FAME is an open source malware analysis platform that is meant to facilitate analysis of malware-related files, leveraging as much knowledge as possible in order to speed up and automate end-to-end analysis.

FAME should be seen as a malware analysis framework. Instead of developing several scripts for different tasks related to malware analysis, develop FAME modules that will be able to collaborate with each other.

Get started now! You can get the code on GitHub and read the docs.

Learn more about FAME in our introductory blogpost

Detailed Results
Get detailed analysis from your modules.
Threat Intelligence
Leverage your Threat Intelligence.
Extracted Malware Configuration
Extract malware configuration from analyzed samples.
Botnet tracking
Track how botnets are targeting your organization.
Module Management
Easily manage your processing, reporting, antivirus and threat intelligence modules. Use public and/or private modules.
Users Management
Make it available to several users in different teams with built-in access control.

The Blog

Introducing FAME

At CERT Société Générale, we have our fair share of malware to analyze: banking malware, targeting the bank’s customers, and all kinds of malware targeting our users.

The process of malware analysis in our team had two main issues:

  • It takes too much time to complete an analysis. Let’s take the example of a banking trojan. Even if the analyst already recognized the malware family from the spam run, he still has to submit the sample to a sandbox, wait for the analysis to be over, download a memory dump, extract the configuration from memory and compare the configuration with our perimeter in order to determine if we are targeted. It the malware family is unknown, it is even more complicated.
  • Every analyst does not necessarily have the same knowledge regarding malware analysis.

Our answer to these problems is FAME, our malware analysis platform.

read more