def get_unpack_status(file_path: str, binary: bytes, extracted_files: List[Path], meta_data: Dict, config: ConfigParser): meta_data['summary'] = [] meta_data['entropy'] = avg_entropy(binary) if not extracted_files: if get_file_type_from_path(file_path)['mime'] in read_list_from_config(config, 'ExpertSettings', 'compressed_file_types')\ or not is_compressed(binary, compress_entropy_threshold=config.getfloat('ExpertSettings', 'unpack_threshold'), classifier=avg_entropy): meta_data['summary'] = ['unpacked'] else: meta_data['summary'] = ['packed'] else: _detect_unpack_loss(binary, extracted_files, meta_data, config.getint('ExpertSettings', 'header_overhead'))
def get_unpack_status(self, fo, extracted_fos): fo.processed_analysis['unpacker']['summary'] = [] fo_entropy = avg_entropy(fo.binary) fo.processed_analysis['unpacker']['entropy'] = fo_entropy if len(fo.files_included) < 1: if get_file_type_from_path(fo.file_path)['mime'] in self.VALID_COMPRESSED_FILE_TYPES: fo.processed_analysis['unpacker']['summary'] = ['unpacked'] else: if is_compressed(fo.binary, compress_entropy_threshold=self.config['ExpertSettings'].getfloat('unpack_threshold', 0.7), classifier=avg_entropy): fo.processed_analysis['unpacker']['summary'] = ['packed'] else: fo.processed_analysis['unpacker']['summary'] = ['unpacked'] else: self._detect_unpack_loss(fo, extracted_fos)