Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Install ARM version for tools like sysinternals #1159

Open
Ana06 opened this issue Nov 6, 2024 · 1 comment
Open

Install ARM version for tools like sysinternals #1159

Ana06 opened this issue Nov 6, 2024 · 1 comment
Labels
❔ discussion Further discussion is needed

Comments

@Ana06
Copy link
Member

Ana06 commented Nov 6, 2024

Details

From mandiant/flare-vm#627 by @WeWonderMax:

Hello!

The script installs almost flawlessly the tools on ARM64 windows 11, thanks for that.

Although I had an issue with sysinternals because the version installed was the x86 one. I had to manually install the ARM64 version of sysinternals: https://download.sysinternals.com/files/SysinternalsSuite-ARM64.zip

Maybe making the script "architecture aware" for certain tools version that are "architecture dependant" would be beneficial ?
@Ana06 Ana06 added the ❔ discussion Further discussion is needed label Nov 6, 2024
@Ana06 Ana06 mentioned this issue Nov 6, 2024
Closed
@Ana06
Copy link
Member Author

Ana06 commented Nov 6, 2024

We have something similar in the debloat package to what you are proposing. The FLARE-VM team does not use ARM (the FLARE-VM would could benefit from this), but I think Commando-VM does and we have something similar to what you are proposing in the debloat package. @mandiant/commando-vm do we have something like this in any any package already? Does Commando-VM support ARM and is the usage of the wrong binary a bug in sysinternals?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
❔ discussion Further discussion is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Ana06