Minoru Kobayashi
Minoru Kobayashi
Hi, @ydkhatri, I am trying to analyze an M1 Mac (macOS 12.5) disk image created by Digital Collector (former MacQuisition). While AUTOSTART plugin is running, I get the following error...
The warning and info messages like below are displayed, if I analyze unified logs of macOS 10.6. ``` 2021-09-29 11:29:09|MAIN.UNIFIED_LOG_READER_LIB|INFO|Unknown custom data object type '{public,mdns:dnshdr}' data size=0xC in log @...
MachO-Explorer seems not to parse LC_UNIXTHREAD load command as in the figure below. Note that the file to be analyzed is a malware binary. otool command can parse it. ```...
bug fix: fail to load MSCompression64.dll on 64-bit Python. change: "--mam_dir" option can be omitted if Volatility handle Windows 10 memory image.
CDIR Collector can only collect files with hard-coded paths. If the user wants to collect files other than the default ones, the user will have to modify the source code....
Python 3 does not have "long", so it should be replaced with "int".
I am testing objc2_analyzer.py against the following malware sample. SHA256: 8db4f17abc49da9dae124f5bf583d0645510765a6f7256d264c82c2b25becf8b However, errors will be occurred like below: ``` ERROR:flare_emu:exception in _guidedHook @0002DB95: 'int' object is not subscriptable ERROR:flare_emu:error handling...
This PR is not a perfect modification, but it works.