We’re pleased to announce the release of the MAEC output framework, a Python framework/utility that can combine the output of multiple MAEC-enabled utilities for a single binary/MD5 into a single MAEC Malware Subject and Package. It can
be found here:
For example, given an input MD5 hash, the utility will look for reports for this MD5 in the online repositories of Virustotal and ThreatExpert, generate the MAEC output for these reports if found, and write the combined output to a single
MAEC Package. It also supports host-based analysis tools such as PEFile (through the associated PEFile to MAEC utility), and can accordingly accept a binary (i.e. file) as input.