MalTrap is a research utility that monitors malware behavior by intercepting API calls and logging results.

Features

* Over 200 API’s are intercepted. Better results and little noise.
* Only relevant API parameters are displayed (highly descriptive).
* Only relevant API return values are displayed (highly descriptive).
* PID separation – API calls are logged based on the process
* PC shutdown attempts are prevented
* Anti-Debugging attempts are logged (SoftICE, RegMon, FileMon, Generic)
* Key-logging attempts are logged
* Internet traffic is logged and detailed (Winsock, FTP, HTTP, IRC, …)

http://www.maltrap.com/downloads/maltrap_setup.exe

MalTrap is not to be used in commercial or production environments.

Release notes for v1.0 alpha:
MalTrap only works on WinXP x86
MalTrap requires .NET Framework 2.0+ and Visual C++ 2008 Runtimes
If you see startup errors or little/no output install the above.
Please report bugs to jayem–at–maltrap[.]com.
Lots of cool new features coming soon!

[招生]科锐逆向工程师培训(2024年11月15日实地，远程教学同时开班, 第51期)