def static(filename): print "Use <strings> to show strings in the file" print "Use <peid> to detect packer signatures" print "Use <export> to show imported function and dll" print "Use <import> to show exported function and dll" print "Use <sections> to show sections information" print "Use <fileurl> to show file urls" print "Use <suspicious> to show some suspicious functions" print "Use <auto> to auto-analysis the file" while True: input = raw_input('Static>> ') if (input=="strings"): peframe.show_strings(filename) elif (input=="peid"): peframe.show_packer(filename) elif (input=="suspicious"): peframe.show_suspicious(filename) elif (input=="fileurl"): peframe.show_fileurl(filename) elif (input=="import"): peframe.show_imported_functions(filename) elif (input=="export"): peframe.show_exported_functions(filename) elif (input=="meta"): peframe.show_meta(filename) elif (input=="sections"): peframe.show_sections(filename) elif (input=='auto'): peframe.autoanalysis(filename) elif (input=='exit'): return
def static(filename): print "Use <strings> to show strings in the file" print "Use <peid> to detect packer signatures" print "Use <export> to show imported function and dll" print "Use <import> to show exported function and dll" print "Use <sections> to show sections information" print "Use <fileurl> to show file urls" print "Use <suspicious> to show some suspicious functions" print "Use <auto> to auto-analysis the file" while True: input = raw_input('Static>> ') if (input == "strings"): peframe.show_strings(filename) elif (input == "peid"): peframe.show_packer(filename) elif (input == "suspicious"): peframe.show_suspicious(filename) elif (input == "fileurl"): peframe.show_fileurl(filename) elif (input == "import"): peframe.show_imported_functions(filename) elif (input == "export"): peframe.show_exported_functions(filename) elif (input == "meta"): peframe.show_meta(filename) elif (input == "sections"): peframe.show_sections(filename) elif (input == 'auto'): peframe.autoanalysis(filename) elif (input == 'exit'): return
def static(filename): print "Use <strings> to show strings in the file" print "Use <peid> to detect packer signatures" print "Use <antidbg> to detect antidebug techniques in the file" print "Use <antivm> to detect anti virtualisation techniques in the file" print "Use <auto> to auto-analysis the file" while True: input = raw_input('Static>> ') if (input=="strings"): peframe.analyse(filename,"--strings") elif (input=="peid"): peframe.analyse(filename,"--peid") elif (input=='auto'): peframe.autoanalysis(filename) elif (input=='exit'): return
def static(self, filename): peframe.autoanalysis(filename)
filename="/home/ask3m/malware.exe" filename = raw_input('path to file exemple(/home/ask3m/malware.exe):') while(1): try: input = raw_input('Hunter>> ') #input =input.replace(' ','') if (input=="static"): print "Use <strings> to show strings in the file" print "Use <peid> to detect packer signatures" print "Use <antidbg> to detect antidebug techniques in the file" print "Use <antivm> to detect anti virtualisation techniques in the file" print "Use <auto> to auto-analysis the file" input = raw_input('static>> ') if (input=="strings"): peframe.analyse("/home/ask3m/malware.exe","--strings") elif (input=="static"): #peframe.autoanalysis("/home/ask3m/malware.exe") peframe.analyse("/home/ask3m/malware.exe","--peid") print input elif (input=='auto'): peframe.autoanalysis("/home/ask3m/malware.exe") elif (input=="sandbox"): print "Dynamic analysis for suspicious files" myvbox.myvbox("/home/ask3m/test.exe") elif (input=='exit()'): sys.exit(0) else : print "this command is not used" except KeyboardInterrupt: print "type exit() to stop"