Showing 1 - 10 of 10

Files from Konrad Rieck

Email address	private
First Active	2003-12-14
Last Active	2013-12-25

View User Profile

Malheur Malware Analyzer 0.5.4: Posted Dec 25, 2013; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: Support for the new version of libarchive has been added. Minor bugs have been fixed.; tags | tool, forensics; systems | unix; SHA-256 | bb3db24ceb168a4ff7687bd7d877b71a411226d83905158d3b5d10be38c9b052; Download | Favorite | View

Malheur Malware Analyzer 0.5.3: Posted Dec 28, 2012; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: The tool's persistent state is stored in the local state directory for better maintenance. Several minor bugs have been fixed.; tags | tool, forensics; systems | unix; SHA-256 | feffed3a6f9712581d6d3919879040b1a1af45225b1010a4993bf862650b8bd0; Download | Favorite | View

Malheur Malware Analyzer 0.5.2: Posted Aug 30, 2011; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: Another major bug due to libconfig changes has been fixed.; tags | tool, forensics; systems | unix; SHA-256 | ca0c50fbc6f33874be11bc7f129e882084b6149cfd3b0dec1cf4936313a1953a; Download | Favorite | View

Malheur Malware Analyzer 0.5.1: Posted Aug 25, 2011; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: A major bug in the parsing of configuration files has been fixed.; tags | tool, forensics; systems | unix; SHA-256 | b23a4c2300216b322fc2b40a1624a3b7d197ae9f6f944b0f4fb13625af635734; Download | Favorite | View

Malheur Malware Analyzer 0.5.0: Posted Apr 20, 2011; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: All configuration parameters can be specified on the command line. The manual page and documentation have been updated and extended. Minor bugs have been fixed.; tags | tool, forensics; systems | unix; SHA-256 | 3be1c2c3ddf9fa21e38ce94750996f036a69b033f1baf6d76c0a960a040fd74e; Download | Favorite | View

Malheur Malware Analyzer 0.4.8: Posted Aug 6, 2010; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: Support was added for shared n-grams: when identifying a cluster of similar malware behavior, Malheur allows you to extract a set of instructions shared by the members in the cluster.; tags | tool, forensics; SHA-256 | df152eb282e18a93d369d9d2a4b5080144ecc1e024ca75649e2b5307ca065711; Download | Favorite | View

Malheur Malware Analyzer 0.4.7: Posted Feb 16, 2010; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: A bug with OpenMP that rendered clustering and classification of malware behavior non-deterministic has been fixed.; tags | tool, forensics; SHA-256 | f09e067a8a31743143add874ffdc7a4a5fd2f078cf7808c58fd8f79c9bd497d4; Download | Favorite | View

malheur-0.4.6.tar.gz: Posted Feb 4, 2010; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: Minor fixes and general code clean-up were done.; tags | tool, forensics; SHA-256 | 3530dccb3a426ab47e5db7746ea79e98d8e57353d7b1e19c0cba6da526dd3bc6; Download | Favorite | View

Malheur Malware Analyzer 0.4.5: Posted Jan 4, 2010; Authored by Konrad Rieck | Site mlsec.org; Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.; Changes: This release fixes a bug in classification mode when loading prototypes.; tags | tool, forensics; SHA-256 | 34da6bbc102ec549b6563c26b7f089d8f10c631825aacf6478c54cae6e058c02; Download | Favorite | View

stan-0.4.tar.gz: Posted Dec 14, 2003; Authored by Konrad Rieck | Site roqe.org; Stream Analyzer is a console application which analyses binary streams and calculates useful statistical information from the observed data which features mathematical, pattern, and bit analysis. It has been designed as a "Swiss-army-knife" for initial steps in reverse engineering and cryptographic analysis.; Changes: Code and documentation have been polished and unneeded sections from previous years have been removed.; tags | encryption; SHA-256 | 8e94b31d3df053835db88145966cd411826430ec29870f1c0031387ccbc9745c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Files from Konrad Rieck

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems