def specified_set(db):
#testing specific APKs
viruses = [] #path to singel malware files, for testing
for v in viruses:
data = getAPIfromPkg(v)
entry = parse_data(data,False)
insertToDB(entry,db)
db.insertRelation(entry.getappId(),uniquate_list(entry.getappToApiRelation()))
db.insertAppToPrmRelation(entry.getappId(),uniquate_list(entry.getappToPrmRelation()))
def single_APK(db):
# testing one APK
# insert path to single malware here
data = getAPIfromPkg('path_to_malware')
entry = parse_data(data, True)
insertToDB(entry, db)
db.insertRelation(entry.getappId(),
uniquate_list(entry.getappToApiRelation()))
db.insertAppToPrmRelation(entry.getappId(),
uniquate_list(entry.getappToPrmRelation()))
def reverseAnalysis(sources):
db = SafeDroidDB(False)
for f in sources:
mal = 0
log.info('Application examined path: %s' %f)
if (MAL_FOLDER in f):
mal = 1
try:
data = getAPIfromPkg(f)
entry = parse_data(data,mal)
if db.exists('APPLICATIONS',entry.getMD5(), entry.getName()):
continue
insertToDB(entry,db)
db.insertRelation(entry.getappId(),uniquate_list(entry.getappToApiRelation()))
db.insertAppToPrmRelation(entry.getappId(),uniquate_list(entry.getappToPrmRelation()))
except Exception,err:
log.critical('%s failed' %f)
log.critical(err)
pass
def _reverse_Analysis(sources, malicious_directory):
db = SafeDroidDB(False)
event_log = {}
for f in sources:
mal = 0
event_log['info'] = 'Application examined: %s' % f
if (malicious_directory in f):
mal = 1
try:
data = getAPIfromPkg(f)
entry, event_log['info'] = _parse_data(data, mal)
if db.exists('APPLICATIONS', entry.getMD5(), entry.getName()):
continue
insertToDB(entry, db)
db.insertRelation(entry.getappId(),
uniquate_list(entry.getappToApiRelation()))
db.insertAppToPrmRelation(
entry.getappId(), uniquate_list(entry.getappToPrmRelation()))
except Exception, err:
event_log['critical'] = '%s failed. %s' % (f, err)
pass