This is just a small update to the man page.
translate_v2_5_6.zip (https)
MD5: 9615167810202129C0CFC3D5125CC354
SHA256: F926E474B966790A1077B76C029F912100128C4F1CE848781C14DF4B628395D7
Update: pecheck.py Version 0.7.6
During recent malware analysis, I had a need to quickly extract overlays from a bunch of PE files. This can be done with this new version: use option “-g o” to get the overlay:
Option -A (rle ASCII dump) is also new.
And option -y (yara) supports regex (#r#) and hexadecimal (#x#) ad-hoc rules.
pecheck-v0_7_6.zip (https)
MD5: C07704E37FB1C18B769BB5336CD2478A
SHA256: 312E730F6DE784808B6E5BE355752803F281F7DC838E4B9C6B3FE924622F47F8
Update: oledump.py Version 0.0.42
This version comes with a major update of the BIFF plugin (for Excel files). New features for plugin_biff.py will be discussed in detail in next blog post.
And there are 2 minor changes to oledump itself.
A warning is displayed when an Office file format without macro-support is selected, like .docx files:
In prior versions, no output was produced at all when files like .docx files were processed.
And there’s a bug fix when selecting non-existing streams:
oledump_V0_0_42.zip (https)
MD5: C5CCF18F9F10CB6916CC74C002C78EDE
SHA256: 14A1FDA4AB57B09729AEB2697818782FAE498369A760FEC8AEE5CFB0A0E9D126
- « Previous Page
- 1
- 2
- 3
- 4
- …
- 99
- Next Page »