def load_sample_lists(args): sample_json_list = get_filepaths("tests/Extractors/StandAlone/unit_tests", args) for sample_json_location in sample_json_list: logging.warning("Found sample.json: " + sample_json_location) with open(sample_json_location, "r") as samples: sample_dict = json.load(samples) for hash_item in sample_dict["hashes"]: sample_name = "malware." + hash_item["hash"] + "." + hash_item.get("name", "none") + ".exe" try: get_sample(hash_item["hash"], os.path.dirname(sample_json_location) + "/" + sample_name) except Exception as e: logging.exception(e)
def proc_dump(): sha2 = "d62148b0329ac911ef707d6517e83b49416306198e343b28ab71343e30fa0075" location = os.getcwd() + "/tests/test_objects/" + sha2 + "." + random_string() tmp_list = os.listdir(os.getcwd() + "/tests/test_objects/") cache_list = [x for x in tmp_list if sha2 in x] if len(cache_list) > 0: print(("Already have " + sha2)) location = os.getcwd() + "/tests/test_objects/" + cache_list[0] else: get_sample(hash=sha2, download_location=location) yield sha2, location if not os.environ.get("CACHE", True): os.unlink(location)
def _grab_sample(sample_hash): sample_location = os.getcwd() + "/tests/test_objects/" + sample_hash get_sample(hash=sample_hash, download_location=sample_location) return sample_location
def _grab_sample(sample_hash): sample_location = pathlib.Path(__file__).absolute().parent.as_posix( ) + "/test_objects/" + sample_hash get_sample(hash=sample_hash, download_location=sample_location) return sample_location
def test_files(): test_files = [ { "hash": "e3bb40e63e4b43a58037ce10b2f037486789b631c392cad01b42abd2bf6942d2", "source": "https://github.com/bootandy/dust/releases/download/v0.5.4/dust-v0.5.4-x86_64-pc-windows-msvc.zip", "get_type_str": "PE32+ executable (console) x86-64, for MS Windows", "comment": "dust.exe", }, { "hash": "5dd87d3d6b9d8b4016e3c36b189234772661e690c21371f1eb8e018f0f0dec2b", "source": "https://github.com/bootandy/dust/releases/download/v0.5.4/dust-v0.5.4-i686-pc-windows-msvc.zip", "get_type_str": "PE32 executable (console) Intel 80386, for MS Windows", "comment": "dust.exe", }, { "hash": "16ffc96e2de2ced2e8da611b8b3d4d02710df1714278203b67c2129987339bf2", "source": "https://www.scintilla.org/wscite32_446.zip", "get_type_str": "PE32 executable (GUI) Intel 80386, for MS Windows", "comment": "SciTE32.exe", }, { "hash": "d0bfbe5a17a23e962814642508b397ff65a19a48156d516c723f5c233602c5e4", "source": "https://www.scintilla.org/wscite32_446.zip", "get_type_str": "PE32 executable (DLL) (GUI) Intel 80386, for MS Windows", "comment": "Scintilla.dll", }, { "hash": "438117c7bd53653b3113903bcdb8bd369904a152b524b4676b18a626c2b60e82", "source": "https://www.scintilla.org/wscite446.zip", "get_type_str": "PE32+ executable (GUI) x86-64, for MS Windows", "comment": "SciTE.exe", }, { "hash": "3782086dd779b883968053dd2cc65860b19678f3d323a39b7e6f47830ceb8632", "source": "https://www.scintilla.org/wscite446.zip", "get_type_str": "PE32+ executable (DLL) (GUI) x86-64, for MS Windows", "comment": "Scintilla.dll", }, { "hash": "b70cb2dc500d4e507681d39e10bc554731fc177a5200b56f9844bd92a3168487", "source": "https://www.scintilla.org/wscite446.zip", "get_type_str": "PNG image data, 24 x 24, 8-bit grayscale, non-interlaced", "comment": "png", }, ] random_suffix = random_string() test_files_with_location = test_files tmp_list = os.listdir( pathlib.Path(__file__).absolute().parent.as_posix() + "/test_objects/") for index, _ in enumerate(test_files): sample_hash = test_files[index]["hash"] # do we already have a cached sample? cache = [x for x in tmp_list if sample_hash in x] if len(cache) > 0: print(("Already have " + sample_hash)) test_files_with_location[index]["download_location"] = File( pathlib.Path(__file__).absolute().parent.as_posix() + "/test_objects/" + cache[0]) else: sample_location = ( pathlib.Path(__file__).absolute().parent.as_posix() + "/test_objects/" + sample_hash + "." + random_suffix) get_sample(hash=sample_hash, download_location=sample_location) test_files_with_location[index]["download_location"] = File( sample_location) print(("stored at " + sample_location)) yield test_files_with_location if not os.environ.get("CACHE", True): for index, _ in enumerate(test_files_with_location): os.remove( test_files_with_location[index]["download_location"].file_path)
def _grab_sample(sample_hash): sample_location = "CAPEv2/tests/test_objects/" + sample_hash get_sample(hash=sample_hash, download_location=sample_location) return get_binary_data(sample_location)