UnpacMe Weekly: Maintenance & Bug Hunting
This week we have updated configuration extractors for FormBook, NetWire, and RecordBreaker (RaccoonStealer).
Sean Wilson
UnpacMe Weekly: Malware Configs, Yara Updates, & capa v4.0
UnpacMe now enriches submissions with our proprietary Yara rules, malware config extraction, and CAPA.
UnpacMe Weekly: CAPA
This week we wanted to highlight the inclusion of CAPA
[https://www.mandiant.com/resources/capa-automatically-identify-malware-capabilities]
within the UnpacMe [https://www.unpac.me] 5.3 release. CAPA
[https://github.com/mandiant/capa] detects capabilities of a binary, using a
corpus of community written rules [https://github.com/mandiant/capa-rules].
Rules