gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 15:49:46 -08:00
Code Issues Packages Projects Releases Wiki Activity

vmray: refactor global_.py

Browse Source
This commit is contained in:
Mike Hunhoff
2024-07-19 11:51:16 -06:00
parent 8bf0d16fd8
commit 6e0dc83451
1 changed files with 12 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
capa/features/extractors/vmray/global_.py
View File

@@ -28,15 +28,15 @@ logger = logging.getLogger(__name__)
def extract_arch(analysis: VMRayAnalysis) -> Iterator[Tuple[Feature, Address]]:
sample_type: str = analysis.sv2.analysis_metadata.sample_type
file_type: str = analysis.file_type
if "x86-32" in sample_type:
if "x86-32" in file_type:
yield Arch(ARCH_I386), NO_ADDRESS
elif "x86-64" in sample_type:
elif "x86-64" in file_type:
yield Arch(ARCH_AMD64), NO_ADDRESS
else:
logger.warning("unrecognized arch: %s", sample_type)
raise ValueError(f"unrecognized arch from the VMRay report: {sample_type}")
logger.warning("unrecognized arch: %s", file_type)
raise ValueError(f"unrecognized arch from the VMRay report: {file_type}")
def extract_format(analysis: VMRayAnalysis) -> Iterator[Tuple[Feature, Address]]:
@@ -46,22 +46,20 @@ def extract_format(analysis: VMRayAnalysis) -> Iterator[Tuple[Feature, Address]]
elif analysis.sample_file_static_data.elf:
yield Format(FORMAT_ELF), NO_ADDRESS
else:
logger.warning("unrecognized file format: %s", analysis.sv2.analysis_metadata.sample_type)
raise ValueError(
f"unrecognized file format from the VMRay report: {analysis.sv2.analysis_metadata.sample_type}"
)
logger.warning("unrecognized file format: %s", analysis.file_type)
raise ValueError(f"unrecognized file format from the VMRay report: {analysis.file_type}")
def extract_os(analysis: VMRayAnalysis) -> Iterator[Tuple[Feature, Address]]:
sample_type: str = analysis.sv2.analysis_metadata.sample_type
file_type: str = analysis.file_type
if "windows" in sample_type.lower():
if "windows" in file_type.lower():
yield OS(OS_WINDOWS), NO_ADDRESS
elif "linux" in sample_type.lower():
elif "linux" in file_type.lower():
yield OS(OS_LINUX), NO_ADDRESS
else:
logger.warning("unrecognized OS: %s", sample_type)
raise ValueError(f"unrecognized OS from the VMRay report: {sample_type}")
logger.warning("unrecognized OS: %s", file_type)
raise ValueError(f"unrecognized OS from the VMRay report: {file_type}")
def extract_features(analysis: VMRayAnalysis) -> Iterator[Tuple[Feature, Address]]: