Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve MoleBox packer detection. #815

Merged
merged 4 commits into from
Jul 22, 2020
Merged

Improve MoleBox packer detection. #815

merged 4 commits into from
Jul 22, 2020

Conversation

tamaroth
Copy link
Contributor

@tamaroth tamaroth commented Jul 21, 2020
edited
Loading

This PR introduces the following changes:

  • Removes a redundant detection of a BitArts packer. It is covered by the detections of Crunch (BitArts is a company that produced Crunch packer).
  • Adds two new generic detections for MoleBox virtualizer/packer.
  • Adds detection for MoleBox v4.2321
  • Adds detection for MoleBox v2.3.6

The tests are added here.

@tamaroth
Add MoleBox 2.3.6 detection.
bde4c0b
@tamaroth
Add MoleBox 4.2321 detection.
b040c0e
@tamaroth
Add a generic MoleBox detections.
c112baf
@tamaroth
Remove redundant BitArts detection.
d5cf711 
BitArts is the name of the company that produced Crunch packer. Everything
detected by this YARA rule was also detected by the appropriate Crunch
YARA rule. As such, one of them should be removed.
@tamaroth tamaroth requested a review from s3rvac July 21, 2020 15:37
@tamaroth tamaroth mentioned this pull request Jul 21, 2020
Merged
@s3rvac
Copy link
Member

s3rvac commented Jul 22, 2020

Thank you for the improvements! Let's run TeamCity tests.

s3rvac
s3rvac approved these changes Jul 22, 2020
View reviewed changes
Copy link
Member

@s3rvac s3rvac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TeamCity builds are failing because there have been new changes in the loader that have not been incorporated into the branch in the present PR (and in tests). However, I have run the tests on my Linux machine on up-to-date branches, and they have passed. So, I am approving and merging the PR.

@s3rvac s3rvac merged commit de06abb into master Jul 22, 2020
@s3rvac s3rvac deleted the improve-molebox-detection branch July 22, 2020 04:47
s3rvac added a commit that referenced this pull request Jul 22, 2020
@s3rvac
Add an entry for #815 into CHANGELOG.
d55a5c8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@s3rvac s3rvac s3rvac approved these changes

Assignees

@s3rvac s3rvac

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tamaroth @s3rvac