mace 0.1.4

Automated extration of malware configuration, focusing on C2 communication
Documentation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
mod coper;
mod dmsniff;
mod metastealer;

use anyhow::Result;

use crate::{classifier::MalwareFamiliy, configuration::MalwareConfiguration};

pub fn extract_for_family(
    sample_data: &[u8],
    family: &MalwareFamiliy,
) -> Result<MalwareConfiguration> {
    match family {
        MalwareFamiliy::Metastealer => metastealer::extract(sample_data),
        MalwareFamiliy::DMSniff => dmsniff::extract(sample_data),
        MalwareFamiliy::Coper => coper::extract(sample_data),
    }
}