GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → comaeio → malcheck

comaeio / malcheck

Licence: other
Portable utility to check if a machine has been infected by Shamoon2

Programming Languages

C++
36643 projects - #6 most used programming language
c
50402 projects - #5 most used programming language
powershell
5483 projects

malcheck

Portable utility to check if a machine has been infected by Shamoon2

This utility uses a set of the Indicators of Compromise for the identified Shamoon variant released by FireEye [1]. As a GCC/Gulf based cyber security start-up, Comae recommends GCC private and public organizations to check their Windows environment using open-source utility malcheck.

This week, several security companies issued warnings regarding a new variation of Shamoon (W32.Disttrack), being found mid November 2016. This utility available in bin/malcheck.exe contains a portable utility for simple check that your security team can use for quick assessment.

  MalCheck v0.1 - Simple portable utility to search for Shamoon2 artifacts
  Copyright (C) 2016, Matthieu Suiche <http://www.msuiche.net>
  Copyright (C) 2016, Comae Technologies FZE <http://www.comae.io>
      More information: [email protected]

[+] No signs of Shamoon2 have been found.

TODO

  • Parse JSON files as input argument instead of hardcoding quick signatures.

References

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].