Thanks to @athiasjerome for pointing this out. We should consider adding support for the capture of .NET GUIDs, which may be useful for malware attribute and correlation, perhaps as a new field on the Windows Executable File Object or as a new .NET PE File Object (an extension of the Windows Executable File Object).
ikiril01
commented
9 years ago
Thanks to @athiasjerome for pointing this out. We should consider adding support for the capture of .NET GUIDs, which may be useful for malware attribute and correlation, perhaps as a new field on the Windows Executable File Object or as a new .NET PE File Object (an extension of the Windows Executable File Object).