maco 1.2.20__py3-none-any.whl → 1.2.21__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. extractor_setup/maco/model/model.py +2 -0
  2. maco/model/model.py +2 -0
  3. {maco-1.2.20.dist-info → maco-1.2.21.dist-info}/METADATA +2 -3
  4. {maco-1.2.20.dist-info → maco-1.2.21.dist-info}/RECORD +10 -10
  5. {maco-1.2.20.dist-info → maco-1.2.21.dist-info}/WHEEL +1 -1
  6. model_setup/maco/model/model.py +2 -0
  7. pipelines/test.yaml +0 -4
  8. {maco-1.2.20.dist-info → maco-1.2.21.dist-info}/entry_points.txt +0 -0
  9. {maco-1.2.20.dist-info → maco-1.2.21.dist-info}/licenses/LICENSE.md +0 -0
  10. {maco-1.2.20.dist-info → maco-1.2.21.dist-info}/top_level.txt +0 -0
extractor_setup/maco/model/model.py CHANGED
@@ -48,6 +48,8 @@ class Encryption(ForbidModel):
48
48
  iv: Optional[str] = None # initialisation vector
49
49
  seed: Optional[str] = None
50
50
  nonce: Optional[str] = None
51
+ password: Optional[str] = None
52
+ salt: Optional[str] = None
51
53
  constants: List[str] = []
52
54
 
53
55
  usage: Optional[UsageEnum] = None
maco/model/model.py CHANGED
@@ -48,6 +48,8 @@ class Encryption(ForbidModel):
48
48
  iv: Optional[str] = None # initialisation vector
49
49
  seed: Optional[str] = None
50
50
  nonce: Optional[str] = None
51
+ password: Optional[str] = None
52
+ salt: Optional[str] = None
51
53
  constants: List[str] = []
52
54
 
53
55
  usage: Optional[UsageEnum] = None
{maco-1.2.20.dist-info → maco-1.2.21.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: maco
3
- Version: 1.2.20
3
+ Version: 1.2.21
4
4
  Summary: Maco is a framework for creating and using malware configuration extractors.
5
5
  Author: sl-govau
6
6
  Maintainer: cccs-rs
@@ -22,8 +22,6 @@ Classifier: Development Status :: 5 - Production/Stable
22
22
  Classifier: Intended Audience :: Developers
23
23
  Classifier: Topic :: Software Development :: Libraries :: Python Modules
24
24
  Classifier: License :: OSI Approved :: MIT License
25
- Classifier: Programming Language :: Python :: 3.8
26
- Classifier: Programming Language :: Python :: 3.9
27
25
  Classifier: Programming Language :: Python :: 3.10
28
26
  Classifier: Programming Language :: Python :: 3.11
29
27
  Classifier: Programming Language :: Python :: 3.12
@@ -72,6 +70,7 @@ This framework is actively being used by:
72
70
  | [configextractor-py](https://github.com/CybercentreCanada/configextractor-py) | A tool designed to run extractors from multiple frameworks and uses the MACO model for output harmonization | [![License](https://img.shields.io/github/license/CybercentreCanada/configextractor-py)](https://github.com/CybercentreCanada/configextractor-py/blob/main/LICENSE.md) |
73
71
  | <a href="https://github.com/jeFF0Falltrades/rat_king_parser"><img src="https://images.weserv.nl/?url=raw.githubusercontent.com/jeFF0Falltrades/rat_king_parser/master/.github/logo.png?v=4&h=100&w=100&fit=cover&maxage=7d"/> </a> | A robust, multiprocessing-capable, multi-family RAT config parser/extractor that is compatible with MACO | [![License](https://img.shields.io/github/license/jeFF0Falltrades/rat_king_parser)](https://github.com/jeFF0Falltrades/rat_king_parser/blob/master/LICENSE) |
74
72
  | <a href="https://github.com/CAPESandbox/community"><img src="https://images.weserv.nl/?url=github.com/CAPESandbox.png?v=4&h=100&w=100&fit=cover&maxage=7d0&mask=circle"/> </a> | A parser/extractor repository containing MACO extractors that's authored by the CAPE community but is integrated in [CAPE](https://github.com/kevoreilly/CAPEv2) deployments.<br>**Note: These MACO extractors wrap and parse the original CAPE extractors.** | [![License](https://img.shields.io/badge/license-GPL--3.0-informational)](https://github.com/kevoreilly/CAPEv2/blob/master/LICENSE) |
73
+ | <a href="https://github.com/SEKOIA-IO/Community"><img src="https://images.weserv.nl/?url=github.com/SEKOIA-IO.png?v=4&h=100&w=100&fit=cover&maxage=7d0&mask=circle"/> </a> | A parser/extractor repository containing MACO extractors that's authored by the SEKOIA community. | [![License](https://img.shields.io/badge/license-DRL--1.1-informational)](https://github.com/SEKOIA-IO/Community/blob/main/LICENSE.md) |
75
74
 
76
75
  ## Model Example
77
76
 
{maco-1.2.20.dist-info → maco-1.2.21.dist-info}/RECORD RENAMED
@@ -17,7 +17,7 @@ extractor_setup/maco/extractor.py,sha256=nqIfUcrc_l57FicKZc6HLtN223-_zkYWL1AYMy1
17
17
  extractor_setup/maco/utils.py,sha256=yNm5CiHc9033ONX_gFwg9Lng5IYFujLDtw6FfiJkAao,23425
18
18
  extractor_setup/maco/yara.py,sha256=y141t8NqDDXHY23uE1d6BDPeNmSuUuohR6Yr_LKa7GI,4067
19
19
  extractor_setup/maco/model/__init__.py,sha256=ULdyHx8R5D2ICHZo3VoCk1YTlewTok36TYIpwx__pNY,45
20
- extractor_setup/maco/model/model.py,sha256=DBHTmZXMzjpVq0s2mzZv3VCzPhwPnv7sH6u_QZCTcA4,24484
20
+ extractor_setup/maco/model/model.py,sha256=a98XB7C6P_9JHNsodzbaRomr17rLYH6J4g5clH2IERY,24550
21
21
  maco/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
22
22
  maco/base_test.py,sha256=DrVE7vOazeLQpOQeIDwBYK1WtlmdJrRe50JOqP5t4Y0,3198
23
23
  maco/cli.py,sha256=jFtYWuKNlqcnSl0W4vgITctpgfd3J9kgN37IwoW3pDY,11477
@@ -27,8 +27,8 @@ maco/extractor.py,sha256=nqIfUcrc_l57FicKZc6HLtN223-_zkYWL1AYMy1WAmA,3007
27
27
  maco/utils.py,sha256=yNm5CiHc9033ONX_gFwg9Lng5IYFujLDtw6FfiJkAao,23425
28
28
  maco/yara.py,sha256=y141t8NqDDXHY23uE1d6BDPeNmSuUuohR6Yr_LKa7GI,4067
29
29
  maco/model/__init__.py,sha256=ULdyHx8R5D2ICHZo3VoCk1YTlewTok36TYIpwx__pNY,45
30
- maco/model/model.py,sha256=DBHTmZXMzjpVq0s2mzZv3VCzPhwPnv7sH6u_QZCTcA4,24484
31
- maco-1.2.20.dist-info/licenses/LICENSE.md,sha256=gMSjshPhXvV_F1qxmeNkKdBqGWkd__fEJf4glS504bM,1478
30
+ maco/model/model.py,sha256=a98XB7C6P_9JHNsodzbaRomr17rLYH6J4g5clH2IERY,24550
31
+ maco-1.2.21.dist-info/licenses/LICENSE.md,sha256=gMSjshPhXvV_F1qxmeNkKdBqGWkd__fEJf4glS504bM,1478
32
32
  model_setup/maco/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
33
33
  model_setup/maco/base_test.py,sha256=DrVE7vOazeLQpOQeIDwBYK1WtlmdJrRe50JOqP5t4Y0,3198
34
34
  model_setup/maco/cli.py,sha256=jFtYWuKNlqcnSl0W4vgITctpgfd3J9kgN37IwoW3pDY,11477
@@ -38,9 +38,9 @@ model_setup/maco/extractor.py,sha256=nqIfUcrc_l57FicKZc6HLtN223-_zkYWL1AYMy1WAmA
38
38
  model_setup/maco/utils.py,sha256=yNm5CiHc9033ONX_gFwg9Lng5IYFujLDtw6FfiJkAao,23425
39
39
  model_setup/maco/yara.py,sha256=y141t8NqDDXHY23uE1d6BDPeNmSuUuohR6Yr_LKa7GI,4067
40
40
  model_setup/maco/model/__init__.py,sha256=ULdyHx8R5D2ICHZo3VoCk1YTlewTok36TYIpwx__pNY,45
41
- model_setup/maco/model/model.py,sha256=DBHTmZXMzjpVq0s2mzZv3VCzPhwPnv7sH6u_QZCTcA4,24484
41
+ model_setup/maco/model/model.py,sha256=a98XB7C6P_9JHNsodzbaRomr17rLYH6J4g5clH2IERY,24550
42
42
  pipelines/publish.yaml,sha256=BfsbDsg2ijtXF8lhRUjzkenw3zi2mL7ESNv3KuC1cVE,1626
43
- pipelines/test.yaml,sha256=btJVI-R39UBeYosGu7TOpU6V9ogFW3FT3ROtWygQGQ0,1472
43
+ pipelines/test.yaml,sha256=csfrKjSUXZ2PlRTYTuietFBwtO5oFNetf8Onv9AHugE,1370
44
44
  tests/data/example.txt.cart,sha256=j4ZdDnFNVq7lb-Qi4pY4evOXKQPKG-GSg-n-uEqPhV0,289
45
45
  tests/data/trigger_complex.txt,sha256=uqnLSrnyDGCmXwuPmZ2s8vdhH0hJs8DxvyaW_tuYY24,64
46
46
  tests/data/trigger_complex.txt.cart,sha256=Z7qF1Zi640O45Znkl9ooP2RhSLAEqY0NRf51d-q7utU,345
@@ -52,8 +52,8 @@ tests/extractors/bob/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hS
52
52
  tests/extractors/bob/bob.py,sha256=4fpqy_O6NDinJImghyW5OwYgnaB05aY4kgoIS_C3c_U,253
53
53
  tests/extractors/import_rewriting/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
54
54
  tests/extractors/import_rewriting/importer.py,sha256=wqF1AG2zXXuj9EMt9qlDorab-UD0GYuFggtrCuz4sf0,289735
55
- maco-1.2.20.dist-info/METADATA,sha256=8ZvRVvxy741jFWHAP1g-B_57zuamXaiglsEglweURUI,15310
56
- maco-1.2.20.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
57
- maco-1.2.20.dist-info/entry_points.txt,sha256=TpcwG1gedIg8Y7a9ZOv8aQpuwEUftCefDrAjzeP-o6U,39
58
- maco-1.2.20.dist-info/top_level.txt,sha256=xiVS11ZoyN8ChHJQGpOzTH4ZyQ3YJe1qT3Yt4gcKGUk,65
59
- maco-1.2.20.dist-info/RECORD,,
55
+ maco-1.2.21.dist-info/METADATA,sha256=zotTpqbih_Px3KgNFxZLKBScIIav--wjxCoOMZ97NbE,15709
56
+ maco-1.2.21.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
57
+ maco-1.2.21.dist-info/entry_points.txt,sha256=TpcwG1gedIg8Y7a9ZOv8aQpuwEUftCefDrAjzeP-o6U,39
58
+ maco-1.2.21.dist-info/top_level.txt,sha256=xiVS11ZoyN8ChHJQGpOzTH4ZyQ3YJe1qT3Yt4gcKGUk,65
59
+ maco-1.2.21.dist-info/RECORD,,
{maco-1.2.20.dist-info → maco-1.2.21.dist-info}/WHEEL RENAMED
@@ -1,5 +1,5 @@
1
1
  Wheel-Version: 1.0
2
- Generator: setuptools (80.9.0)
2
+ Generator: setuptools (80.10.2)
3
3
  Root-Is-Purelib: true
4
4
  Tag: py3-none-any
5
5
 
model_setup/maco/model/model.py CHANGED
@@ -48,6 +48,8 @@ class Encryption(ForbidModel):
48
48
  iv: Optional[str] = None # initialisation vector
49
49
  seed: Optional[str] = None
50
50
  nonce: Optional[str] = None
51
+ password: Optional[str] = None
52
+ salt: Optional[str] = None
51
53
  constants: List[str] = []
52
54
 
53
55
  usage: Optional[UsageEnum] = None
pipelines/test.yaml CHANGED
@@ -31,10 +31,6 @@ jobs:
31
31
  - job: run_test
32
32
  strategy:
33
33
  matrix:
34
- Python3_8:
35
- python.version: "3.8"
36
- Python3_9:
37
- python.version: "3.9"
38
34
  Python3_10:
39
35
  python.version: "3.10"
40
36
  Python3_11: