def _unpack(t): with TemporaryDirectory() as unpack_dir: file, unpacked_file = t unpacked = f"{unpack_dir}/unpacked.exe" sample = Sample(file) event = threading.Event() client = SimpleClient(event) heartbeat = RepeatedTimer(120, print, "- still running -", file=sys.stderr) engine = UnpackerEngine(sample, unpacked) engine.register_client(client) heartbeat.start() threading.Thread(target=engine.emu).start() event.wait() heartbeat.stop() engine.stop() assert os.path.exists(unpacked) assert not os.path.exists( sample.unpacker.dumper.brokenimport_dump_file) if os.path.exists(unpacked): return file, calc_md5(unpacked).hexdigest(), calc_md5( unpacked_file).hexdigest() else: return file, '', calc_md5(unpacked_file)
def prepare_test(self, sample_path): sample = Sample(sample_path) unpacker, _ = get_unpacker(sample) event = threading.Event() client = SimpleClient(event) heartbeat = RepeatedTimer(120, print, "- still running -", file=sys.stderr) engine = UnpackerEngine(sample) engine.register_client(client) heartbeat.start() threading.Thread(target=engine.emu).start() event.wait() heartbeat.stop() engine.stop() print(f"\n--- Emulation of {os.path.basename(sample_path)} finished ---")
def unpack_if_applicable( self, sample: JVSample, inplace=True): dest = sample.file + '_unipacker_' uni_sample = None if not sample.file_type.lower().startswith('pe'): return [sample] try: with redirect_std() as unipacker_logs: logs = None uni_sample = Sample( sample.file, True) unpacker = uni_sample.unpacker.__class__.__name__.lower().replace( 'unpacker', '') dest = dest + unpacker if not 'default' in unpacker and not unpacker in sample.packers: engine = UnpackerEngine(uni_sample, dest) event = threading.Event() client = SimpleClient(event) engine.register_client(client) threading.Thread(target=engine.emu).start() event.wait() engine.stop() if os.path.exists(dest): os.remove(sample.file) sample.file_type = get_file_type(dest) os.rename(dest, sample.file) sample._sha256 = None sample.add_packer(unpacker) return [sample] # dest = str(Path(file).with_suffix('')) + '_upx.bin' except Exception as e: traceback.print_exc() print(str(e)) if os.path.exists(dest): os.remove(dest) finally: # if uni_sample: # tmp_file = uni_sample.unpacker.dumper.brokenimport_dump_file # if os.path.exists(tmp_file): # os.remove(tmp_file) pass return [sample]
def handle_sample(self, sample, dest_dir, partition_by_packer): unpacker, _ = get_unpacker(sample) event = threading.Event() client = SimpleClient(event) heartbeat = RepeatedTimer(120, print, "- still running -", file=sys.stderr) if partition_by_packer: dest_dir = os.path.join(dest_dir, sample.unpacker.name) os.makedirs(dest_dir, exist_ok=True) dest_file = os.path.join(dest_dir, f"unpacked_{os.path.basename(sample.path)}") engine = UnpackerEngine(sample, dest_file) engine.register_client(client) heartbeat.start() threading.Thread(target=engine.emu).start() event.wait() heartbeat.stop() engine.stop() print(f"\nEmulation of {os.path.basename(sample.path)} finished.\n" f"--- Saved to {dest_file} ---\n")