MIR, or Malware Investigation and Response, is a framework for automating first level analysis of malware.

MIR uses a variety of automated tools, some local and some remote, to give you a starting-off point for analyzing malware. A proof-of-concept command-line tool was written that uses the following 3rd party services for analysis:

• VirusTotal
• Anubis
• CWSandbox
• Joebox
• ThreatExpert

Future versions of MIR will include

• support for a variety of file-types, including PDF, JavaScript, and URLs
• a system for sharing comments and analysis between incident responders about a malware
• a web-based front-end

This project is dead. See malwareurl for a similar, working implementation.

Sorry other MIR and MIR-ROR, we're considering a name-change to reduce the confusion.