def load_malwareconfig_parsers() -> Tuple[bool, dict, ModuleType]:
if not process_cfg.ratdecoders.enabled:
return False, False, False
try:
from malwareconfig import fileparser
from malwareconfig.modules import __decoders__
if process_cfg.ratdecoders.modules_path:
from lib.cuckoo.common.load_extra_modules import ratdecodedr_load_decoders
ratdecoders_local_modules = ratdecodedr_load_decoders([
os.path.join(CUCKOO_ROOT, process_cfg.ratdecoders.modules_path)
])
if ratdecoders_local_modules:
__decoders__.update(ratdecoders_local_modules)
assert "TestRats" in __decoders__
return True, __decoders__, fileparser
except ImportError:
log.info("Missed RATDecoders -> pip3 install malwareconfig")
except Exception as e:
log.error(e, exc_info=True)
return False, False, False
"Missed MWCP -> pip3 install git+https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP\nDetails: {}".format(e)
)
HAS_MALWARECONFIGS = False
if process_cfg.ratdecoders.enabled:
try:
from malwareconfig import fileparser
from malwareconfig.modules import __decoders__, __preprocessors__
HAS_MALWARECONFIGS = True
if process_cfg.ratdecoders.modules_path:
from lib.cuckoo.common.load_extra_modules import ratdecodedr_load_decoders
ratdecoders_local_modules = ratdecodedr_load_decoders([os.path.join(CUCKOO_ROOT, process_cfg.ratdecoders.modules_path)])
if ratdecoders_local_modules:
__decoders__.update(ratdecoders_local_modules)
except ImportError:
logging.info("Missed RATDecoders -> pip3 install git+https://github.com/kevthehermit/RATDecoders")
except Exception as e:
logging.error(e, exc_info=True)
HAVE_MALDUCK = False
if process_cfg.malduck.enabled:
try:
from lib.cuckoo.common.load_extra_modules import malduck_load_decoders
from malduck.extractor import ExtractorModules, ExtractManager
from malduck.extractor.extractor import Extractor
# from malduck.extractor.loaders import load_modules
from malduck.yara import Yara
malduck_rules = Yara.__new__(Yara)