Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 

RansomwareDetector

Attempts to detect ransomware based on properties of of a binary.

Dependencies

Relies on the binary analysis framework angr. Follow the instructions on the official website.

How does it work?

This is still a work in progress, so this will be updated as more concrete versions are developed.

Attempts to detect cryptographic primitives using several different identifying properties. The following lists the properties that are planned to be implemented:

  • Per Gröbert, et al., cryptographic binaries have many loops and makes excessive use bitwise arithmetic.
  • Cryptographic API use.
  • Writing to many files.
  • Common ransom messages.

About

No description, website, or topics provided.

Resources

Releases

No releases published

Packages

No packages published

Languages