Mandiant Redline is a free malware analysis software for Windows which you can use in order to perform in-depth analysis for any infections that might be present in file system or memory of the system. Redline offers a very large set of tools and is aimed at expert security analysts. That’s what makes it different from your usual antivirus or anti-malware scanners that are aimed more for everyday computer use.
When you run Redline, first thing that you’re gonna see is the Start-up screen which can be seen on the screenshot down below. Despite having more advanced malware analysis tools and utilities, this free malware analysis software has managed to keep it’s usage simple, with an easy to follow wizard-type of graphical interface that you can see on the screenshot down below.
Of course after selecting one of the two options that can be seen on the image above, you’ll get much more options, with which you’ll have to get familiar in order to figure out how everything works.
Key features of Mandiant Redline free malware analysis software:
- Free malware analysis software for more advanced malware detection
- Scans file system, processes, drivers, computer memory, etc.
- Can be used to record activity logs which can then be scanned later on
- Memory image scanning is supported: scan system memory image files
- Highly configurable and customizable with a lot of options to tweak
- Works with Windows: all versions supported starting with XP
In order for the system memory (RAM) images to be scanned, they first have to be created with third party applications. Note that Redline has a decent amount of advanced features and it order to understand it fully, it’s probably best that you go through the extensive guide which can be downloaded from links that are available down below.
How to detect malware infections with Mandiant Redline:
Again, seeing how there’s very advanced malware analysis tools packed inside Redline, we’re not gonna go into specifics. What we are gonna be talking about are the two main options that you get on the Start-up screen.
The Collect Data option let’s you configure various scans from which various audit reports are gonna be created. What kind of scan it’s gonna be is entirely up to you and the settings that you setup for the Collect Data scanner.
After you’re finished with collecting data about your computer, use the Analyze Data option from the Start-up screen to open up the report scanner. That’s where this free malware analysis software checks to see what was detected during the Collect Data scan. Navigate to the directories where audit reports were saved, memory images created, etc. Down below you can read out analysis results.
Mandiant Redline might not be for everyday users, but if you are an advanced system security specialist in charge of safety in an enterprise somewhere, then this type of malware analysis software might just be the thing you need. Access extensive “how to” user guide in order to see just how everything works and is setup.