- If you have a folder of YARA signature files, you can specify it with the –yara option. Every new file will be scanned against these signatures with the results displayed in the output results.
- If you have a VirusTotal API, place it into a file named “virustotal.api” (or embed directly in the script) to auto-submit MD5 file hashes to VT to get the number of viral results.
- You can add lists of MD5s to auto-ignore (such as all of your system files). Use md5deep and throw them into a text file, use –hash to read them.
- You can automate the script for sandbox-usage. Using -t to automate execution time, and –cmd “path\exe” to specify a malware file, you can automatically run malware, copy the results off, and then revert to run a new sample.
- The –generalize feature will automatically substitute absolute paths with Windows environment paths for better IOC development.
Here is the link to DOWNLOAD.
Latest posts by Unallocated Author (see all)
- Tips How To Recover Deleted Files on Windows PC Free and Easily - October 8, 2018
- iKeyMonitor Android Tracking App Review - September 4, 2018
- “Open Sesame” Vulnerability That Let Users Hack Windows 10 Was Demonstrated at Black Hat Conference - August 12, 2018