Skip to content

Holit/scriptmalsolver

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7,017 Commits
.github
.github
 
 
qiling
qiling
 
 
rootfs
rootfs
 
 
scripts
scripts
 
 
web
web
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
desktop.ini
desktop.ini
 
 
start.bat
start.bat
 
 

Repository files navigation

scriptmalsolver

一个基于qiling的加载器识别沙箱。

目标

本项目希望基于qiling虚拟执行平台,对加载器家族恶意软件进行标记和辅助分析作用,期望完成如下目标:

  • 对不同家族的加载器应用(yara)规则进行标记,方便分类
  • 试图从加载器中dump出内部加密的载荷

运行本项目

本项目被设计为如下形式

-----------------------------
|     qiling(modified) 		|
|    Scan and Process   	|
-----------------------------
      logs|↑
          ↓|files
-----------------------------
|        Django          	|
|      (Backend)        	|
|							|
-----------------------------
    Report|↑
		  ↓|User Interactions
-----------------------------
|  		Django.template    	|
|    	 (Frontend)      	|	
|    	   Render          	|
-----------------------------

启动根目录下的start.bat即可启动网页实例。

为确保本项目的README简洁,在下方贴出父项目qiling的README链接。

qilingframework/qiling: A True Instrumentable Binary Emulation Framework (github.com)

About

A loader-malware sandbox web-app based on qiling.

Topics

qiling

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Languages

  • Python 69.2%
  • C++ 11.9%
  • HTML 10.4%
  • JavaScript 6.0%
  • CSS 1.0%
  • C 0.7%
  • Other 0.8%