def dotransform(request, response): search_param = 'similar-to:"%s"' % str(request.value) hits = search_vt(search_param) if hits: for hsh in hits: if request.fields.has_key('sha256'): if not hsh == request.fields['sha256']: r = Hash(str(hsh)) r.linklabel = "similar->VT" response += r else: r = Hash(str(hsh)) r.linklabel = "similar->VT" response += r return response
def dotransform(request, response): if request.fields.has_key("parents"): parents=ast.literal_eval(request.fields['parents']) for parent in parents: r=Hash(str(parent)) r.linklabel="vt_rep->parents" response+=r return response
def dotransform(request, response): search_param = 'itw:"%s"' % str(request.value) hits = search_vt(search_param) if hits: for hsh in hits: r = Hash(str(hsh)) r.linklabel = "itw->VT" response += r return response
def dotransform(request, response): search_param = 'peresource:"%s"' % str(request.fields['sha256']) hits = search_vt(search_param) if hits: for hsh in hits: r = Hash(str(hsh)) r.linklabel = "resource->VT" response += r return response
def dotransform(request, response): search_param='sectionmd5:"%s"' % str(request.fields['md5']) hits=search_vt(search_param) if hits: for hsh in hits: r=Hash(str(hsh)) r.linklabel="section->VT" response+=r return response
def dotransform(request, response): search = str("pets:%s" % request.value) hits = search_vt(search) if hits: for hsh in hits: r = Hash(str(hsh)) r.linklabel = "pets->vt" response += r return response
def dotransform(request, response): search_param = 'ssdeep:"%s"' % str(urllib.quote_plus(request.value)) debug(search_param) hits = search_vt(search_param) if hits: for hsh in hits: r = Hash(str(hsh)) r.linklabel = "ssdeep->VT" response += r return response
def dotransform(request, response): try: items = ast.literal_eval(request.fields['detected_downloaded_samples']) except: return response for item in items: sha256 = item['sha256'] date = item['date'] r = Hash(sha256) r.linklabel = date response += r return response
def dotransform(request, response): try: search_param = 'sigcheck:"%s"' % str(request.fields['issuer']) except: debug("ripVT: Error - value not present in property.") return response hits = search_vt(search_param) if hits: for hsh in hits: r = Hash(str(hsh)) r.linklabel = "cert_issuer->VT" response += r return response
def dotransform(request, response): try: search_param = 'engines:"%s"' % str(request.value) except: debug("ripVT: Error - value not present in property.") return response hits = search_vt(search_param) if hits: for hsh in hits: r = Hash(str(hsh)) r.linklabel = "engines->VT" response += r return response