Closed g4ze closed 1 month ago
malware_tools_analyzers-user@0e3f29973277:/opt/deploy/artifacts/artifa
cts$ /opt/deploy/artifacts/venv/bin/python3 /opt/deploy/artifacts/artifacts/artifacts.py ./bitbar-sample-app.apk
{
"version": "1.1.1",
"md5": "00cc5435151aa38a091781922c0390a4",
"dex": [
"classes.dex"
],
"library": [],
"network": {
"ip": [],
"url": [],
"param": []
},
"root": [],
"string": {
"base64": [],
"telegram_id": [],
"known": []
},
"family": {
"name": "CryCrypto",
"match": 20.63,
"value": {
"permission": 28.57,
"application": 0.0,
"intent": 33.33
}
},
"sandbox": [
"https://tria.ge/s?q=00cc5435151aa38a091781922c0390a4",
"https://www.joesandbox.com/analysis/search?q=00cc5435151aa38a091781922c0390a4",
"https://www.virustotal.com/gui/search/00cc5435151aa38a091781922c0390a4",
"https://bazaar.abuse.ch/browse.php?search=md5:00cc5435151aa38a091781922c0390a4",
"https://koodous.com/apks?search=00cc5435151aa38a091781922c0390a4"
],
"elapsed_time": 0.09
}
the command works perfectly fine inside the container but fails while analyzer run:
How is gui and cli exec different? Are we not literally running the same command internally? The same command gives desired op when I shell inside the container.
{ "name": "APK_Artifacts", "process_time": 5.07, "status": "SUCCESS", "end_time": "2024-08-27T10:03:15.563886Z", "parameters": {}, "type": "analyzer", "id": 72, "report": { "dex": [ "classes.dex" ], "md5": "8a05a189e58ccd7275f7ffdf88c2c191", "root": [], "family": { "name": "CryCrypto", "match": 11.11, "value": { "intent": 33.33, "permission": 0.0, "application": 0.0 } }, "string": { "known": [], "base64": [], "telegram_id": [] }, "library": [], "network": { "ip": [], "url": [], "param": [] }, "sandbox": [ "https://tria.ge/s?q=8a05a189e58ccd7275f7ffdf88c2c191", "https://www.joesandbox.com/analysis/search?q=8a05a189e58ccd7275f7ffdf88c2c191", "https://www.virustotal.com/gui/search/8a05a189e58ccd7275f7ffdf88c2c191", "https://bazaar.abuse.ch/browse.php?search=md5:8a05a189e58ccd7275f7ffdf88c2c191", "https://koodous.com/apks?search=8a05a189e58ccd7275f7ffdf88c2c191" ], "version": "1.1.1", "elapsed_time": 0.02 },
all gtg docs here https://github.com/intelowlproject/docs/pull/4
Wohoooo all tasks done!!!!!!🤝
great work man!
closes #2444
Description
Please include a summary of the change and link to the related issue.
Type of change
Please delete options that are not relevant.
Checklist
develop
dumpplugin
command and added it in the project as a data migration. ("How to share a plugin with the community")test_files.zip
and you added the default tests for that mimetype in test_classes.py.FREE_TO_USE_ANALYZERS
playbook by following this guide.url
that contains this information. This is required for Health Checks._monkeypatch()
was used in its class to apply the necessary decorators.MockUpResponse
of the_monkeypatch()
method. This serves us to provide a valid sample for testing.Black
,Flake
,Isort
) gave 0 errors. If you have correctly installed pre-commit, it does these checks and adjustments on your behalf.tests
folder). All the tests (new and old ones) gave 0 errors.DeepSource
,Django Doctors
or other third-party linters have triggered any alerts during the CI checks, I have solved those alerts.Important Rules