.png)
CAPEv2 is a malware sandbox. It was derived from Cuckoo with the goal of adding automated malware unpacking and config extraction – hence its name is an acronym: ‘Config And Payload Extraction’. Automated unpacking allows classification based on Yara signatures to complement network (Suricata) and behavior (API) signatures. There is a free community instance online …
Continue reading “CAPEv2 : Malware Configuration And Payload Extraction”