Anubis,一個支持Android apk(Android binaries)行爲分析的在線沙盤

Anubis: Analyzing Unknown Binaries

地址  http://anubis.iseclab.org/


--------------------------------------------------------------------------------------------------------------------------------------------------------------------

What kind of files can I submit to Anubis?
    Anubis所支持的文件類型
Anubis will analyze all Windows executable files. When you upload a file to the Anubis environment it will be executed by calling CreateProcess. Thus, it does not matter what your file is called (or which file extension it has), i.e. it is not a problem if your file is called, for example, postcard.txt, as long as it is actually an executable.
Anubis will also analyze all Android binaries, that are packaged as valid APK files. Uploaded APKs will be installed in an Android emulator and have to contain at least the AndroidManifest.xml and classes.dex files.
    Anubis掃描的類型包括 windows可執行文件，當你完成上傳時，咱們將以CreateProcess命令對其執行。固然，無論你的文件如何被呼叫，以及不論擴展名。假如一個 文件被呼叫這並非問題。好比，postcard.txt，看起來像文本文檔，實際是可執行文件
    Anubis 也支持Android binaries，即有效的APK文檔分析。上傳的APK將會被安裝到Android模擬器，可是這個APK必須包括至少AndroidManifest.xml and classes.dex這兩個文件。

About Anubis
    關於Anubis
Anubis is sponsored by Secure Business Austria and developed by the International Secure Systems Lab. We are a small team of enthusiastic security professionals doing research in the field of computer security and malware analysis. Our goal is to provide interested and advanced computer users with a tool that helps in combatting malware. This is why we provide this service free of charge.
    Anubis是由Secure Business Austria贊助， the International Secure Systems Lab開發的。咱們是專一於計算機安全和惡意軟件分析的小團隊。咱們的目標是爲計算機愛好者和專業用戶提供對抗惡意軟件的幫助。這也是爲何咱們提供的服 務免費

Anubis is a tool for analyzing the behavior of Windows PE-executables with special focus on the analysis of malware. Execution of Anubis results in the generation of a report file that contains enough information to give a human user a very good impression about the purpose and the actions of the analyzed binary. The generated report includes detailed data about modifications made to the Windows registry or the file system, about interactions with the Windows Service Manager or other processes and of course it logs all generated network traffic. The analysis is based on running the binary in an emulated environment and watching i.e. analyzing its execution. The analysis focuses on the security-relevant aspects of a program's actions, which makes the analysis process easier and because the domain is more fine-grained it allows for more precise results. It is the ideal tool for the malware and virus interested person to get a quick understanding of the purpose of an unknown binary.
    Anubis是用於分析Windows PE-可執行文件的工具，在分析方面具備強大的力量。依據Anubis執行結果所生成的，包含足夠信息的，關於目的和行爲的二進制分析報告。所產生的報告 包含關於修改註冊表/文件系統，和Windows Service Manager 的交互，以及其餘進程行爲，如網絡數據交換的詳細數據。這個分析是基於二進制仿真環境的。這個分析器致力於爲電腦愛好者們提供惡意程序和病毒的數據以便愛 好者們快速理解這些程序

Anubis is the result of more than three years of programming and research. We have designed Anubis to be an open framework for malware analysis that allows the easy integration of other tools and research artifacts. This will allow us to integrate new research prototypes produced by our group into Anubis as soon their code base is stable enough.
    Anubis是多年計劃和發展的產品。咱們已經把Anubis設計爲一個開放的惡意軟件分析框架，並容許簡單的集成，人工搜索功能。這將使咱們可以將新的研究爲原型製做Anubis，完善，使其擁有足夠穩定的代碼庫。

If you have any questions, bug reports or comments please do not hesitate to contact us at anubis@iseclab.org.
    若是你有任何問題，BUG報告或評論，聯繫anubis@iseclab.org.