MalwareFileAnalyzer

MalwareFileAnalyzer is a tool for analyzing files to detect indicators of compromise and anomalies. It supports analyzing PE (Portable Executable) and PDF files, as well as checking file hashes with VirusTotal.

Features

• Analyze file properties
• Calculate SHA-256 hash
• In-depth PE header analysis with PeNet.Analyzer
• Analyze PDF content
• Search for indicators of compromise in file content
• Check file hashes with VirusTotal

Prerequisites

• .NET 9.0
• VirusTotal API key

Installation

1. Clone the repository
2. Open the solution in Visual Studio 2022.
3. Add your VirusTotal API key in the MalwareAnalyzer.cs file: private static readonly string VirusTotalApiKey = "YOUR_VIRUSTOTAL_API_KEY";

Usage

1. Run the MalwareFileAnalyzer project.

2. Enter the path of the file to analyze when prompted.

3. The tool will analyze the file and display the results.

Tests

Unit tests are written using xUnit and Moq. To run the tests:

1. Open the Test Explorer in Visual Studio.

2. Run all tests.

Contributing

Contributions are welcome! Please follow these steps to contribute:

1. Fork the repository.
2. Create a branch for your feature (git checkout -b feature/my-feature).
3. Commit your changes (git commit -am 'Add my feature').
4. Push your branch (git push origin feature/my-feature).
5. Open a Pull Request.

License

This project is licensed under the MIT License.