From 3f151a342b8893d0029be30706e6757a2759430c Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Fri, 14 Jun 2024 09:02:02 +0000 Subject: [PATCH 1/5] Sync capa rules submodule --- rules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules b/rules index ea14b38f..e63c454f 160000 --- a/rules +++ b/rules @@ -1 +1 @@ -Subproject commit ea14b38fbf9b16e9d8a06807aef31d46e935d6d8 +Subproject commit e63c454fbb9df14967a67479fee1e1615d54f4d6 From 67f8c4d28c07714840f13a44032acf2b054f2bf6 Mon Sep 17 00:00:00 2001 From: mr-tz Date: Fri, 14 Jun 2024 08:53:32 +0000 Subject: [PATCH 2/5] bump to v7.1.0 --- CHANGELOG.md | 46 +++++++++++++++++++++++++++++++++++++--------- capa/version.py | 2 +- 2 files changed, 38 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f9a344da..fab4d23a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,11 +1,44 @@ # Change Log ## master (unreleased) -- Emit "dotnet" as format to ResultDocument when processing .NET files #2024 @samadpls ### New Features -- ELF: detect OS from statically-linked Go binaries #1978 @williballenthin +### Breaking Changes + +### New Rules (0) + +- + +### Bug Fixes + +### capa explorer IDA Pro plugin + +### Development + +### Raw diffs +- [capa v7.1.0...master](https://github.com/mandiant/capa/compare/v7.1.0...master) +- [capa-rules v7.1.0...master](https://github.com/mandiant/capa-rules/compare/v7.1.0...master) + +## v7.1.0 +The v7.1.0 release brings large performance improvements to capa's rule matching engine. +Additionally, we've fixed various bugs and added new features for people using and developing capa. + +Special thanks to our repeat and new contributors: +* @sjha2048 made their first contribution in https://github.com/mandiant/capa/pull/2000 +* @Rohit1123 made their first contribution in https://github.com/mandiant/capa/pull/1990 +* @psahithireddy made their first contribution in https://github.com/mandiant/capa/pull/2020 +* @Atlas-64 made their first contribution in https://github.com/mandiant/capa/pull/2018 +* @s-ff made their first contribution in https://github.com/mandiant/capa/pull/2011 +* @samadpls made their first contribution in https://github.com/mandiant/capa/pull/2024 +* @acelynnzhang made their first contribution in https://github.com/mandiant/capa/pull/2044 +* @RainRat made their first contribution in https://github.com/mandiant/capa/pull/2058 +* @ReversingWithMe made their first contribution in https://github.com/mandiant/capa/pull/2093 +* @malwarefrank made their first contribution in https://github.com/mandiant/capa/pull/2037 + +### New Features +- Emit "dotnet" as format to ResultDocument when processing .NET files #2024 @samadpls +- ELF: detect OS from statically-linked Go binaries #1978 @williballenthin - add function in capa/helpers to load plain and compressed JSON reports #1883 @Rohit1123 - document Antivirus warnings and VirusTotal false positive detections #2028 @RionEV @mr-tz - Add json to sarif conversion script @reversingwithme @@ -16,9 +49,6 @@ - relax dependency version requirements for the capa library #2053 @williballenthin - add scripts dependency group and update documentation #2145 @mr-tz -### Breaking Changes - - ### New Rules (25) - impact/wipe-disk/delete-drive-layout-via-ioctl william.ballenthin@mandiant.com @@ -46,7 +76,6 @@ - nursery/load-packed-dex-via-jiagu-on-android mehunhoff@google.com - nursery/modify-api-blacklist-or-denylist-via-jni-on-android mehunhoff@google.com - nursery/truncate-file-on-linux mehunhoff@google.com -- ### Bug Fixes @@ -55,7 +84,6 @@ - binja: add support for forwarded export #1646 @xusheng6 - cape: support more report formats #2035 @mr-tz - ### capa explorer IDA Pro plugin - replace deprecated IDA API find_binary with bin_search #1606 @s-ff @@ -70,8 +98,8 @@ - add deptry support #1497 @s-ff ### Raw diffs -- [capa v7.0.1...master](https://github.com/mandiant/capa/compare/v7.0.1...master) -- [capa-rules v7.0.1...master](https://github.com/mandiant/capa-rules/compare/v7.0.1...master) +- [capa v7.0.1...v7.1.0](https://github.com/mandiant/capa/compare/v7.0.1...v7.1.0) +- [capa-rules v7.0.1...v7.1.0](https://github.com/mandiant/capa-rules/compare/v7.0.1...v7.1.0) ## v7.0.1 diff --git a/capa/version.py b/capa/version.py index 06bdc4ae..65fe77ff 100644 --- a/capa/version.py +++ b/capa/version.py @@ -5,7 +5,7 @@ # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. -__version__ = "7.0.1" +__version__ = "7.1.0" def get_major_version(): From 45fca7adea5ce8a727db757373838846086a046d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 06:35:50 +0200 Subject: [PATCH 3/5] build(deps): bump python-flirt from 0.8.6 to 0.8.10 (#2151) --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 42f40b8f..88bb8c02 100644 --- a/requirements.txt +++ b/requirements.txt @@ -30,7 +30,7 @@ pydantic==2.7.3 pydantic-core==2.18.4 pyelftools==0.31 pygments==2.18.0 -python-flirt==0.8.6 +python-flirt==0.8.10 pyyaml==6.0.1 rich==13.7.1 ruamel-yaml==0.18.6 From 40061b3c425439607b1d7bfce638a62849cae554 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 06:36:10 +0200 Subject: [PATCH 4/5] build(deps): bump viv-utils from 0.7.9 to 0.7.11 (#2150) --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 88bb8c02..b667e63a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -41,6 +41,6 @@ sortedcontainers==2.4.0 tabulate==0.9.0 termcolor==2.4.0 tqdm==4.66.4 -viv-utils==0.7.9 +viv-utils==0.7.11 vivisect==1.1.1 wcwidth==0.2.13 From 1360e0838954c801dc13450c9daed423191a88a5 Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Tue, 18 Jun 2024 11:00:26 +0000 Subject: [PATCH 5/5] Sync capa-testfiles submodule --- tests/data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/data b/tests/data index ff6c34ec..3a769017 160000 --- a/tests/data +++ b/tests/data @@ -1 +1 @@ -Subproject commit ff6c34ec65fe27f79b0297d77cb51f9102e8dcb9 +Subproject commit 3a7690178bcb05671bf4d33f3d117715272fe538