image/svg+xml

Malware Monitor (MALM)

MALM is a 32- and 64-bit Windows OS command-prompt tool for monitoring malware. While it is running, MALM monitors your system for new processes, new modules in existing processes, and new executable heaps in existing processes. As it notices changes, MALM will output observations to the console. When MALM is terminated by ctrl-c, it will generate a final report of the findings. This tool is particularly useful for determining where the malware resides after execution. Run this tool with administrator privileges for best results.

Download

MALM comes in .zip format for Windows OS with two binaries (32- and 64-bit). Please use the appropriate executable from the download.

Source Code

The source code for MALM is available through GitHub. Contributions are welcome.

Figures

MALM Screen Shot
Fig. 1 - Example logs when running a malware file that injects into svchost.exe and terminates.

Version History

Back to top