def show_suspicious(filename): apialert = pecore.get_apialert(filename) if apialert: len_apialert = len(apialert) print "\nSuspicious API discovered [" + str(len_apialert) + "]" print "-"*60 for i in range(0, len_apialert): print 'Function'.ljust(18), apialert[i]
def show_suspicious(filename): apialert_list = [] apialert = pecore.get_apialert(filename) if apialert: len_apialert = len(apialert) for i in range(0, len_apialert): apialert_list.append(apialert[i]) return apialert_list
def show_suspicious(filename):
apialert = pecore.get_apialert(filename)
file5 = open("/tmp/susApi.txt", "w")
if apialert:
len_apialert = len(apialert)
file5.write("\nSuspicious API discovered [" + str(len_apialert) + "]")
file5.write("-" * 60)
for i in range(0, len_apialert):
file5.write('Function'.ljust(18) + apialert[i])
file5.close()
def show_suspicious(filename):
apialert = pecore.get_apialert(filename)
file5 = open("/tmp/susApi.txt", "w")
if apialert:
len_apialert = len(apialert)
file5.write("\nSuspicious API discovered [" + str(len_apialert) + "]")
file5.write("-"*60)
for i in range(0, len_apialert):
file5.write('Function'.ljust(18) + apialert[i])
file5.close()
def autoanalysis(pe, filename, json=False):
if json:
print pecore.get_info(pe, filename), \
pecore.get_cert(pe), \
pecore.get_packer(pe), \
pecore.get_antidbg(pe), \
pecore.get_antivm(filename), \
pecore.get_apialert(pe), \
pecore.get_secalert(pe), \
pecore.get_fileurl(filename), \
pecore.get_meta(pe)
else:
stdoutput.show_auto(
pecore.get_info(pe, filename), \
pecore.get_cert(pe), \
pecore.get_packer(pe), \
pecore.get_antidbg(pe), \
pecore.get_antivm(filename), \
pecore.get_apialert(pe), \
pecore.get_secalert(pe), \
pecore.get_fileurl(filename), \
pecore.get_meta(pe))
def autoanalysis(pe, filename, json=False): if json: print pecore.get_info(pe, filename), \ pecore.get_cert(pe), \ pecore.get_packer(pe), \ pecore.get_antidbg(pe), \ pecore.get_antivm(filename), \ pecore.get_apialert(pe), \ pecore.get_secalert(pe), \ pecore.get_fileurl(filename), \ pecore.get_meta(pe) else: stdoutput.show_auto( pecore.get_info(pe, filename), \ pecore.get_cert(pe), \ pecore.get_packer(pe), \ pecore.get_antidbg(pe), \ pecore.get_antivm(filename), \ pecore.get_apialert(pe), \ pecore.get_secalert(pe), \ pecore.get_fileurl(filename), \ pecore.get_meta(pe))