anubis left
Anubis - Learn about the Anubis Malware Analysis Tool
register / login
anubis right

About Anubis

Anubis is sponsored by Lastline, Inc., and Secure Business Austria, and developed by the International Secure Systems Lab. We are a small team of enthusiastic security professionals doing research in the field of computer security and malware analysis. Our goal is to provide interested and advanced computer users with a tool that helps in combatting malware. This is why we provide this service free of charge.

Note that access to Anubis is provided for internal use by end-users only. All other commercial uses are expressly prohibited. Note that many of the research ideas behind Anubis are brought to the next level by Lastline, Inc., a security company that brings our academic research to the market.

Anubis is a tool for analyzing the behavior of Windows PE-executables with special focus on the analysis of malware. Execution of Anubis results in the generation of a report file that contains enough information to give a human user a very good impression about the purpose and the actions of the analyzed binary. The generated report includes detailed data about modifications made to the Windows registry or the file system, about interactions with the Windows Service Manager or other processes and of course it logs all generated network traffic. The analysis is based on running the binary in an emulated environment and watching i.e. analyzing its execution. The analysis focuses on the security-relevant aspects of a program's actions, which makes the analysis process easier and because the domain is more fine-grained it allows for more precise results. It is the ideal tool for the malware and virus interested person to get a quick understanding of the purpose of an unknown binary.

Anubis is the result of more than three years of programming and research. We have designed Anubis to be an open framework for malware analysis that allows the easy integration of other tools and research artifacts. This will allow us to integrate new research prototypes produced by our group into Anubis as soon their code base is stable enough.

If you have any questions, bug reports or comments please do not hesitate to contact us at anubis@iseclab.org.


Last Modified: 2014-01-22 Valid XHTML 1.0 Strict

International Secure Systems Lab
Contact: anubis@iseclab.org