Skip to content

SerTinai/GETHash256

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
GetHash256
GetHash256
 
 
.gitignore
.gitignore
 
 
GetHash256.slnx
GetHash256.slnx
 
 
README.md
README.md
 
 

Repository files navigation

🛡️ Sentinel Malware Analysis Engine - Phase 1

This repository contains the first phase (Static Analysis) of a modular malware analysis engine built with Advanced C#.

📊 Phase 1: Static Analysis Report

======================================================================
         MALWARE ANALYSIS ENGINE - PHASE 1: STATIC ANALYSIS REPORT
======================================================================
File Path: C:\Users\PC\Desktop\notepad.exe
Analysis Date: March 10, 2026
Developer: SerTinai
----------------------------------------------------------------------

STEP 1 (1/1): HASH ANALYSIS (Identity Identification)
-----------------------------------------------------
* Technique: SHA-256 Algorithm
* Implementation: System.Security.Cryptography (SHA256.Create)
* Purpose: To extract the unique digital fingerprint of the file.
* Findings: 84b484fd3636f2ca3e468d2821d97aacde8a143a2724a3ae65f48a33ca2fd258
* Note: This hash confirms that the file is not the original Microsoft 
  Notepad but a modified version.

STEP 2 (1/2): STRINGS ANALYSIS (Data Mining)
--------------------------------------------
* Technique: Raw Byte Scanning (ASCII 32-126)
* Implementation: File.ReadAllBytes & Char Conversion
* Purpose: To reveal hidden URLs and hardcoded commands within the binary.
* Findings: Exported to 'analiz_sonuclari.txt'.

STEP 3 (1/3): HEURISTIC/POWERSHELL ANALYSIS (Behavioral Filtering)
------------------------------------------------------------------
* Technique: Regex-based keyword scanning via PowerShell.
* Findings: 
    - [OpenClipboard]: Potential for monitoring clipboard data.
    - [RegCreateKey]: Intent for persistence (Windows Registry).
    - [http]: Capability for external communication.

STEP 4 (1/4): IMPORT ANALYSIS (Dependency & Privilege Analysis)
---------------------------------------------------------------
* Technique: DLL and API Import Table Scanning.
* Implementation: Dictionary and LINQ Filtering.
* Note: Detects evasion attempts via legitimate system tools (User32, Advapi32).
======================================================================

🛠️ Software Architecture (C# Core)
The engine is built on Object-Oriented Programming (OOP) principles:

Abstraction: FileAnalyzer base class.

Polymorphism: Dynamic analyzer execution via List<FileAnalyzer>.

JSON Serialization: Exporting results via System.Text.Json.

Next Phase: 2/1 Dynamic Analysis (Behavioral Monitoring)

About

🛡️ Malware Analyzer (Static)-C# tabanlı, modüler bir statik analiz aracıdır. Automated Reporting: Analiz bulguları anlık olarak JSON formatına serileştirilir. Malware Detection: Clipboard izleme, Registry modifikasyonu ve ağ trafiği gibi sinsi niyetleri tespit eder.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages