Jump to content

capa v1.4.0


MBot

Recommended Posts

Posted

v1.4.0 (2020-10-23)

This capa release includes changes to the rule parsing, enhanced feature extraction, various bug fixes, and improved capa scripts. Everyone should benefit from the improved functionality and performance. The community helped to add 69 new rules. We appreciate everyone who opened issues, provided feedback, and contributed code and rules. A special shout out to the following new project contributors:

@dzbeck added Malware Behavior Catalog (MBC) and ATT&CK mappings for 86 rules.

Due to an issue with our CI build configuration, please download standalone binaries from the v1.4.1 release here. Checkout the readme here on GitHub. Report issues on our issue tracker and contribute new rules at capa-rules.

New features

  • script that demonstrates bulk processing @williballenthin #307
  • main: render MBC table @mr-tz #332
  • ida backend: improve detection of APIs called via two or more chained thunks @mike-hunhoff #340
  • viv backend: improve detection of APIs called via two or more chained thunks @mr-tz #341
  • features: extract APIs called via jmp instruction @mr-tz #337

New rules

Bug fixes

Changes

Raw diffs

Standalone binaries

Due to an issue with our CI build configuration, please download standalone binaries from the v1.4.1 release here.

Download

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...