Manalyzer : free online malware analysis

Manalyzer is a free service which performs static analysis on PE executables to detect undesirable behavior.
Try it online, or check out the underlying software on GitHub!

Browse Submit

What's new?

  • Tuesday July 18, 2017
    • There is now a "discussion" tab you can use to exchange information on samples.
    • A new plugin has been added to detect Bitcoin addresses in binaries! See this WannaCrypt sample for instance.
    • The Linux authenticode plugin has received many improvements.
    • I've written an extended blog post on Process Hollowing which describes how to use Manalyze's API. If you want to reuse the PE parser, be sure to read it!
    • On unrelated news, I've been releasing pentesting scripts. I hope you find them useful!
  • Wednesday June 8, 2016
    • Executables can now be provided through URLs instead of direct file uploads. Only links to PE files are accepted (i.e. archives cannot be extracted and processed automatically).
    • You can access the JSON report for any uploaded sample from the command line: curl There are no restrictions for the time being.
    • Search engine links have been added after each hash.
  • Saturday May 28, 2016
    • Unicode strings contained in the StringTable are now extracted properly and displayed in the "Resources" tab. RT_BITMAP resources are also previewed. This PE is a good example because it has lots of them.
    • You can see the 10 latest uploaded samples on this page. It's a bit crude at the moment, but it'll get better as soon as I have time to work on the search engine.