You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently dumps that have configs extracted from are uploaded to MWDB as dump:win32:exe. However, they might be for example DLLs, as is happens for example with this qbot sample: d4535652381dbee7f1640be141fe75c7ff61123dbebbe58edd91591eb64b3f70. Also, maybe not win32.
I'm not sure platform detection logic should be part of this Karton as it defeats the single responsibility design of the system as a whole. However, it might be sent to Karton as a raw file with kind: dump in persistent headers. This can be checked in classifier to prepend the dump: prefix to whatever it is it found.
The text was updated successfully, but these errors were encountered:
Hey!
Currently dumps that have configs extracted from are uploaded to MWDB as
dump:win32:exe. However, they might be for example DLLs, as is happens for example with this qbot sample:d4535652381dbee7f1640be141fe75c7ff61123dbebbe58edd91591eb64b3f70. Also, maybe not win32.I'm not sure platform detection logic should be part of this Karton as it defeats the single responsibility design of the system as a whole. However, it might be sent to Karton as a
rawfile withkind: dumpin persistent headers. This can be checked in classifier to prepend thedump:prefix to whatever it is it found.The text was updated successfully, but these errors were encountered: