joxeankoret
commented
7 years ago Try running it in non interactive mode (without -B -A). If it fails, try running the script from inside IDA with your trojan opened.
Open ghost opened 7 years ago
joxeankoret
commented
7 years ago Try running it in non interactive mode (without -B -A). If it fails, try running the script from inside IDA with your trojan opened.
ghost
commented
7 years ago oh, I have tried it with PYEW and it works. but still thank you for the answer. I would try it out soon. However, does clustering still works if I wished to disable the feature of getting Description from ClamAV?
joxeankoret
commented
7 years ago Yes, it works. It will simply give a NULL description.
ghost
commented
7 years ago thats great!!! I guessed I am not having enough related sample to have a cluster yet. Thank you very much :)
Hi, I tried to use Cosa Nostra with a fresh setup. I had a simple trojan sample and tried it by using "C:\Program Files\IDA 6.9\idaq.exe" - B -A -Sida_batch.py sample.exe Nothing really happened after executing the command. I have created a config.cfg file. There is no db.sqlite file in the folder as it is a fresh setup. No Logs were generated as well.
Do you have any recommendation or instruction to deal with fresh setup?
Side Note: I am unable to use ida_batch.py with example database as well.