Skip to content
/ traceWinApps Public

Record Opcodes for applications running on Windows, Move them to a csv file for each application process, Calculate the frequency of recorded opcodes.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

madhumithabalaji/traceWinApps

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits

logs

logs

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

constructCSV.py

constructCSV.py

 
 

invokeSDEProcess.py

invokeSDEProcess.py

 
 

opcodeDictionary.txt

opcodeDictionary.txt

 
 

opcodeFrequency.csv

opcodeFrequency.csv

 
 

Repository files navigation

traceWinApps

Goal: Dynamically classify ransomware based on execution traces. Use the frequency of instructions from execution traces to classify traces as either malicious or benign.

Pre-Req:

  • Intel SDE any version with attach-pid arg working for current windows applications
  • Install Python 3.X version with pip
  • Install Jupyter notebook using pip (pip install jupypterlab; pip install notebook)
  • pip install pandas for Excel manipulation
  • pip install pynput for Keypress events
  • pip install psutil for process utils
  • Have mouse autoclicker app in the same location as the python file (https://github.com/ApexWeed/AutoClicker)
  • Install PuTTY application for scp file transfers

About

Record Opcodes for applications running on Windows, Move them to a csv file for each application process, Calculate the frequency of recorded opcodes.

Topics

anaconda powershell jupyter-notebook intel python3 windows10 sde anaconda-environment

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages