Metadata-Version: 2.3
Name: CAPEsolo
Version: 0.5.15
Summary: Standalone CAPEMON
Author: enzok
Author-email: 7831008+enzok@users.noreply.github.com
Requires-Python: >=3.10,<3.13
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Requires-Dist: SFlock2 (>=0.3.85,<0.4.0)
Requires-Dist: bs2json (>=0.1.2,<0.2.0)
Requires-Dist: bson (>=0.5.10,<0.6.0)
Requires-Dist: cape-parsers (>=0.1.58,<0.2.0)
Requires-Dist: cryptography (>=46.0.3,<47.0.0)
Requires-Dist: distorm3s (==3.5.4)
Requires-Dist: dnspython (>=2.8.0,<3.0.0)
Requires-Dist: gevent (>=25.9.1,<26.0.0)
Requires-Dist: greenlet (>=3.2.4,<4.0.0)
Requires-Dist: keystone-engine (>=0.9.2,<0.10.0)
Requires-Dist: pefile (>=2024.8.26,<2025.0.0)
Requires-Dist: poetry-core (>=2.2.1,<3.0.0)
Requires-Dist: pytest (>=9.0.1,<10.0.0)
Requires-Dist: pywin32 (>=311,<312)
Requires-Dist: requests (>=2.32.5,<3.0.0)
Requires-Dist: ruff (>=0.14.6,<0.15.0)
Requires-Dist: setuptools (>=80.9.0,<81.0.0)
Requires-Dist: tldextract (>=5.3.0,<6.0.0)
Requires-Dist: typing-extensions (==4.15.0)
Requires-Dist: wxpython (>=4.2.4,<5.0.0)
Requires-Dist: yara-python (>=4.5.4,<5.0.0)
Description-Content-Type: text/markdown

Python GUI to run capemon in standalone VM. Provides a subset of CAPE (Configuration And Payload Extraction) processing and results.

* Create a Windows 10 VM that's suitable for running malware.
  * Use the CAPEv2 guest guide for configuration details.
  * https://capev2.readthedocs.io/en/latest/installation/guest/index.html
* Install Python in VM, tested on 64-bit Python versions 3.11 and 3.12, and add Python to path.
* Download and install both Microsoft Visual C++ Redistributables:
  * https://aka.ms/vs/17/release/vc_redist.x86.exe
  * https://aka.ms/vs/17/release/vc_redist.x64.exe
* Install CAPEsolo.
  * pip install CAPEsolo
* Snapshot your VM.

Quick Start 
* Open an administrator command window.
* Type capesolo <return> to run.

Alternatively, create a shortcut to CAPEsolo.exe, 
which will be in the Scripts subdirectory of same location as your python.exe file. 
* Under Advanced, check 'Run as administrator'
* An icon file is available in the CAPEsolo install folder under site-packages.

Analysis results are found in C:\Users\Public\CAPEsolo\analysis.
* Can be configured in python-path\site-packages\CAPEsolo\cfg.ini

Revert the VM after each analysis.

