Extracts next stages of various ASCII files that contain malware, for example hex, base64, etc.
Author: CERT.pl
Maintainers: ola, msm, nazywam
Consumes:
{
"type": "sample",
"stage": "recognized",
"kind": "ascii"
} Produces:
{
"type": "sample",
"kind": "runnable",
"stage": "recognized",
"platform": "win32",
"extension": "exe",
}, {
"type": "sample",
"kind": "raw"
}First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton
Then install karton-asciimagic from PyPi:
$ pip install karton-asciimagic
$ karton-asciimagic