The plugin is an integration of Virus Battle API to the well known IDA Disassembler.
Virusbattle is a web service that analyses malware and other binaries with a variety of advanced static and dynamic analyses. For more information check out the Lab Website.
- IDAPython
- pySide
- GraphViz (Optional)
- Install GraphViz and add it to the default environment path (for generation and view of API flow and call graphs)
- Prepare an IDA with pySide support
IDA -> File -> Script file... -> [choose VirusBattle_IDA_Plugin.py]- As a shortcut too see matched procedures for current function:
IDA -> View -> [VB] Matched Procsor simplyAlt+Shift+V