This week we've introduced the ability to search for samples using ascii, wide, and hex-encoded strings. Quickly find related samples, and test pattern uniqueness without running a full Yara scan.
We have increased the size of submissions from 20MB to 100MB and have added support for zip archives which contain a single executable (PE) file.
Last week with the revival of Emotet spam campaigns we observed a spike in Emotet submissions as the developers continue to use their hash-busting technique.
This week, we have updated malware configuration extractors for Remcos & DbatLoader, and added a new extractor for the first stage of PureCrypter.
This week we have updated several malware configuration extractors including Azorult, AsyncRat, LummaStealer and Remcos.
This week we've updated several malware configuration extractors including Qakbot, Snake Keylogger, Raccoon Stealer, Icarus Stealer, and ISFB.
This week we have updated several malware config extractors including SmokeLoader, XLoader and VidarStealer.
This week we've updated the malware configurations in UnpacMe giving you the option to download all decrypted strings as a JSON formatted file.
This week we've added and updated several config extractors including Matanbucus Loader, Qakbot, and Snake Keylogger.
This week we have added config extractors for the following malware families; WarZone RAT, PrivateLoader, VenomRAT, Azorult, Vidar Stealer.