Embedded Engine

v1.7.1

Release date: 05/24/2024

New Features and Improvements
  • Ensured support for Ubuntu 22.04
  • Added new threat indicators
  • Disabled IP address OSINT lookups to avoid false positive findings
  • Added verdict to IOCs on the UI
  • Reduced false positive / false negative detection
  • Updated YARA rule-set
  • Fixed office file emulation errors
Verdict for IOCs

Verdict for IOCs

v1.7.0

Release date: 04/26/2024

New Features and Improvements
  • Malware config extraction support
  • Python Unpacking & Decompilation for PyInstaller, Nuitka, and py2exe
  • Improved error reporting
  • Added long path support on Windows
  • Added HTTP redirection support
  • Included disassembly of exported functions for Windows binaries
  • Threat indicator to flag when executable files have two different sections with the same section name
  • Extraction of VBA macro code from DWG files (shown as OLE Stream in File Details section)
  • Enhanced script language detection using the guesslang library
  • Fine-tuned several threat indicators to reduce false positive ratio
  • Improved detection for phishing calendar invites
  • Enhanced recursive analysis of active content containers (email, Office documents, PDF, etc.)
  • Improved scan process for corrupt OLE2 documents
  • Fixed several issues with existing threat indicators (ELF binaries, URL extraction, EML)
Improved error reporting

Improved error reporting

v1.6.0

Release date: 01/29/2024

New Features and Improvements
  • Improved engine performance and stability
  • Implemented configurable OPSWAT Reputation secret in engine global config
  • New indicators for Windows APIs related to specific activities
  • Implemented flagging for LSASS dump using minidump
  • Extracted remote templates inside xTable struct in MS Office documents
  • Implemented parser for Debian packages
  • Expanded malware configuration extractors to encompass the latest and most pertinent threats
  • Improved detection of dynamic syscalls using the HellsGate bypass technique
  • Enhanced Quishing and Phishing email detection
  • Improved the capabilities of Batch, CSV, HTA, JavaScript, LNK, PowerShell, VBA, and VBScript emulation and fine-tuned timeout handling
  • Fixed several UTF-8 parsing issues in content parsers (related to HTML & OLE files)
  • Ensured that all whitelisted submissions get the Benign verdict
  • Improved the stability of concurrent OSINT lookup tasks

v1.5.0

Release date: 11/06/2023

New Features and Improvements
  • Updated Threat Indicators
  • Improved office file emulation
  • Improved PE file analysis
  • Updated YARA rule-set
  • Improved disassembly for x64 architecture
  • Improved file type detection
  • New IOC types for Crypto wallets
  • New Executive Summary (ChatGPT report)
Executive Summary

Executive Summary
Crypto Wallets

Crypto Wallets
Known issues
  • Crypto Wallets IOCs sometimes parsed and displayed incorrectly on the UI

v1.4.0

Release date: 09/22/2023

New Features and Improvements
  • Support filenames with various Unicode characters
  • Support unpacking of 64-bit executables
  • Support malicious documents embedded in PDF files hidden as ActiveMime objects in MHTML format
  • New threat indicators to detect the WikiLoader malware family (Microsoft Office files)
  • Detection and extraction of embedded RTF files in Office documents, as described in CVE-2023-36884
  • Enhance Threat Indicator for Mavinject
  • Improved office file emulation
  • Improved application security
  • Improved large file processing

v1.3.4

Release date: 08/02/2023

New Features and Improvements
  • Updated Threat Indicators
  • Improved office file emulation
  • Improved verdict calculation

v1.3.3

Release date: 07/07/2023

New Features and Improvements
  • Fixed global config “reset to defaults” feature
  • Improved office file emulation
  • Updated YARA ruleset
  • Updated Threat Indicators
  • Updated verdict calculation

v1.3.2

Release date: 06/14/2023

New Features and Improvements
  • Updated logging for MetaDefender Core support package
  • Improved handling of embedded JavaScript files

v1.3.1

Release date: 06/05/2023

New Features and Improvements
  • Enabled XML file support by default
  • Updated reputation sources
  • Improved verdict calculation
  • Fixed global config reset to default values feature
  • Fixed report generation for files including Email IOCs

v1.3.0

Release date: 05/26/2023

New Features and Improvements
  • Updated YARA rule database
  • YARA matches displayed on MDCore UI
  • Dependency check on startup

v1.2.0

Release date: 05/17/2023

New Features and Improvements
  • Scan results are extended with the list of IOCs
  • Rapid mode support added and enabled by default
  • Reputation lookup support added and enabled by default
  • Reputation lookup verdict improvements
  • Improved embedded engine performance

v1.1.0

Release date: 05/08/2023

New Features and Improvements
  • Improved Microsoft Office file handling
  • Security and performance improvements

v1.0.0

Release date: 04/06/2023

New Features and Improvements
  • First versions of Embedded and Remote engines for MetaDefender Core customers
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Remote Engine
On This Page
Embedded Enginev1.7.1v1.7.0v1.6.0v1.5.0v1.4.0v1.3.4v1.3.3v1.3.2v1.3.1v1.3.0v1.2.0v1.1.0v1.0.0