Emirhan Uçan
Emirhan Uçan
Can you post the original executables data without jpg?
I think manual monitoring not enough for these websites.
https://www.virustotal.com/gui/file/c416f36f5e6d7d18704113dd473e6febc07470ccc000849ff4ec04bad787fec7
When I extract with modern version of Nuitka (I converted to .py this project (not go anymore) and still same) it creates .dll instead of .exe as main program it...
Traceback (most recent call last): File "C:\Program Files\HydraDragonAntivirus\venv\Scripts\\hydradragon", line 3, in from hydradragon.antivirus import main File "C:\Program Files\HydraDragonAntivirus\hydradragon\antivirus.py", line 92, in from PySide6.QtWidgets import (QWidget, QVBoxLayout, QHBoxLayout, ImportError: DLL load...
``` import "pe" import "elf" rule Detect_cx_Freeze_MainStub { meta: description = "Detect cx_Freeze main stub on PE or ELF" author = "Emirhan Ucan" license = "GPLv2" reference = "https://github.com/marcelotduarte/cx_Freeze/blob/7ae7fc3bf7422dc24ed5c5f1c08041b5646ad286/source/legacy/Win32GUI.c#L17" sha256...
I think we should allow to diec.exe extract executables like in GUI. For example extract everything which is get detected or specific arena. That will help to extract all files...
This first happens at: https://github.com/RafWu/RansomWatch/issues/6 minimum 3+ year old bug https://github.com/HydraDragonAntivirus/OwlyShield I was working to fix here but since it's become different project I made a mistake and make him...
Not really issue so I think you need move to discussion. While running this sample https://www.virustotal.com/gui/file/5fe761bc21851489d103c7e2d94b8643a67c9fe2b877c5ae3b376f658da495db it normally gives vm detection message but when I do automation with your project...