THOR TechPreview 10.7.3 Features

by Aug 3, 2022

THOR TechPreview version 10.7.3 has been released

  • Parsing of email formats .eml / .msg to scan the attachments (RFC-6532)
  • Archive scan improved to include .cab, .7z and .gzip
  • Archive scan improved to scan nested archives recursively
  • Bulk scanning improvements to further improve the scan speed
  • HTML report generation refactoring – much lower memory usage, lower CPU load during generation
  • Internal YARA rule set refactoring (using one big set and different name spaces to improve performance)
  • Internal refactoring to make use of a unified memory mapping of files to improve performance

The TechPreview version 10.7 can be downloaded from our customer portal or by using thor-util.

About the author:

Florian Roth

Florian Roth serves as the Head of Research and Development at Nextron Systems. With a background in IT security since 2000, he has delved deep into nation-state cyber attacks since 2012. Florian has developed the THOR Scanner and actively engages with the community via his Twitter handle @cyb3rops. He has contributed to open-source projects, including 'Sigma', a generic SIEM rule format, and 'LOKI', an open-source scanner. Additionally, he has shared valuable resources like a mapping of APT groups and operations and an Antivirus Event Analysis Cheat Sheet.

Subscribe to our Newsletter

Monthly news, tips and insights.

Follow Us

Upgrade Your Cyber Defense with THOR

Detect hacker activity with the advanced APT scanner THOR. Utilize signature-based detection, YARA rules, anomaly detection, and fileless attack analysis to identify and respond to sophisticated intrusions.