Skip to content

aaron-otis/RansomwareDetector

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.gitignore
 
 
README.md
 
 
analysis.py
 
 
database.py
 
 
main.py
 
 
results.py
 
 
RansomwareDetector Dependencies How does it work?

README.md

RansomwareDetector

Attempts to detect ransomware based on properties of of a binary.

Dependencies

Relies on the binary analysis framework angr. Follow the instructions on the official website.

How does it work?

This is still a work in progress, so this will be updated as more concrete versions are developed.

Attempts to detect cryptographic primitives using several different identifying properties. The following lists the properties that are planned to be implemented:

  • Per Gröbert, et al., cryptographic binaries have many loops and makes excessive use bitwise arithmetic.
  • Cryptographic API use.
  • Writing to many files.
  • Common ransom messages.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages