dorothy2 (09/24/2013 07:29 PM)
Dorothy2 -- Code Repository/Tracker
Dorothy2 is a customized framework created for mass malware analysis. Currently, it is mainly based on analyzing the network behavior of a virtual machine where a suspicious executable was executed. Additionally, it is able to recognize new spawned processes by comparing them with a previously created baseline. Static binary analysis and an improved system behavior analysis will be shortly introduced in the next versions....