DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.
For a FileObject within dispatcher.py, it is not currently possible to set the decoderdir for a kordesii decoder to anything other than the default kordesii decoder directory.
Propose adding an argument to run_kordesii_decoder to enable users to specify the decoderdir when a kordesiireporter object is instantiated to run a decoder.
For a
FileObjectwithindispatcher.py, it is not currently possible to set thedecoderdirfor akordesiidecoder to anything other than the default kordesii decoder directory.Propose adding an argument to
run_kordesii_decoderto enable users to specify thedecoderdirwhen akordesiireporterobject is instantiated to run a decoder.