SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states.
SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system.
SysAnalyzer can automatically monitor and compare:
Running Processes
Open Ports
Loaded Drivers
Injected Libraries
Key Registry Changes
APIs called by a target process
File Modifications
HTTP, IRC, and DNS traffic
SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks:
Create a memory dump of target process
parse memory dump for strings
parse strings output for exe, reg, and url references
scan memory dump for known exploit signatures
Full GPL source for SysAnalyzer is included in the installation package.
Download:
http://labs.idefense.com/doDownload.php?downloadID=15