{"library":"maco","title":"Maco","description":"Maco is a framework for creating and using malware configuration extractors. It provides a modular approach to extract configuration data from malware samples. Current version is 1.2.26, with regular updates.","language":"python","status":"active","last_verified":"Mon Apr 27","install":{"commands":["pip install maco"],"cli":{"name":"maco","version":"version: 1.2.26"}},"imports":["from maco import Extractor","from maco.extractors.yara_extractor import YaraConfigExtractor"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"from maco import Extractor\n\nclass MyExtractor(Extractor):\n    family = \"my_family\"\n    author = \"me\"\n    minimum_maco_version = \"1.0.0\"\n\n    def run(self, path):\n        with open(path, 'rb') as f:\n            data = f.read()\n        config = {}\n        if b'config' in data:\n            config['string'] = 'example'\n        return config\n","lang":"python","description":"Define a custom extractor by subclassing Extractor and implementing the run method.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}