def testName(self):
     pe = PE.get('chrome.exe')
     
     for elem in import_function.get(pe):
         print """*******"""+ elem[0]+ """*******"""
         for el in elem[1]:
             print el
Beispiel #2
0
 def testName(self):
     pe = PE.get('chrome.exe')
     print "Compile Time ", fileinfo.getCompileTime(pe)
     print "Hashes MD5 ", fileinfo.get_hashes('chrome.exe')[0]
     print "Hashes SHA 1", fileinfo.get_hashes('chrome.exe')[1]
     print "Hashes SHA 256", fileinfo.get_hashes('chrome.exe')[2]
     print "DLL ", fileinfo.getDLL(pe)
     print "File Info name and size ", fileinfo.getFileInfo('chrome.exe')
     print "Number of Sections", fileinfo.getNumberofSections(pe)
Beispiel #3
0
 def testName(self):
     
    executable_file = PE.get('chrome.exe')
    packers = packer.get(executable_file)
     
    print packers
Beispiel #4
0
 def testName(self):
     file = PE.get('chrome.exe')
     print  cert.getCert(file)
Beispiel #5
0
 def testName(self):
     pe = PE.get('chrome.exe')
     
     for section in sections.get(pe):
          # test = section[0].translate(None, '\x00')
           print section
Beispiel #6
0
 def testName(self):
     pe = PE.get('chrome.exe')
     print dump.get(pe)
Beispiel #7
0
 def testName(self):
       executable_file = PE.get('chrome.exe')
       for elem in get(executable_file):
           print elem
Beispiel #8
0
from modules import fileinfo
from modules import fileurl
from modules import meta
from modules import packer
from modules import sections
from modules import strings
from modules import suspicious_api
from modules import suspicious_sections
from modules import analyzePattern


if __name__ == "__main__":

    if len(sys.argv) == 3:  # ./muhafiz --antidbg file_path_include_malware
        if os.path.exists(sys.argv[2]):
            suspicious_file = PE.get(sys.argv[2])
            if sys.argv[1] == "--antidbg":
                pass
            elif sys.argv[1] == "--antivm":
                pass
            elif sys.argv[1] == "--cert":

                for key, value in cert.getCert(suspicious_file).iteritems():
                    print key, value

            elif sys.argv[1] == "--dir-import":
                print "DIRECTORY IMPORT"
                print directory.get_import(suspicious_file)
            elif sys.argv[1] == "--dir-export":

                print "DIRECTORY EXPORT"
 def testName(self):
  pe = PE.get('chrome.exe')
  print directory.get_export(pe)
  print directory.get_import(pe)
  
  print directory.get_tls(pe)