SSMA — Simple Static Malware Analyzer

Simple but powerful malware analysis tool

SSMA is a simple malware analyzer written in Python 3 by Lasha Khasaia.


  • Searches for websites, e-mail addresses, IP addresses in the strings of the file.
  • Looks for Windows functions commonly used by malware.
  • Get results from VirusTotal and/or upload files.
  • Malware detection based on Yara-rules.
  • Detect well-known software packers.
  • Detect the existence of cryptographic algorithms.
  • Detect anti-debug and anti-virtualization techniques used by malware to evade automated analysis.
  • Find if documents have been crafted to leverage malicious code.


Pretty simple, with git and pip:

git clone


sudo pip3 install -r requirements.txt

python3 -h



Related posts

  1. SpiderFoot 3.0: OSINT reconnaissance tool
  2. RIPlace: a new evasion technique that allows ransomware to bypass most antivirus
  3. Meet Graboid, the first cryptojacking worm that spreads using Docker images: how to defend your infrastructure from this new threat?
  4. Playing with the cat (in the command line)
  5. Also Node.js has been used to perform a Living off the Land (LotL) attack