Zero Wine Tryouts / News: Recent posts

Thanks to JetBrains

JetBrains gave us PyCharm open source project license for free.
Thanks to JetBrains for supporting our open source project!

Posted by Chae Jong Bin 2013-09-07

Alpha 5 prebuilt VMware image released

= Changes for 20130804 =
== Prebuilt VMware image ==
* Updated Debian (6.0.7)
* Updated Wine (1.7.0)
* Updated Wine Gecko (2.21)
* Updated backup.tar.gz
* Updated pefile (svn r128)
* Updated TrIDDefs.TRD (5092 file types, 02/08/13)
* Some minor changes

Posted by Chae Jong Bin 2013-08-04

Zero Wine Tryouts Alpha 5 released

= Changes for 20130531 =
* Version Alpha 5
== Source Code ==
* Internal improvements
* Code refactoring
* Implemented automatic tagging
* Implemented buffer
* Added check for sample directory
* Added check for free disk space
* Added check for debug output
* Added more signature/trick patterns
* Added LSB (Linux Standards Base) init script
* Improved Wine processes killing
* Updated Wine exceptions
* Updated UPX (3.09)
* Fixed bugs
* Minor changes
== Prebuilt virtual machine image ==
* Skipped

Posted by Chae Jong Bin 2013-05-31

Zero Wine Tryouts Alpha 4.1 released

= Changes for 20120915 =
* Version Alpha 4.1
== Source Code ==
* Updated userdb.txt (Contributed by Keivan Komeilipour)
* Some minor changes
== Prebuilt QEMU image ==
* Updated Debian (lenny-backports)
* Updated Wine (1.5.13)
* Updated Wine Gecko (1.7)
* Updated pefile (svn r122)
* Updated TrIDDefs.TRD (4860 file types, 12/09/12)
* Some minor changes

Posted by Chae Jong Bin 2012-09-15

Update 3 for Alpha 4 prebuilt image released

= Changes for 20120823 =
== Prebuilt QEMU image ==
* Updated Wine (1.5.11)
* Updated Wine Gecko (1.7)
* Updated backup.tar.gz (Improved malware compatibility)

Please update your Zero Wine Tryouts Alpha 4 prebuilt QEMU image.
Thank you.

Posted by Chae Jong Bin 2012-08-22

Update 2 for Alpha 4 prebuilt image released

= Changes for 20120708 =
== Prebuilt QEMU image ==
* Updated Wine (1.5.8)
* Updated backup.tar.gz (Improved malware compatibility)

Please update your Zero Wine Tryouts Alpha 4 prebuilt QEMU image.
Thank you.

Posted by Chae Jong Bin 2012-07-08

Update 1 for Alpha 4 prebuilt image released

= Changes for 20120702 =
== Prebuilt QEMU image ==
Updated Wine (1.5.7)
Updated Wine Gecko (1.6)
* Updated backup.tar.gz

Please update your Zero Wine Tryouts Alpha 4 prebuilt QEMU image.
Thank you.

Posted by Chae Jong Bin 2012-07-01

Alpha 4 prebuilt QEMU image re-released

= Changes for 20120530 =
== Prebuilt QEMU image ==
* Updated backup.tar.gz

Please re-download your Zero Wine Tryouts Alpha 4 prebuilt QEMU image.
Thank you.

Posted by Chae Jong Bin 2012-05-29

Zero Wine Tryouts Alpha 4 released

= Changes for 20120528 =
Version Alpha 4
== Source Code ==
Implemented sample search (By Frank Poz)
Implemented sample tagging (By Frank Poz)
Updated userdb.txt (Contributed by Keivan Komeilipour)
Updated pdfid.py (0.0.12)
Updated pdf_parser.py (0.3.9)
Updated UPX (3.08)
Partly merged from original ZeroWine 2.0
Refactored some code
Some minor change
== Prebuilt QEMU image ==
Updated Debian (5.0.10)
Updated Wine (1.2.3)
Updated pefile (svn r117)
Updated TrID (2.11)
Updated TrIDDefs.TRD (4750 file types, 27/05/12)
Updated python-ptrace (0.6.4)
* Some minor change

Posted by Chae Jong Bin 2012-05-27

Zero Wine Tryouts Alpha 3 released

= Changes for 20100724 =
Version Alpha 3
== Source Code ==
Implemented PDF analysis (By Frank Poz)
Improved extract javascript from pdf file
Started implementing medium-level report (Suggested by Curt Wilson)
Added more signature/trick patterns
Refactored some code
Result page passed HTML5 validation
Some minor change
== Prebuilt QEMU image ==
Updated Debian (5.0.5)
Updated Wine (1.1.42)
Updated pefile (svn r76)
Updated UPX (3.05)
Updated TrIDDefs.TRD (3978 file types, 05/07/10)
Some minor change.

Posted by Chae Jong Bin 2010-07-24

Subversion repository opened

The code is now uploaded to the SourceForge.net Subversion repository.
Thank you Frank Poz!

Posted by Chae Jong Bin 2010-04-18

Zero Wine Tryouts Alpha 2 released

= Changes for 20100325 =
Version Alpha 2
Update Wine. (1.1.41)
Update TrIDDefs.TRD. (3911 file types, 25/03/10)
Improvement view/download function.
Partial rewrite of the calls.py. Makes the signature more readable.
Refactoring some code.
Some minor change.
== Fixed ==
Fix dump download problem. (Regression)
* Some minor fix.

Posted by Chae Jong Bin 2010-03-25

Zero Wine Tryouts Alpha 1 released

= Changes for 20100312 =
Version Alpha 1
Update Wine. (1.1.40)
Update TrIDDefs.TRD. (3899 file types, 03/03/10)
Implement view function.
Improvement extract javascript from pdf file.
Partial rewrite of the calls.py. Makes the signature more readable.
Refactoring some code.
Some minor change.
== Fixed ==
* Some minor fix.

Posted by Chae Jong Bin 2010-03-12

zero wine tryouts 20100301 released

= Changes for 20100301 =
Implement automatic pdf uncompress. (pdftk)
Implement extract javascript from pdf file.
Partial rewrite of the calls.py. Makes the signature more readable.
Refactoring some code.
Some minor change.
== Fixed ==
Some minor fix.

Posted by Chae Jong Bin 2010-03-02

zero wine tryouts 20100224 released

= Changes for 20100224 =
Implement network packet dump. (TCPDUMP)
Partial rewrite of the calls.py. Makes the signature more readable.
Some minor change.
== Fixed ==
Fix libzip.py related download problem. (Regression)
* Some minor fix.

Posted by Chae Jong Bin 2010-02-24

zero wine tryouts 20100211 released

= Changes for 20100211 =
Implement view/download differences(file, registry) feature. You can view/download registry modification, dropped files.
Improvement download function.
Some minor change.
== Fixed ==
Some minor fix.

Posted by Chae Jong Bin 2010-02-12

zero wine tryouts 20100208 released

= Changes for 20100208 =
Update Wine (1.1.38)
Implement automatic unpack. (UPX)
Improvement file headers function. Add TrID signature. (Requested by Keivan Komeilipour)
Improvement download function.
Partial rewrite of the calls.py. Makes the signature more readable.
Some minor change.
== Fixed ==
Lock related problem. (Regression)
Regsvr32 timeout problem.
Do not dump more wine exe files.
Some minor fix.

Posted by Chae Jong Bin 2010-02-08

Forums & Tracker closed

No reason to open it.

Posted by Chae Jong Bin 2010-02-08

zero wine tryouts 20100204 released

= Changes for 20100204 =
Update userdb.txt (Keivan Komeilipour)
Implement additional files (such as DLLs) upload. You must upload zip archive file. Use 7zip recommended.
Implement Windows version change.
Partial rewrite of the calls.py. Makes the signature more readable.
Some minor change.
== Fixed ==
Dumping process silently.
Do not dump wine exe files.
Some minor fix.

Posted by Chae Jong Bin 2010-02-05

zero wine tryouts 20100131 released

Changes for 20100131:

Update Wine (1.1.37)
Improvement result download. You can download complete result even if webpage timeout error occurs.
Improvement dump memory feature.
Partial rewrite of the calls.py. Makes the signature more readable.
Refactoring some code.
* Fixed
1) Print more process crash information.

Posted by Chae Jong Bin 2010-01-31

zero wine tryouts 20100127 released

Changes for 20100127:

Improvement result download.
Add more anti-debugging pattern.
Better SEH error detection.
Almost complete rewrite of the calls.py. Makes the signature even more readable.
* Fixed
1) Some false positive problem. (workaround)

Posted by Chae Jong Bin 2010-01-28

zero wine tryouts 20100121 released

Changes for 20100121:

Improvement result download.
Add more anti-debugging pattern.
Refactoring some code.
* Fixed
1) Uppercase hash problem.
2) Print more process crash infomation.

Posted by Chae Jong Bin 2010-01-21

zero wine tryouts 20100119 released

Changes for 20100119:

Implement result download.
Partial rewrite of the calls.py. Makes the signature more readable.
* Fixed
1) Empty process name problem.
2) Print more process crash infomation.

Posted by Chae Jong Bin 2010-01-20

zero wine tryouts 20100117 released

Changes for 20100117:

Moved calls from libmalware.py to seperate file calls.py.
Moved tricks from signatures.py to seperate file tricks.py.
Partial rewrite of the calls.py. Makes the signature more readable.
Implement lock.
* Fixed
1) Uppercase process name problem.
2) Winedbg -auto webpage timeout problem - Kill process after timeout.
3) Print more process crash infomation.

Posted by Chae Jong Bin 2010-01-17

zero wine tryouts 20100115 released

Changes for 20100115:

  • Fixed
    1) RegOpenKey monitoring enabled. (disabled in 20100114)
    2) iexplore problem - Kill iexplore after timeout.
    3) Print more process crash infomation.
Posted by Chae Jong Bin 2010-01-15