Skip to content

v1.2.1

Compare
Choose a tag to compare
@CalebFenton CalebFenton released this 14 Jul 16:13
· 280 commits to master since this release
8f88c13

This release has a lot of changes both in the code and in the rules.

Thanks to @enovella who has really stepped up and added a lot of rules, and thanks to everyone else in the community who's contributed!

Core Changes

  • Update to yara-python 3.7.0.999 (with the new official DEX module)
  • Added TravisCI integration & some tests for rules
  • Rules need to compile or the test will fail
  • Warnings are given if rules don't have tags, description, or a sample
  • Add colorized output

screen shot 2018-07-14 at 7 46 57 am

New native obfuscators

  • Obfuscator-LLVM
    • v3.4
    • v3.5
    • v3.6.1
    • v4.0
    • v6.0 (unofficial fork)
    • v6.0 with string encryption (unofficial fork)
    • version-less
  • Firehash
  • AVDobfuscator

New DEX obfuscators

  • Allatori demo
  • Arxan
    • Multidex support
  • DexProtector (bugfixes)
  • AMMO (thanks @P0r0!)

New native packers

  • Promon Shield
  • UPX
    • v3.93
    • v3.94
  • Bangcle SecShell (secneo-like)
  • AppGuard (secneo-like)

New DEX packers

  • ApkPacker (Custom packer)
  • CryptoShell
  • ApkGuard
  • DexProtector (more versions)
  • Jiagu (ApkToolPlus)
  • Custom Chinese "ChornClickers" (Ch-ina PornClickers)