Open xme opened 1 month ago
Hi! It seems that drak-postprocess doesn't like that part: "Method":"09\xaa\xbd,V"
I see that it shouldn't affect the rest of log processing, because drak-postpostprocess will just omit this line as a part of exception handling (https://github.com/CERT-Polska/drakvuf-sandbox/blob/master/drakcore/drakcore/postprocess/drakparse.py#L205).
Is it real, obfuscated method name in that .NET malware?
Describe the bug
I got this error after some analysis:
How to reproduce Submit a file to the sandbox.