What's new in Raccine 1.4.4
Jun 1, 2021
New in Raccine 1.4.3 Beta (May 16, 2021)
- Integrity checks in installer
New in Raccine 1.4.2 Beta (Mar 24, 2021)
- Feat: add taskkill.exe interception to the coverage
- Fix: pass trough of exit codes of the intercepted processes
New in Raccine 1.4.1 Beta (Dec 21, 2020)
- Fix: issues with some rule updates causing problems when rules contain different types of line breaks
New in Raccine 1.4 (Nov 15, 2020)
- Full x86 support
- Log of accepted executions (EventID 3)
- Moved all static internal strings into YARA rules to avoid AV detection (without success)
- NET Framework setup in installer
New in Raccine 1.4 Beta (Nov 14, 2020)
- Full x86 support
- Log of accepted executions (EventID 3)
- Moved all static internal strings into YARA rules to avoid AV detection (without success)
- .NET Framework setup in installer
New in Raccine 1.3.2 Beta (Nov 11, 2020)
- feature: support for compiled YARA rules
- fix: uninstall didn't remove interception for "net.exe"
- fix: typo in uninstaller didn't kill the right process
New in Raccine 1.3.1 Beta (Nov 3, 2020)
- feat: improved logging with more fields
New in Raccine 1.3 Beta (Nov 2, 2020)
- feat: YARA in-memory scanning
- fix: several bug fixes
New in Raccine 1.2.1 Beta (Oct 30, 2020)
- fix: fix in hardening script; SmartScreen blocks interfered with Raccine rule updates #85
New in Raccine 1.2 Beta (Oct 30, 2020)
- Fix in hardening script; SmartScreen blocks interfered with Raccine rule update
New in Raccine 1.1 Beta (Oct 29, 2020)
- YARA rule matching by @JohnLaTwC
- Troubleshooting log export by @JohnLaTwC
- Code refactoring by @Eran-YT
New in Raccine 1.0.4 Beta (Oct 23, 2020)
- Massive code refactoring and bug fixes by @Eran-YT
New in Raccine 1.0.3 Beta (Oct 21, 2020)
- Rule: new Emotet MalDoc params
New in Raccine 0.10.5 (Oct 20, 2020)
- Cleaner directory structure in ZIP
- Log to folder %ProgramData%Raccine
- Better Emotet coverage
New in Raccine 0.10.4 (Oct 20, 2020)
- Better Emotet coverage
- Some Ryuk coverage
- Improved log outputs (with Image name)
- Text log with simulation note
- Windows hardening script
New in Raccine 0.10.3 (Oct 19, 2020)
- support for configuration via GPO by @JohnLaTwC
- change from HKCU to HKLM
- coverage for /quit and not only -quit by @Omodaka9375
New in Raccine 0.10.2 (Oct 18, 2020)
- Coverage for diskshadow.exe delete shadows
New in Raccine 0.9.0 (Oct 17, 2020)
- Logging to Windows Eventlog by @JohnLaTwC
- Sigma rule
New in Raccine 0.8.0 (Oct 17, 2020)
- Creates a log file with all intercepted requests and actions performed
- Coverage for alternative command line variable indicator / and not just
New in Raccine 0.7.2 (Oct 16, 2020)
- absolute paths in registry patch to avoid attacks with fake raccine.exe files placed somewhere else in the PATH
New in Raccine 0.7.1 (Oct 16, 2020)
- code improvements by @JohnLaTwC #18
New in Raccine 0.7.0 (Oct 15, 2020)
- Extended to block Emotet infections with new PowerShell blocks
- Extended to block PowerShell win32_shadowcopy command lines
New in Raccine 0.6.0 (Oct 15, 2020)
- Additional checks for bcdedit.exe /set {default} bootstatuspolicy ignoreallfailures and bcdedit.exe /set {default} recoveryenabled no by @Omodaka9375
New in Raccine 0.5.3 (Oct 9, 2020)
New in Raccine 0.5.2 (Oct 8, 2020)
- Additional check for delete shadowstorage by @JohnLaTwC #13
- Code review by @hillu #14
- Application icon