exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Konrad Rieck

Email addressprivate
First Active2003-12-14
Last Active2013-12-25
View User Profile
Malheur Malware Analyzer 0.5.4
Posted Dec 25, 2013
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: Support for the new version of libarchive has been added. Minor bugs have been fixed.
tags | tool, forensics
systems | unix
SHA-256 | bb3db24ceb168a4ff7687bd7d877b71a411226d83905158d3b5d10be38c9b052
Malheur Malware Analyzer 0.5.3
Posted Dec 28, 2012
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: The tool's persistent state is stored in the local state directory for better maintenance. Several minor bugs have been fixed.
tags | tool, forensics
systems | unix
SHA-256 | feffed3a6f9712581d6d3919879040b1a1af45225b1010a4993bf862650b8bd0
Malheur Malware Analyzer 0.5.2
Posted Aug 30, 2011
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: Another major bug due to libconfig changes has been fixed.
tags | tool, forensics
systems | unix
SHA-256 | ca0c50fbc6f33874be11bc7f129e882084b6149cfd3b0dec1cf4936313a1953a
Malheur Malware Analyzer 0.5.1
Posted Aug 25, 2011
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: A major bug in the parsing of configuration files has been fixed.
tags | tool, forensics
systems | unix
SHA-256 | b23a4c2300216b322fc2b40a1624a3b7d197ae9f6f944b0f4fb13625af635734
Malheur Malware Analyzer 0.5.0
Posted Apr 20, 2011
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: All configuration parameters can be specified on the command line. The manual page and documentation have been updated and extended. Minor bugs have been fixed.
tags | tool, forensics
systems | unix
SHA-256 | 3be1c2c3ddf9fa21e38ce94750996f036a69b033f1baf6d76c0a960a040fd74e
Malheur Malware Analyzer 0.4.8
Posted Aug 6, 2010
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: Support was added for shared n-grams: when identifying a cluster of similar malware behavior, Malheur allows you to extract a set of instructions shared by the members in the cluster.
tags | tool, forensics
SHA-256 | df152eb282e18a93d369d9d2a4b5080144ecc1e024ca75649e2b5307ca065711
Malheur Malware Analyzer 0.4.7
Posted Feb 16, 2010
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: A bug with OpenMP that rendered clustering and classification of malware behavior non-deterministic has been fixed.
tags | tool, forensics
SHA-256 | f09e067a8a31743143add874ffdc7a4a5fd2f078cf7808c58fd8f79c9bd497d4
malheur-0.4.6.tar.gz
Posted Feb 4, 2010
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: Minor fixes and general code clean-up were done.
tags | tool, forensics
SHA-256 | 3530dccb3a426ab47e5db7746ea79e98d8e57353d7b1e19c0cba6da526dd3bc6
Malheur Malware Analyzer 0.4.5
Posted Jan 4, 2010
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: This release fixes a bug in classification mode when loading prototypes.
tags | tool, forensics
SHA-256 | 34da6bbc102ec549b6563c26b7f089d8f10c631825aacf6478c54cae6e058c02
stan-0.4.tar.gz
Posted Dec 14, 2003
Authored by Konrad Rieck | Site roqe.org

Stream Analyzer is a console application which analyses binary streams and calculates useful statistical information from the observed data which features mathematical, pattern, and bit analysis. It has been designed as a "Swiss-army-knife" for initial steps in reverse engineering and cryptographic analysis.

Changes: Code and documentation have been polished and unneeded sections from previous years have been removed.
tags | encryption
SHA-256 | 8e94b31d3df053835db88145966cd411826430ec29870f1c0031387ccbc9745c
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close