Esempio n. 1
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    target = target_info(report(task))['file']
    response += CuckooHash(target['sha1'].decode('ascii'), taskid=task)

    return response
Esempio n. 2
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    netw = network(report(task))
    for d in netw['http']:
        response += Website(d['uri'].decode('ascii'), taskid=task)

    return response
def dotransform(request, response, config):

    if "taskid" in request.fields:
        task = request.fields["taskid"]
    else:
        task = request.value

    files = behavior(report(task))["summary"]["files"]
    for d in files:
        response += CuckooOpenFile(d.decode("ascii"), taskid=task)

    return response
Esempio n. 4
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    reg = behavior(report(task))['summary']['keys']
    for d in reg:
        response += Phrase(d.decode('ascii'))

    return response
Esempio n. 5
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    reg = behavior(report(task))['summary']['keys']
    for d in reg:
        response += Phrase(d.decode('ascii'))

    return response
Esempio n. 6
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    netw = network(report(task))
    for d in netw['domains']:
        response += IPv4Address(d['ip'].decode('ascii'), taskid=task)

    return response
Esempio n. 7
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    target = target_info(report(task))['file']
    response += CuckooHash(target['sha1'].decode('ascii'),
                           taskid=task)

    return response
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    secs = static_results(report(task))['pe_sections']
    for d in secs:
        response += Phrase(d['name'].decode('ascii'))

    return response
Esempio n. 9
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    files = behavior(report(task))['summary']['files']
    for d in files:
        response += CuckooOpenFile(d.decode('ascii'), taskid=task)

    return response
def dotransform(request, response, config):

    if "taskid" in request.fields:
        task = request.fields["taskid"]
    else:
        task = request.value

    netw = network(report(task))
    for d in netw["http"]:
        response += Website(d["uri"].decode("ascii"), taskid=task)

    return response
Esempio n. 11
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    secs = static_results(report(task))['pe_sections']
    for d in secs:
        response += Phrase(d['name'].decode('ascii'))

    return response
Esempio n. 12
0
def dotransform(request, response, config):
    fname = request.value
    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    dropped = dropped_files(report(task))
    for d in dropped:
        if d['name'] == fname:
            response += CuckooHash(d['md5'].decode('ascii'))

    return response
Esempio n. 13
0
def dotransform(request, response, config):
    fname = request.value
    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    dropped = dropped_files(report(task))
    for d in dropped:
        if d['name'] == fname:
            response += CuckooHash(d['md5'].decode('ascii'))

    return response
Esempio n. 14
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    target = target_info(report(task))

    response += CuckooMalwareFilename(target['file']['name'].decode('ascii'),
                                      taskid=task)

    return response
Esempio n. 15
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    processes = behavior(report(task))['processes']
    for d in processes:
        response += CuckooProcess(
                d['process_name'].decode('ascii'),
                taskid=task)

    return response
Esempio n. 16
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    dropped = dropped_files(report(task))
    for d in dropped:
        response += CuckooDropped(d['name'].decode('ascii'),
                                  taskid=task,
                                  ftype=d['type'])

    return response
Esempio n. 17
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    target = target_info(report(task))

    response += CuckooMalwareFilename(
                target['file']['name'].decode('ascii'),
                taskid=task)

    return response
Esempio n. 18
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    netw = network(report(task))
    for d in netw['domains']:
            response += IPv4Address(
                d['ip'].decode('ascii'),
                taskid=task)

    return response
Esempio n. 19
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    mutexes = behavior(report(task))['summary']['mutexes']
    for d in mutexes:
        response += CuckooMutex(
                d.decode('ascii'),
                taskid=task)

    return response
Esempio n. 20
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    dropped = dropped_files(report(task))
    for d in dropped:
            response += CuckooDropped(
                d['name'].decode('ascii'),
                taskid=task,
                ftype=d['type'])

    return response
Esempio n. 21
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    csigz = cuckoo_sigs(report(task))
    for d in csigz:
        response += CuckooSig(
            d['description'].decode('ascii'),
            taskid=task,
        )

    return response
Esempio n. 22
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    secs = static_results(report(task))['peid_signatures']
    if secs is None:
        pass
    else:
        for i in secs:
            response += Phrase(i)

    return response
Esempio n. 23
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    netw = network(report(task))
    dns_lst = []
    for d in netw['dns']:
        if d['request'] not in dns_lst:
            response += NSRecord(d['request'].decode('ascii'), taskid=task)
            dns_lst.append(d['request'])

    return response
Esempio n. 24
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    csigz = cuckoo_sigs(report(task))
    for d in csigz:
        response += CuckooSig(
                d['description'].decode('ascii'),
                taskid = task,
        )

    return response
Esempio n. 25
0
def dotransform(request, response, config):

    if "taskid" in request.fields:
        task = request.fields["taskid"]
    else:
        task = request.value

    netw = network(report(task))
    dns_lst = []
    for d in netw["dns"]:
        if d["request"] not in dns_lst:
            response += NSRecord(d["request"].decode("ascii"), taskid=task)
            dns_lst.append(d["request"])

    return response
Esempio n. 26
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    ysigz = yara_sigs(report(task))
    for d in ysigz:
        for k, v in d.iteritems():
            if 'meta' in k:
                response += CuckooYara(
                    v['description'].decode('ascii'),
                    taskid=task,
                )

    return response
def dotransform(request, response, config):

    if "taskid" in request.fields:
        task = request.fields["taskid"]
    else:
        task = request.value

    vt = vt_results(report(task))
    if vt["response_code"] == 1:
        for k, v in vt["scans"].iteritems():
            if None != v["result"]:
                value = k + " - " + v["result"]
                response += CuckooVT(value.decode("ascii"), taskid=task, vtlink=vt["permalink"])
    else:
        pass

    return response
Esempio n. 28
0
def dotransform(request, response, config):

    if 'taskid' in request.fields:
        task = request.fields['taskid']
    else:
        task = request.value

    vt = vt_results(report(task))
    if vt['response_code'] == 1:
        for k, v in vt['scans'].iteritems():
            if None != v['result']:
                value = k + ' - ' + v['result']
                response += CuckooVT(value.decode('ascii'),
                                     taskid=task,
                                     vtlink=vt['permalink'])
    else:
        pass

    return response