Current Release: v0.2a (08/29)

MalTrap is a research utility that monitors malware behavior by intercepting API calls and logging results. MalTrap can also be used in other reversing contexts.

Features

• Over 200 API’s are intercepted. Better results and little noise.
• Only relevant API parameters are displayed (highly descriptive).
• Only relevant API return values are displayed (highly descriptive).
• Created processes are monitored
• PID separation – API calls are logged based on the process
• PC shutdown attempts are prevented
• Anti-Debugging attempts are logged (SoftICE, RegMon, FileMon, Generic)
• Key-logging attempts are logged
• Internet traffic is logged and highly detailed (Winsock, FTP, HTTP, IRC, …)