Embedded Engine

v1.6.0

Release date: 01/29/2024

New Features and Improvements

  • Improved engine performance and stability

  • Implemented configurable OPSWAT Reputation secret in engine global config

  • New indicators for Windows APIs related to specific activities

  • Implemented flagging for LSASS dump using minidump

  • Extracted remote templates inside xTable struct in MS Office documents

  • Implemented parser for Debian packages

  • Expanded malware configuration extractors to encompass the latest and most pertinent threats

  • Improved detection of dynamic syscalls using the HellsGate bypass technique

  • Enhanced Quishing and Phishing email detection

  • Improved the capabilities of Batch, CSV, HTA, JavaScript, LNK, PowerShell, VBA, and VBScript emulation and fine-tuned timeout handling

  • Fixed several UTF-8 parsing issues in content parsers (related to HTML & OLE files)

  • Ensured that all whitelisted submissions get the Benign verdict

  • Improved the stability of concurrent OSINT lookup tasks

v1.5.0

Release date: 11/06/2023

New Features and Improvements

  • Updated Threat Indicators

  • Improved office file emulation

  • Improved PE file analysis

  • Updated YARA ruleset

  • Improved disassembly for x64 architecture

  • Improved file type detection

  • New IOC types for Crypto wallets

  • New Executive Summary (ChatGPT report)

Executive Summary
Crypto Wallets

Known issues

  • Crypto Wallets IOCs sometimes parsed and displayed incorrectly on the UI

v1.4.0

Release date: 09/22/2023

New Features and Improvements

  • Support filenames with various Unicode characters

  • Support unpacking of 64-bit executables

  • Support malicious documents embedded in PDF files hidden as ActiveMime objects in MHTML format

  • New threat indicators to detect the WikiLoader malware family (Microsoft Office files)

  • Detection and extraction of embedded RTF files in Office documents, as described in CVE-2023-36884

  • Enhance Threat Indicator for Mavinject

  • Improved office file emulation

  • Improved application security

  • Improved large file processing

v1.3.4

Release date: 08/02/2023

New Features and Improvements

  • Updated Threat Indicators

  • Improved office file emulation

  • Improved verdict calculation

v1.3.3

Release date: 07/07/2023

New Features and Improvements

  • Fixed global config “reset to defaults” feature

  • Improved office file emulation

  • Updated YARA ruleset

  • Updated Threat Indicators

  • Updated verdict calculation

v1.3.2

Release date: 06/14/2023

New Features and Improvements

  • Updated logging for MetaDefender Core support package

  • Improved handling of embedded JavaScript files

v1.3.1

Release date: 06/05/2023

New Features and Improvements

  • Enabled XML file support by default

  • Updated reputation sources

  • Improved verdict calculation

  • Fixed global config reset to default values feature

  • Fixed report generation for files including Email IOCs

v1.3.0

Release date: 05/26/2023

New Features and Improvements

  • Updated YARA rule database

  • YARA matches displayed on MDCore UI

  • Dependency check on startup


v1.2.0

Release date: 05/17/2023

New Features and Improvements

  • Scan results are extended with the list of IOCs

  • Rapid mode support added and enabled by default

  • Reputation lookup support added and enabled by default

  • Reputation lookup verdict improvements

  • Improved embedded engine performance


v1.1.0

Release date: 05/08/2023

New Features and Improvements


  • Improved Microsoft Office file handling

  • Security and performance improvements


v1.0.0

Release date: 04/06/2023

New Features and Improvements

  • First versions of Embedded and Remote engines for MetaDefender Core customers