def testName(self):
pe = PE.get('chrome.exe')
for elem in import_function.get(pe):
print """*******"""+ elem[0]+ """*******"""
for el in elem[1]:
print el
def testName(self):
pe = PE.get('chrome.exe')
print "Compile Time ", fileinfo.getCompileTime(pe)
print "Hashes MD5 ", fileinfo.get_hashes('chrome.exe')[0]
print "Hashes SHA 1", fileinfo.get_hashes('chrome.exe')[1]
print "Hashes SHA 256", fileinfo.get_hashes('chrome.exe')[2]
print "DLL ", fileinfo.getDLL(pe)
print "File Info name and size ", fileinfo.getFileInfo('chrome.exe')
print "Number of Sections", fileinfo.getNumberofSections(pe)
def testName(self):
executable_file = PE.get('chrome.exe')
packers = packer.get(executable_file)
print packers
def testName(self):
file = PE.get('chrome.exe')
print cert.getCert(file)
def testName(self):
pe = PE.get('chrome.exe')
for section in sections.get(pe):
# test = section[0].translate(None, '\x00')
print section
def testName(self):
pe = PE.get('chrome.exe')
print dump.get(pe)
def testName(self):
executable_file = PE.get('chrome.exe')
for elem in get(executable_file):
print elem
from modules import fileinfo
from modules import fileurl
from modules import meta
from modules import packer
from modules import sections
from modules import strings
from modules import suspicious_api
from modules import suspicious_sections
from modules import analyzePattern
if __name__ == "__main__":
if len(sys.argv) == 3: # ./muhafiz --antidbg file_path_include_malware
if os.path.exists(sys.argv[2]):
suspicious_file = PE.get(sys.argv[2])
if sys.argv[1] == "--antidbg":
pass
elif sys.argv[1] == "--antivm":
pass
elif sys.argv[1] == "--cert":
for key, value in cert.getCert(suspicious_file).iteritems():
print key, value
elif sys.argv[1] == "--dir-import":
print "DIRECTORY IMPORT"
print directory.get_import(suspicious_file)
elif sys.argv[1] == "--dir-export":
print "DIRECTORY EXPORT"
def testName(self):
pe = PE.get('chrome.exe')
print directory.get_export(pe)
print directory.get_import(pe)
print directory.get_tls(pe)