Skip to content

0x6e66/macon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

73 Commits
cag
cag
 
 
macon
macon
 
 
zip
zip
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 
TODO.md
TODO.md
 
 
start_arango.sh
start_arango.sh
 
 

Repository files navigation

macon (Malware Corpus Normalizer)

Description

The problem with many popular malware corpora like Virustotal or Triage is that the samples for a specific family are very heterogeneous. There are different file types from different stages of the malware all placed under one label.

This project aims to tackle this issue. To normalize a malware corpus a graph structure is used. In this graph every distinct sample is a node. If a sample drops another sample, the dropped sample is connected via an edge. The dropped sample could be the result of a regular dropper or something like the native code of a android apk (lib/*/*.so). Inside the graph every malware sample is guaranteed to be deduplicated.

Installation

  • From git 
    cargo install --git https://github.com/0x6e66/macon

About

Malware Corpus Normalization

Topics

malware malware-analysis normalization

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages