- Bug Fix - Inadvertently changed "sample_compression" limit, thought it'd be OK, but it actually causes this check's main purpose to fail (that is, failing quickly when needed). Got some new ideas out of it though.
1.5.6.4
- Bug Fixes - Fixed logic that could incorrectly flag .text sections as suspicious. - Handled rare error that could occur in updating offsets. - Certificate preservation now works reliably for all use-cases.
1.5.6.3
- Bug Fixes - Modified NSIS Parser to address issue identified in the implementation. More details here: https://github.com/binref/refinery/issues/49 - TLDR, NSIS Installers with the properly of uncompressed data was not previously accounted for due to lack of examples. They now are accounted for. - Modified compression check in bloated overlay analysis - previous compression check was erroneous and worked only based on miracles. - Improvements - Modified trimming threshold: 0.05 -> 0.15 - New trimming threshold allows for lower compressed junk. - New trimming threshold removes more junk without being too aggressive. - Known issue - The certificate preservation option does not preserve the certificate in all use-cases, particularly cases where junk is in the overlay.
1.5.6.2
- Bug Fix - Not all possible paths returned a result code. An additional result code was added.
1.5.6.1
- Bug Fix - Added the result code for real this time.
1.5.6
- Cert Support - Added support in both CLI and GUI to preserve the authenticode certificate. - Authenticode certificate is removed by default because the certificate becomes invalid. When it becomes invalid it becomes unclear whether the certificate was always invalid or not. - Bug Fix - A result code was missing which could cause problems in processing that looked for a result code.