def load_sample_lists(args):
sample_json_list = get_filepaths("tests/Extractors/StandAlone/unit_tests", args)
for sample_json_location in sample_json_list:
logging.warning("Found sample.json: " + sample_json_location)
with open(sample_json_location, "r") as samples:
sample_dict = json.load(samples)
for hash_item in sample_dict["hashes"]:
sample_name = "malware." + hash_item["hash"] + "." + hash_item.get("name", "none") + ".exe"
try:
get_sample(hash_item["hash"], os.path.dirname(sample_json_location) + "/" + sample_name)
except Exception as e:
logging.exception(e)
def proc_dump():
sha2 = "d62148b0329ac911ef707d6517e83b49416306198e343b28ab71343e30fa0075"
location = os.getcwd() + "/tests/test_objects/" + sha2 + "." + random_string()
tmp_list = os.listdir(os.getcwd() + "/tests/test_objects/")
cache_list = [x for x in tmp_list if sha2 in x]
if len(cache_list) > 0:
print(("Already have " + sha2))
location = os.getcwd() + "/tests/test_objects/" + cache_list[0]
else:
get_sample(hash=sha2, download_location=location)
yield sha2, location
if not os.environ.get("CACHE", True):
os.unlink(location)
def _grab_sample(sample_hash):
sample_location = os.getcwd() + "/tests/test_objects/" + sample_hash
get_sample(hash=sample_hash, download_location=sample_location)
return sample_location
def _grab_sample(sample_hash):
sample_location = pathlib.Path(__file__).absolute().parent.as_posix(
) + "/test_objects/" + sample_hash
get_sample(hash=sample_hash, download_location=sample_location)
return sample_location
def test_files():
test_files = [
{
"hash":
"e3bb40e63e4b43a58037ce10b2f037486789b631c392cad01b42abd2bf6942d2",
"source":
"https://github.com/bootandy/dust/releases/download/v0.5.4/dust-v0.5.4-x86_64-pc-windows-msvc.zip",
"get_type_str":
"PE32+ executable (console) x86-64, for MS Windows",
"comment": "dust.exe",
},
{
"hash":
"5dd87d3d6b9d8b4016e3c36b189234772661e690c21371f1eb8e018f0f0dec2b",
"source":
"https://github.com/bootandy/dust/releases/download/v0.5.4/dust-v0.5.4-i686-pc-windows-msvc.zip",
"get_type_str":
"PE32 executable (console) Intel 80386, for MS Windows",
"comment": "dust.exe",
},
{
"hash":
"16ffc96e2de2ced2e8da611b8b3d4d02710df1714278203b67c2129987339bf2",
"source": "https://www.scintilla.org/wscite32_446.zip",
"get_type_str":
"PE32 executable (GUI) Intel 80386, for MS Windows",
"comment": "SciTE32.exe",
},
{
"hash":
"d0bfbe5a17a23e962814642508b397ff65a19a48156d516c723f5c233602c5e4",
"source": "https://www.scintilla.org/wscite32_446.zip",
"get_type_str":
"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows",
"comment": "Scintilla.dll",
},
{
"hash":
"438117c7bd53653b3113903bcdb8bd369904a152b524b4676b18a626c2b60e82",
"source": "https://www.scintilla.org/wscite446.zip",
"get_type_str": "PE32+ executable (GUI) x86-64, for MS Windows",
"comment": "SciTE.exe",
},
{
"hash":
"3782086dd779b883968053dd2cc65860b19678f3d323a39b7e6f47830ceb8632",
"source": "https://www.scintilla.org/wscite446.zip",
"get_type_str":
"PE32+ executable (DLL) (GUI) x86-64, for MS Windows",
"comment": "Scintilla.dll",
},
{
"hash":
"b70cb2dc500d4e507681d39e10bc554731fc177a5200b56f9844bd92a3168487",
"source": "https://www.scintilla.org/wscite446.zip",
"get_type_str":
"PNG image data, 24 x 24, 8-bit grayscale, non-interlaced",
"comment": "png",
},
]
random_suffix = random_string()
test_files_with_location = test_files
tmp_list = os.listdir(
pathlib.Path(__file__).absolute().parent.as_posix() + "/test_objects/")
for index, _ in enumerate(test_files):
sample_hash = test_files[index]["hash"]
# do we already have a cached sample?
cache = [x for x in tmp_list if sample_hash in x]
if len(cache) > 0:
print(("Already have " + sample_hash))
test_files_with_location[index]["download_location"] = File(
pathlib.Path(__file__).absolute().parent.as_posix() +
"/test_objects/" + cache[0])
else:
sample_location = (
pathlib.Path(__file__).absolute().parent.as_posix() +
"/test_objects/" + sample_hash + "." + random_suffix)
get_sample(hash=sample_hash, download_location=sample_location)
test_files_with_location[index]["download_location"] = File(
sample_location)
print(("stored at " + sample_location))
yield test_files_with_location
if not os.environ.get("CACHE", True):
for index, _ in enumerate(test_files_with_location):
os.remove(
test_files_with_location[index]["download_location"].file_path)
def _grab_sample(sample_hash):
sample_location = "CAPEv2/tests/test_objects/" + sample_hash
get_sample(hash=sample_hash, download_location=sample_location)
return get_binary_data(sample_location)
