Merge pull request #2521 from mandiant/fix/2466-cape-model

make Process model flexible and procmemory optional

CHANGELOG.md

@@ -33,6 +33,7 @@
 - binja: support loading raw x86/x86_64 shellcode #2489 @xusheng6
 - binja: fix crash when the IL of certain functions are not available. #2249 @xusheng6
 - binja: major performance improvement on the binja extractor. #1414 @xusheng6
+- cape: make Process model flexible and procmemory optional to load newest reports #2466 @mr-tz
 
 ### capa Explorer Web
 

capa/features/extractors/cape/models.py

@@ -297,7 +297,10 @@ class Call(ExactModel):
     id: int
 
 
-class Process(ExactModel):
+# FlexibleModel to account for extended fields
+# refs: https://github.com/mandiant/capa/issues/2466
+# https://github.com/kevoreilly/CAPEv2/pull/2199
+class Process(FlexibleModel):
     process_id: int
     process_name: str
     parent_id: int
@@ -400,7 +403,7 @@ class CapeReport(FlexibleModel):
     CAPE: Optional[Union[Cape, list]] = None
     dropped: Optional[list[File]] = None
     procdump: Optional[list[ProcessFile]] = None
-    procmemory: ListTODO
+    procmemory: Optional[ListTODO] = None
 
     # =========================================================================
     # information we won't use in capa