-
This is probably a big noob question and I apologize ahead of time, but I am unsure how to get to the point of using pe2shc.exe as written out in the docs. I have cloned the repository into VS, but I …
-
## Description
Attempting to apply protections to the
* Posh_v4_dropper_x64
* Sharp_v4_dropper_x64
binaries using the ConfuserEx 2 project results in an error:
```
[ERROR] Unknown error o…
-
Hi,
I downloaded the release build and it seems to have ASLR enabled? This is sort of contra productive if you want to analyze the shellcode. Is this intended?
-
Really neat project thus far, just have a small issue with it. When using the `-r` flag on several different variations of shellcode (mainly from https://github.com/qilingframework/qiling/tree/master/…
-
***Describe the bug**
First of all, Qiling is awesome, thank you for taking your time to create such an amazing project. For some reason, I keep getting an error in `libloaderapi.py` with some varian…
-
https://wechatscope.jmsc.hku.hk/api/html?fn=gh_886b94872294_2021-03-15_2650506101_NuirhkStCd.y.tar.gz
-
Hi, can you give me an example of how to run the standalone executables of CAPA for Windows?
On opening any malware sample with it, the output screen does not hold, it opens and closes by itself. a…
-
currently this gets bytes features for many invalid immediate operators
```
if isinstance(oper, envi.archs.i386.disasm.i386ImmOper):
v = oper.getOperValue(oper)
```
for exam…
mr-tz updated
4 years ago
-
```
$ capa -f sc32 tests/data/499c2a85f6e8142c3f48d4251c9c7cd6.raw32
INFO:capa:--------------------------------------------------------------------------------
INFO:capa: Using default embedded rul…
mr-tz updated
4 years ago
-
- The only 32-bit binary that seems to be working is yo.shc.exe. What are the differences between yo.exe and yo.shc.exe?