gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 07:40:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

vmray: loosen file checks to enable processing of additional file types (#2571)

Browse Source 
* vmray: loosen file checks to enable addtional file types

* additional refactor to loosen file checks

* update CHANGELOG

* cleanup comments and small code refactor

* fix lints

* use NO_ADDRESS for submissions that don't have a base address

* update comments

* add test for ps1 trace
This commit is contained in:
Mike Hunhoff
2025-01-23 12:47:36 -07:00
committed by GitHub
parent 3702baf9a9
commit 160ce73a35
8 changed files with 138 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/minimize_vmray_results.py
View File

@@ -49,9 +49,9 @@ def main(argv=None):
vmra = VMRayAnalysis(analysis_archive)
sv2_json = vmra.zipfile.read("logs/summary_v2.json", pwd=DEFAULT_ARCHIVE_PASSWORD)
flog_xml = vmra.zipfile.read("logs/flog.xml", pwd=DEFAULT_ARCHIVE_PASSWORD)
sample_file_buf = vmra.sample_file_buf
assert vmra.sample_file_analysis is not None
sample_sha256: str = vmra.sample_file_analysis.hash_values.sha256.lower()
sample_file_buf = vmra.submission_bytes
assert vmra.submission_meta is not None
sample_sha256: str = vmra.submission_meta.hash_values.sha256.lower()
new_zip_name = f"{analysis_archive.parent / analysis_archive.stem}_min.zip"
with zipfile.ZipFile(new_zip_name, "w") as new_zip: