Hexacorn

DeXRAY 2.20 update

Posted on 2020-09-16 by adam

A massive update to VBN processing thanks to Brian who became de facto Symantec Quarantine files SME. His new code helps to handle even the most obscure VBN samples in our collections so it’s a win-win for DFIR. Thank you Brian!

The latest version of DeXRAY can be downloaded here.

Updated 3R (RegRipper Ripper) (RR v3.0)

Posted on 2020-05-29 by adam

Another 2 years passed since last update of the 3R and since there is a new release of Regripper this week (https://github.com/keydet89/RegRipper3.0) it was a good opportunity to revisit it.

The update this time was a bit tricky — since the snapshots (2.8 vs. 3.0) differ a lot, I decided to get 2.8 as a base, and then add/overwrite changes from v3.0.

And last, but not least – remember of 3RPG tool!