Malware Domain List

Malware Related => Malware Analysis => Topic started by: SysAdMini on July 22, 2010, 09:32:50 am

Title: PDF Dissector
Post by: SysAdMini on July 22, 2010, 09:32:50 am
Title: Re: PDF Dissector 1.4.0 released
Post by: WIEx on July 23, 2010, 03:07:55 am
thank you!
Title: Re: PDF Dissector
Post by: SysAdMini on August 05, 2010, 10:07:11 am
PDF Dissector 1.5.0 released

The first cool new feature is that PDF Dissector now supports the decryption of RC4-encoded strings and streams. This is very useful because there are a few PDF malware samples in the wild that encrypt their strings and streams using RC4 (a standard PDF format feature). In the past, PDF Dissector was not able to analyze these PDF files. From now on, PDF Dissector can be used on those samples too.

The second cool new feature is an improvement to the plugin API that allows plugins to extend the context menu of PDF file nodes in the PDF browsing tree. This was inspired by a customer who asked for a way to generate reports with PDF Dissector. I implemented a small report generator as a Python plugin to make sure that all customers who want to generate reports can easily modify the content and the layout of the generated report.