DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.
Identified and fixed situation where an UnableToParse exception gets consumed within a specifc parser group, but none of the parsers within the group identify the file, and the parent parser places the file back into the queue as though it were created from the child parsing group. This can result in an infinite processing loop and the solution is to propagate the UnableToParse exception to the parent parser.
Identified and fixed situation where an
UnableToParseexception gets consumed within a specifc parser group, but none of the parsers within the group identify the file, and the parent parser places the file back into the queue as though it were created from the child parsing group. This can result in an infinite processing loop and the solution is to propagate theUnableToParseexception to the parent parser.