IOC Editor

The FireEye Indicators of Compromise (IOC) Editor is a free tool that provides an interface for managing data and manipulating the logical structures of IOCs. IOCs are XML documents that help incident responders capture diverse information about threats, including attributes of malicious files, characteristics of registry changes and artifacts in memory. The IOC Editor includes:

  • Manipulation of the logical structures that define the IOC
  • Application of meta-information to IOCs, including detailed descriptions or arbitrary labels
  • Conversion of IOCs into XPath filters
  • Management of lists of “terms” used within IOCs

Release notes

Current Version: IOC Editor 2.2
Release Date: December 4, 2012

  • Supported Operating Systems: Windows XP, Windows Vista, Windows 7 (32-bit and 64-bit)
  • File Size: 2.12 MB
  • Integrity Hashes:
    • ZIP
      • MD5: 40075157B7A65BBA45122CED2FF33AAE
      • SHA-1: AFF95F0FA83C7B07CBE4130BBEF92BD11A82B9A0
    • Extracted
      • MD5: 537A73357FC55565591C39F54EB20173
      • SHA-1: 68A0323F16BC85EC0A77A208B740EC8B9ACE4F52

Download IOC Editor