Skip to content

Almighty123404/MalwareAnalysis

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

MalwareAnalysis

MalwareAnalysis is a file-analysis web app with a Flask backend and a Vite + React frontend. Users upload a file, the backend runs static checks, and the UI shows a clean or malicious verdict with supporting details.

What it does

  • Computes the SHA-256 hash of the uploaded file.
  • Runs YARA matching.
  • Extracts PE metadata when the file is a Windows executable.
  • Calculates entropy and extracts strings/URLs.
  • Optionally queries VirusTotal when VT_API_KEY is configured.
  • Caches scan results in Redis when Redis is available.

Project Structure

MalwareAnalysis/
├── app.py              # Flask app and upload API
├── analysis.py         # Static analysis helpers
├── requirements.txt    # Python dependencies
├── frontend/           # Vite + React app
├── templates/          # Flask templates
└── uploads/            # Saved uploads during analysis

Requirements

  • Python 3.8+
  • Node.js 18+ recommended
  • npm
  • Redis is optional, but recommended for caching
  • VirusTotal API key is optional

Setup

1. Install Python dependencies

pip install -r requirements.txt

2. Install frontend dependencies

cd frontend
npm install

3. Configure environment variables

Create a .env file in the project root if you want VirusTotal enabled:

VT_API_KEY=your_virustotal_api_key

If VT_API_KEY is not set, the app still works and skips the VirusTotal lookup.

Run the app

Open two terminals in the project root.

Backend

python app.py

The Flask API runs on http://127.0.0.1:5000.

Frontend

cd frontend
npm run dev

The React UI runs on http://localhost:5173.

The frontend is configured to proxy API requests to Flask, so the upload request goes to /api/upload during development.

How to use

  1. Open the frontend in your browser.
  2. Choose a file or drag one into the upload area.
  3. Wait for the scan to finish.
  4. Review the verdict and reasoning shown on screen.

Backend API

POST /api/upload

Form field:

  • file: the file to analyze

Response:

  • JSON containing the verdict, score, analysis data, and explanations.

Notes

  • If Redis is not running, the app continues without cache.
  • If VirusTotal is not configured, the scan still runs with local analysis only.
  • The backend creates the uploads/ folder automatically if it does not exist.

Troubleshooting

  • If the frontend says the scan failed, check that Flask is running on port 5000.
  • If npm run dev cannot reach the backend, confirm the Flask server is running before uploading a file.
  • If the upload area does nothing, make sure the browser console does not show a network error.

Team

  • Abhinav Tiwari
  • Pranay Srivastava
  • Rajneesh Kumar Gupta
  • Sakshi Gupta

License

No license file is currently included in this repository.

About

We’re building a web app for malware detection that uses static analysis with YARA and PE file analysis, plus VirusTotal for live threat intel.

Resources

Stars

0 stars

Watchers

1 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors