I just released a new version of HexDive. Added really lots of new strings so it should be picking up more juice from malicious samples \ud83d\ude42<\/p>\n
New strings include:<\/p>\n
Note, at this stage HexDive doesn’t search for any regexes (e.g. URLs\/emails\/etc ), but it is in the making, so stay tuned.<\/p>\n
You can download it here<\/a>.<\/p>\n If your .exe download is blocked, you can try a zip file<\/a>.<\/p>\n Note1:<\/strong><\/p>\n If you find HexDive is missing strings, please let me know and I will add them. At some stage I plan to release all of the strings ofr free, but before I do it I want to ensure they are at least classified to some extent. Yes, I will do the dirty job \ud83d\ude42 just let me know what is missing. Thanks!<\/p>\n Note2:<\/strong><\/p>\n hdive can be ran on static samples (unpacked) and process memory dumps as well; for the benchmark purposes – an example when it is ran on a 27MB file which is a process memory dump of a simple trojan takes 12-13 seconds.<\/p>\n TimeThis :\u00a0 Command Line :\u00a0 hdive malware.DMP TimeThis :\u00a0 Command Line :\u00a0 hdive malware.DMP I just released a new version of HexDive. Added really lots of new strings so it should be picking up more juice from malicious samples \ud83d\ude42 New strings include: pcap (winpcap related strings) libraries mime types charset encodings formatted strings … Continue reading
\nTimeThis :\u00a0\u00a0\u00a0 Start Time :\u00a0 Fri Jun 22 20:24:02 2012<\/p>\n
\nTimeThis :\u00a0\u00a0\u00a0 Start Time :\u00a0 Fri Jun 22 20:24:02 2012
\nTimeThis :\u00a0\u00a0\u00a0\u00a0\u00a0 End Time :\u00a0 Fri Jun 22 20:24:15 2012
\nTimeThis :\u00a0 Elapsed Time :\u00a0 00:00:12.683<\/p>\n","protected":false},"excerpt":{"rendered":"