MALM is a 32 and 64bit Windows OS command-prompt tool for monitoring malware. While it is running, MALM monitors your system for new processes, new modules in existing processes, and new executable heaps in existing processes. As it notices changes, MALM will output observations to the console. When MALM is terminated by CTRL-C, it will generate a final report of it's findings. This tool is particularly useful for monitoring where the malware resides after execution. Run this tool with administrator privileges for best results.
MALM: Malware Monitor
Download
MALM comes in .zip format with two binaries:
  -   malm32.exe for 32 bit Windows OS's.
  -   malm64.exe for 64 bit Windows OS's.
Please use the appropriate executable for best results:
  -   Download MALM v1.2 32bit and 64bit
  -   malm32.exe for 32 bit Windows OS's.
  -   malm64.exe for 64 bit Windows OS's.
Please use the appropriate executable for best results:
  -   Download MALM v1.2 32bit and 64bit
Version History
Version 1.2 (Dec 16, 2012)
  -   64 bit addresses are now properly printed.
  -   Source code repository now on GitHub.
Version 1.1 (Oct 22, 2012)
  -   Module unloads are now printed.
  -   System snapshot handles are now closed.
Version 1.0 (Nov 14, 2012)
  -   Initial release
  -   64 bit addresses are now properly printed.
  -   Source code repository now on GitHub.
Version 1.1 (Oct 22, 2012)
  -   Module unloads are now printed.
  -   System snapshot handles are now closed.
Version 1.0 (Nov 14, 2012)
  -   Initial release
Source Code
The source code for MALM is available through GitHub. Contributions are welcome:
  -   https://github.com/glmcdona/MALM
  -   https://github.com/glmcdona/MALM