Synapse-MalwareBazaar Changelog

v1.4.0 - 2024-05-20

Features and Enhancements

  • Add ability to malwarebazaar.query to query by yara rule name.

v1.3.0 - 2024-05-15

Features and Enhancements

  • Update $lib.bytes usage with $lib.axon APIs.


  • Fix issue where documentation for malwarebazaar.query was cutoff in help output.

v1.2.0 - 2024-02-20

Features and Enhancements

  • Update modelling of archive files to use file:archive:entry nodes when using Synapse-Fileparser>=4.17.0. Otherwise file:subfile nodes will continue to be used.

  • Update deprecated $lib.dict() usage to JSON style syntax.

v1.1.0 - 2023-10-11

Features and Enhancements

  • Add warning about MalwareBazaar API limit (1000 results) when specifying --size greater than 1000.

  • Add malwarebazaar.certs to ingest the Code Signing Certificate Blocklist.


  • Caching has been removed from the malwarebazaar.enrich and malwarebazaar.query commands, so the --asof argument has been deprecated and will no longer have any effect.

This release contains an automatic cache cleanup that will run when the package is first upgraded. This will remove existing cached API response data from the jsonstor.

v1.0.0 - 2023-06-23

Features and Enhancements

  • Initial release of the Synapse-MalwareBazaar Power-Up