Initial commit of the dissectors for the botnets Sality (v3) and ZeroAccess (v2), developed during my masters thesis. The dissectors are based on the research of Steffen Haas, who reverse engineered the samples in his masters thesis. Also many thanks to my thesis supervisor Dr. Shankar Karuppayah, who supported me during this time.
Example usage can be seen example.py
Samples used:
- Sality, v3, MD5 d35cf3c2335666ac0be74f93c5f5172f
- ZeroAccess, v2, MD5 1343f10d374c3845dd6ebe023ac47fd0