Exemplo n.º 1
0
    def is_valid(self):
        """
        Check if the payload is valid

        """

        try:
            return peutils.is_valid(self.pe)
        except:
            return None
Exemplo n.º 2
0
    def _is_valid(self, pe) -> Union[bool, None]:
        """
        Check if the payload is valid

        """

        try:
            return peutils.is_valid(pe)
        except:
            return None
Exemplo n.º 3
0
    def is_valid(self):
        """
        Check if the payload is valid

        """

        try:
            return peutils.is_valid(self.pe)
        except:
            return None
Exemplo n.º 4
0
 def peid(self):
     pe_matches = dict()
     userdb_file_dir_path = path.join(MALICE_ROOT, 'data', 'UserDB.TXT')
     signatures = peutils.SignatureDatabase(userdb_file_dir_path)
     packer = []
     matches = signatures.match_all(self.pe, ep_only=True)
     if matches:
         map(packer.append, [s[0] for s in matches])
     pe_matches["peid_signature_match"] = packer
     pe_matches["is_probably_packed"] = peutils.is_probably_packed(self.pe)
     pe_matches["is_suspicious"] = peutils.is_suspicious(self.pe)
     pe_matches["is_valid"] = peutils.is_valid(self.pe)
     return pe_matches
Exemplo n.º 5
0
 def peid(self):
     pe_matches = dict()
     userdb_file_dir_path = path.join(MALICE_ROOT, 'data', 'UserDB.TXT')
     signatures = peutils.SignatureDatabase(userdb_file_dir_path)
     packer = []
     matches = signatures.match_all(self.pe, ep_only=True)
     if matches:
         map(packer.append, [s[0] for s in matches])
     pe_matches["peid_signature_match"] = packer
     pe_matches["is_probably_packed"] = peutils.is_probably_packed(self.pe)
     pe_matches["is_suspicious"] = peutils.is_suspicious(self.pe)
     pe_matches["is_valid"] = peutils.is_valid(self.pe)
     return pe_matches
Exemplo n.º 6
0
	def _build_peid_matches(self, scan_result):
		import peutils
		pe_matches = dict()
		UserDB_FILE_DIR_PATH = path.join(path.dirname(__file__), 'file', 'UserDB.TXT')
		signatures = peutils.SignatureDatabase(UserDB_FILE_DIR_PATH)

		packer = []
		matches = signatures.match_all(scan_result, ep_only=True)
		if matches:
			map(packer.append, [s[0] for s in matches])
		pe_matches["peid_signature_match"] = packer
		pe_matches["is_probably_packed"] = peutils.is_probably_packed(scan_result)
		pe_matches["is_suspicious"] = peutils.is_suspicious(scan_result)
		pe_matches["is_valid"] = peutils.is_valid(scan_result)
		return pe_matches
Exemplo n.º 7
0
    def _build_peid_matches(self, scan_result):
        import peutils
        pe_matches = dict()
        UserDB_FILE_DIR_PATH = path.join(path.dirname(__file__), 'file',
                                         '../pe/data/UserDB.TXT')
        signatures = peutils.SignatureDatabase(UserDB_FILE_DIR_PATH)

        packer = []
        matches = signatures.match_all(scan_result, ep_only=True)
        if matches:
            map(packer.append, [s[0] for s in matches])
        pe_matches["peid_signature_match"] = packer
        pe_matches["is_probably_packed"] = peutils.is_probably_packed(
            scan_result)
        pe_matches["is_suspicious"] = peutils.is_suspicious(scan_result)
        pe_matches["is_valid"] = peutils.is_valid(scan_result)
        return pe_matches