Embedded Engine

v1.6.0

Release date: 01/29/2024

New Features and Improvements

  • Improved engine performance and stability

  • Implemented configurable OPSWAT Reputation secret in engine global config

  • New indicators for Windows APIs related to specific activities

  • Implemented flagging for LSASS dump using minidump

  • Extracted remote templates inside xTable struct in MS Office documents

  • Implemented parser for Debian packages

  • Expanded malware configuration extractors to encompass the latest and most pertinent threats

  • Improved detection of dynamic syscalls using the HellsGate bypass technique

  • Enhanced Quishing and Phishing email detection

  • Improved the capabilities of Batch, CSV, HTA, JavaScript, LNK, PowerShell, VBA, and VBScript emulation and fine-tuned timeout handling

  • Fixed several UTF-8 parsing issues in content parsers (related to HTML & OLE files)

  • Ensured that all whitelisted submissions get the Benign verdict

  • Improved the stability of concurrent OSINT lookup tasks

v1.5.0

Release date: 11/06/2023

New Features and Improvements
  • Updated Threat Indicators
  • Improved office file emulation
  • Improved PE file analysis
  • Updated YARA ruleset
  • Improved disassembly for x64 architecture
  • Improved file type detection
  • New IOC types for Crypto wallets
  • New Executive Summary (ChatGPT report)
Executive Summary

Executive Summary
Crypto Wallets

Crypto Wallets
Known issues
  • Crypto Wallets IOCs sometimes parsed and displayed incorrectly on the UI

v1.4.0

Release date: 09/22/2023

New Features and Improvements
  • Support filenames with various Unicode characters
  • Support unpacking of 64-bit executables
  • Support malicious documents embedded in PDF files hidden as ActiveMime objects in MHTML format
  • New threat indicators to detect the WikiLoader malware family (Microsoft Office files)
  • Detection and extraction of embedded RTF files in Office documents, as described in CVE-2023-36884
  • Enhance Threat Indicator for Mavinject
  • Improved office file emulation
  • Improved application security
  • Improved large file processing

v1.3.4

Release date: 08/02/2023

New Features and Improvements
  • Updated Threat Indicators
  • Improved office file emulation
  • Improved verdict calculation

v1.3.3

Release date: 07/07/2023

New Features and Improvements
  • Fixed global config “reset to defaults” feature
  • Improved office file emulation
  • Updated YARA ruleset
  • Updated Threat Indicators
  • Updated verdict calculation

v1.3.2

Release date: 06/14/2023

New Features and Improvements
  • Updated logging for MetaDefender Core support package
  • Improved handling of embedded JavaScript files

v1.3.1

Release date: 06/05/2023

New Features and Improvements
  • Enabled XML file support by default
  • Updated reputation sources
  • Improved verdict calculation
  • Fixed global config reset to default values feature
  • Fixed report generation for files including Email IOCs

v1.3.0

Release date: 05/26/2023

New Features and Improvements
  • Updated YARA rule database
  • YARA matches displayed on MDCore UI
  • Dependency check on startup

v1.2.0

Release date: 05/17/2023

New Features and Improvements
  • Scan results are extended with the list of IOCs
  • Rapid mode support added and enabled by default
  • Reputation lookup support added and enabled by default
  • Reputation lookup verdict improvements
  • Improved embedded engine performance

v1.1.0

Release date: 05/08/2023

New Features and Improvements
  • Improved Microsoft Office file handling
  • Security and performance improvements

v1.0.0

Release date: 04/06/2023

New Features and Improvements
  • First versions of Embedded and Remote engines for MetaDefender Core customers
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Remote Engine
On This Page
Embedded Enginev1.6.0v1.5.0v1.4.0v1.3.4v1.3.3v1.3.2v1.3.1v1.3.0v1.2.0v1.1.0v1.0.0