PE-Bear crashes with this file #42
Comments
|
Thank you for the report! I will take care of this soon. |
|
@Kargin - I fixed it, please check out the new release: https://github.com/hasherezade/pe-bear-releases/releases/tag/0.5.5.1 |
|
@hasherezade Ran PE-Bear from archive x64_win_vs13 and got this error: Older version (0.5.5.0) x64_win_vs13 runs with out errors. Other versions: ran without errors and fix worked: |
|
@Kargin - ok, I am sorry: I see what happened. I was in a hurry, and mistakenly I uploaded the 64 bit build along with 32 bit DLLs, I will reupload the valid package shortly. |
|
ok, the new one is uploaded, check it out. win_vs17 will be added later today. |
|
@hasherezade Thank you very much! x64_win_vs13 works now! |
|
@Kargin - the win_vs17 builds are ready! please check them out, and feel free to close this issue once you are sure that everything is ok. |
|
@hasherezade Thank you very much! |
Hello!
I tried to view this file:
https://www.virustotal.com/gui/file/db9de8ff7ed80cf7563502c25d6aad2e2fee258da407c52a6c4a2192f9170d14/details
with latest version of PE-Bear (0.5.5).
It loads layout of this file in left pane. I can see tabs with sections names, headers, etc.
Also when I hover mouse pointer over right pane a rounding circle is showing instead of simple arrow:
Then when I try to click on any tab PE-Bear hangs and closes without errors after 2-3 seconds.
This is sample from Bluenoroff group (sub-group of Lazarus that specializes only on financial attacks):
https://apt.securelist.com/apt/bluenoroff
It is packed with ENIGMA commercial packer.
This hash is seen here:
https://documents.trendmicro.com/assets/Appendix_ratankba-delving-into-large-scale-watering-holes-against-enterprises.pdf
I think this article can show some info about it:
https://www.trendmicro.com/en_us/research/17/b/ratankba-watering-holes-against-enterprises.html
I would be glad if PE-Bear can handle this file.
The text was updated successfully, but these errors were encountered: