Metadata-Version: 2.1
Name: CAPEsolo
Version: 0.4.23
Summary: Standalone CAPEMON
Author: enzok
Author-email: 7831008+enzok@users.noreply.github.com
Requires-Python: >=3.10,<3.13
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Requires-Dist: SFlock2[shellcode,win32] (==0.3.67)
Requires-Dist: bs2json (>=0.1.2,<0.2.0)
Requires-Dist: bson (>=0.5.10,<0.6.0)
Requires-Dist: cape-parsers
Requires-Dist: cryptography (>=44.0.0,<45.0.0)
Requires-Dist: dnspython (>=2.6.1,<3.0.0)
Requires-Dist: gevent (>=24.11.1,<25.0.0)
Requires-Dist: greenlet (>=3.1.1,<4.0.0)
Requires-Dist: pefile (>=2024.8.26,<2025.0.0)
Requires-Dist: pytest (>=8.3.4,<9.0.0)
Requires-Dist: pywin32 (>=308,<309)
Requires-Dist: requests (>=2.32.3,<3.0.0)
Requires-Dist: tldextract (>=5.1.3,<6.0.0)
Requires-Dist: wxpython (>=4.2.1,<5.0.0)
Requires-Dist: yara-python (>=4.5.1,<5.0.0)
Description-Content-Type: text/markdown

Python GUI to run capemon in standalone VM. Provides a subset of CAPE processing and results.

* Create a Windows 10 VM that's suitable for running malware.
  * Use the CAPEv2 guest guide for configuration details.
  * https://capev2.readthedocs.io/en/latest/installation/guest/index.html
* Install Python in VM, tested on 64-bit Python versions 3.11 and 3.12, and add Python to path.
* Download and install Microsoft Visual C++ Redistributable.
  * https://aka.ms/vs/17/release/vc_redist.x86.exe
  * https://aka.ms/vs/17/release/vc_redist.x64.exe
* Install CAPEsolo.
  * pip install CAPEsolo
* Snapshot your VM.

Quick Start 
* Open an administrator command window.
* Type capesolo <return> to run.

Alternatively, create a shortcut to CAPEsolo.exe, 
which will be in the Scripts subdirectory of same location as your python.exe file. 
* Under Advanced, check 'Run as administrator'
* An icon file is available in the CAPEsolo install folder under site-packages.

Analysis results are found in C:\Users\Public\CAPEsolo\analysis.
* Can be configured in python-path\site-packages\CAPEsolo\cfg.ini

Revert the VM after each analysis.
