JetBrains gave us PyCharm open source project license for free.
Thanks to JetBrains for supporting our open source project!
= Changes for 20130804 =
== Prebuilt VMware image ==
* Updated Debian (6.0.7)
* Updated Wine (1.7.0)
* Updated Wine Gecko (2.21)
* Updated backup.tar.gz
* Updated pefile (svn r128)
* Updated TrIDDefs.TRD (5092 file types, 02/08/13)
* Some minor changes
= Changes for 20130531 =
* Version Alpha 5
== Source Code ==
* Internal improvements
* Code refactoring
* Implemented automatic tagging
* Implemented buffer
* Added check for sample directory
* Added check for free disk space
* Added check for debug output
* Added more signature/trick patterns
* Added LSB (Linux Standards Base) init script
* Improved Wine processes killing
* Updated Wine exceptions
* Updated UPX (3.09)
* Fixed bugs
* Minor changes
== Prebuilt virtual machine image ==
* Skipped
= Changes for 20120915 =
* Version Alpha 4.1
== Source Code ==
* Updated userdb.txt (Contributed by Keivan Komeilipour)
* Some minor changes
== Prebuilt QEMU image ==
* Updated Debian (lenny-backports)
* Updated Wine (1.5.13)
* Updated Wine Gecko (1.7)
* Updated pefile (svn r122)
* Updated TrIDDefs.TRD (4860 file types, 12/09/12)
* Some minor changes
= Changes for 20120823 =
== Prebuilt QEMU image ==
* Updated Wine (1.5.11)
* Updated Wine Gecko (1.7)
* Updated backup.tar.gz (Improved malware compatibility)
Please update your Zero Wine Tryouts Alpha 4 prebuilt QEMU image.
Thank you.
= Changes for 20120708 =
== Prebuilt QEMU image ==
* Updated Wine (1.5.8)
* Updated backup.tar.gz (Improved malware compatibility)
Please update your Zero Wine Tryouts Alpha 4 prebuilt QEMU image.
Thank you.
= Changes for 20120702 =
== Prebuilt QEMU image ==
* Updated Wine (1.5.7)
* Updated Wine Gecko (1.6)
* Updated backup.tar.gz
Please update your Zero Wine Tryouts Alpha 4 prebuilt QEMU image.
Thank you.
= Changes for 20120530 =
== Prebuilt QEMU image ==
* Updated backup.tar.gz
Please re-download your Zero Wine Tryouts Alpha 4 prebuilt QEMU image.
Thank you.
= Changes for 20120528 =
* Version Alpha 4
== Source Code ==
* Implemented sample search (By Frank Poz)
* Implemented sample tagging (By Frank Poz)
* Updated userdb.txt (Contributed by Keivan Komeilipour)
* Updated pdfid.py (0.0.12)
* Updated pdf_parser.py (0.3.9)
* Updated UPX (3.08)
* Partly merged from original ZeroWine 2.0
* Refactored some code
* Some minor change
== Prebuilt QEMU image ==
* Updated Debian (5.0.10)
* Updated Wine (1.2.3)
* Updated pefile (svn r117)
* Updated TrID (2.11)
* Updated TrIDDefs.TRD (4750 file types, 27/05/12)
* Updated python-ptrace (0.6.4)
* Some minor change
= Changes for 20100724 =
* Version Alpha 3
== Source Code ==
* Implemented PDF analysis (By Frank Poz)
* Improved extract javascript from pdf file
* Started implementing medium-level report (Suggested by Curt Wilson)
* Added more signature/trick patterns
* Refactored some code
* Result page passed HTML5 validation
* Some minor change
== Prebuilt QEMU image ==
* Updated Debian (5.0.5)
* Updated Wine (1.1.42)
* Updated pefile (svn r76)
* Updated UPX (3.05)
* Updated TrIDDefs.TRD (3978 file types, 05/07/10)
* Some minor change.
The code is now uploaded to the SourceForge.net Subversion repository.
Thank you Frank Poz!
= Changes for 20100325 =
* Version Alpha 2
* Update Wine. (1.1.41)
* Update TrIDDefs.TRD. (3911 file types, 25/03/10)
* Improvement view/download function.
* Partial rewrite of the calls.py. Makes the signature more readable.
* Refactoring some code.
* Some minor change.
== Fixed ==
* Fix dump download problem. (Regression)
* Some minor fix.
= Changes for 20100312 =
* Version Alpha 1
* Update Wine. (1.1.40)
* Update TrIDDefs.TRD. (3899 file types, 03/03/10)
* Implement view function.
* Improvement extract javascript from pdf file.
* Partial rewrite of the calls.py. Makes the signature more readable.
* Refactoring some code.
* Some minor change.
== Fixed ==
* Some minor fix.
= Changes for 20100301 =
* Implement automatic pdf uncompress. (pdftk)
* Implement extract javascript from pdf file.
* Partial rewrite of the calls.py. Makes the signature more readable.
* Refactoring some code.
* Some minor change.
== Fixed ==
* Some minor fix.
= Changes for 20100224 =
* Implement network packet dump. (TCPDUMP)
* Partial rewrite of the calls.py. Makes the signature more readable.
* Some minor change.
== Fixed ==
* Fix libzip.py related download problem. (Regression)
* Some minor fix.
= Changes for 20100211 =
* Implement view/download differences(file, registry) feature. You can view/download registry modification, dropped files.
* Improvement download function.
* Some minor change.
== Fixed ==
* Some minor fix.
= Changes for 20100208 =
* Update Wine (1.1.38)
* Implement automatic unpack. (UPX)
* Improvement file headers function. Add TrID signature. (Requested by Keivan Komeilipour)
* Improvement download function.
* Partial rewrite of the calls.py. Makes the signature more readable.
* Some minor change.
== Fixed ==
* Lock related problem. (Regression)
* Regsvr32 timeout problem.
* Do not dump more wine exe files.
* Some minor fix.
= Changes for 20100204 =
* Update userdb.txt (Keivan Komeilipour)
* Implement additional files (such as DLLs) upload. You must upload zip archive file. Use 7zip recommended.
* Implement Windows version change.
* Partial rewrite of the calls.py. Makes the signature more readable.
* Some minor change.
== Fixed ==
* Dumping process silently.
* Do not dump wine exe files.
* Some minor fix.
Update Wine (1.1.37)
Improvement result download. You can download complete result even if webpage timeout error occurs.
Improvement dump memory feature.
Partial rewrite of the calls.py. Makes the signature more readable.
Refactoring some code.
* Fixed
1) Print more process crash information.
Improvement result download.
Add more anti-debugging pattern.
Better SEH error detection.
Almost complete rewrite of the calls.py. Makes the signature even more readable.
* Fixed
1) Some false positive problem. (workaround)
Improvement result download.
Add more anti-debugging pattern.
Refactoring some code.
* Fixed
1) Uppercase hash problem.
2) Print more process crash infomation.
Implement result download.
Partial rewrite of the calls.py. Makes the signature more readable.
* Fixed
1) Empty process name problem.
2) Print more process crash infomation.
Moved calls from libmalware.py to seperate file calls.py.
Moved tricks from signatures.py to seperate file tricks.py.
Partial rewrite of the calls.py. Makes the signature more readable.
Implement lock.
* Fixed
1) Uppercase process name problem.
2) Winedbg -auto webpage timeout problem - Kill process after timeout.
3) Print more process crash infomation.