction, allowing users to specify the file to analyze and providing a seamless experience.
These functionalities collectively enable the script to analyze files for malicious activity, detect potential threats, and provide valuable insights to aid in cybersecurity efforts.
Using: python mugetsu.py -f filename
Installation: git clone https://github.com/nijiinhell/mugetsu ; cd mugetsu/
Note: Don't forget to put your VirusTotal API Key and install uninstalled libraries like "pip install [library name]" then enjoy :)