Previously js_eval.py simply reported 'Executed javascript' for any COleScript::Compile hook result, but since the VBScript hooking refers to the same function name this incorrectly identifies the language. Added check for VB content.
Added basic extractor for Kraken Cryptor ransomware configs. Only shows most relevant info, limitations in push_config make it hard to show all the data.
Previously js_eval.py simply reported 'Executed javascript' for any COleScript::Compile hook result, but since the VBScript hooking refers to the same function name this incorrectly identifies the language. Added check for VB content.