Skip to content

Commit

Permalink
Modifications to better select strings
Browse files Browse the repository at this point in the history
  • Loading branch information
lucascarvalhoroncoroni committed Jun 25, 2017
1 parent 131de65 commit 5bffa36
Show file tree
Hide file tree
Showing 8 changed files with 20 additions and 12 deletions.
Binary file removed Softwares/chrome.exe
View file
Binary file not shown.
0 ...alytics/DataBase/Softwares/ImageGlass.exe → ...nalytics/DataBase/Analysis/ImageGlass.exe
View file
File renamed without changes.
Binary file removed mainProject/SFAnalytics/DataBase/Malwares/7zFM.exe
View file
Binary file not shown.
Binary file removed mainProject/SFAnalytics/DataBase/Uploads/7zFM.exe
View file
Binary file not shown.
Binary file modified mainProject/SFAnalytics/__pycache__/views.cpython-36.pyc
View file
Binary file not shown.
6 changes: 3 additions & 3 deletions mainProject/SFAnalytics/templates/SFAnalytics/malwareResultTemplate.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,17 +107,17 @@ <h1>{{fileAnalysed.name}}</h1>
<div class="row">
<div class="col-sm-3">
<div class="pager">
<li><a href="http://127.0.0.1:8000/SFAnalytics/malwareResult/opcodes">More opcodes</a></li>
<li><a href="http://127.0.0.1:8000/admin/SFAnalytics/opcodelist/">More opcodes</a></li>
</div>
</div>
<div class="col-sm-6">
<div class="pager">
<li><a href="http://127.0.0.1:8000/SFAnalytics/malwareResult/Strings">More strings</a></li>
<li><a href="http://127.0.0.1:8000/admin/SFAnalytics/stringlist/">More strings</a></li>
</div>
</div>
<div class="col-sm-3">
<div class="pager">
<li><a href="http://127.0.0.1:8000/SFAnalytics/malwareResult/dlls">More dlls</a></li>
<li><a href="http://127.0.0.1:8000/admin/SFAnalytics/dlllist/">More dlls</a></li>
</div>
</div>
</div>
Expand Down
26 changes: 17 additions & 9 deletions mainProject/SFAnalytics/views.py
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import os
import math
from django.shortcuts import render
from django.http import HttpResponseRedirect
from .forms import *
Expand All @@ -24,7 +25,7 @@ def __init__(self, path):
for singleOpcode in opcodeList:
name = singleOpcode.op
porcentage = (singleOpcode.num / self.opcodeCount) * 100
porcentage = float('{0:.2f}'.format(porcentage))
porcentage = float('{0:.4f}'.format(porcentage))
index = self.__opcodeFeature(singleOpcode.op)
self.opcodeListView.append(OpCodeViewLine(name, porcentage, index))

Expand All @@ -51,10 +52,9 @@ def __init__(self, string, index):
#class for showing strings as features
class StringView(object):
def __init__(self, path):
#500 randomly picked strings
strings = Strings(path)
stringList = strings.getRandStrings()
self.stringCount = strings.getCount()
self.stringCount = round(strings.getCount() * 0.1)
stringList = strings.getStrings()[:self.stringCount]
self.stringFeatures = StringList.objects.all()
self.stringListView = []
for string in stringList:
Expand Down Expand Up @@ -131,10 +131,18 @@ def uploadView(request):
#view from malwareResult template
def malwareResultView(request):
# Retrieves the first file of the upload folder
filesList = os.listdir('./SFAnalytics/DataBase/Uploads/')
analysisPath = './SFAnalytics/DataBase/Analysis/'
uploadPath = './SFAnalytics/DataBase/Uploads/'
#removing files from temp path
analysisList = os.listdir(analysisPath)
for f in analysisList:
os.remove('{}{}'.format(analysisPath, f))
# Retriaving file uploaded
filesList = os.listdir(uploadPath)
uploadedFile = filesList[0]
path = './SFAnalytics/DataBase/Uploads/{}'.format(uploadedFile)
#moving file
os.rename('{}{}'.format(uploadPath, uploadedFile), '{}{}'.format(analysisPath, uploadedFile))
path = '{}{}'.format(analysisPath, uploadedFile)
#This is to hold in the future the value of the classification
isMalware = False
handlePE = DllView(path)
Expand All @@ -143,7 +151,6 @@ def malwareResultView(request):
fileAnalysed = AnalysedFile(uploadedFile, handlePE.getDataSectionEntropy(), handlePE.getTextSectionEntropy(), isMalware)
opcodes = OpCodeView(path).getOpcodeListView()
strings = StringView(path).getStringListView()
#os.remove(path)
return render(request, 'SFAnalytics/malwareResultTemplate.html', {'opcodes' : opcodes, 'strings' : strings, 'dlls' : dlls, 'fileAnalysed' : fileAnalysed})

def uploadDataBaseView(request):
Expand Down Expand Up @@ -192,8 +199,9 @@ def nonRepeat(hashFile, hashList):
def handleStrings(strings):
# Getting strings from DataBase, this makes things faster
dataBaseStrings = StringList.objects.all()
fileStrings = strings.getRandStrings()
i = len(fileStrings) - 1
count = round(strings.getCount() * 0.1)
fileStrings = strings.getStrings()[:count]
i = count - 1
idNumber = len(dataBaseStrings)
while i >= 0:
if len(fileStrings[i]) > 250:
Expand Down
Binary file modified mainProject/db.sqlite3
View file
Binary file not shown.

0 comments on commit 5bffa36

Please sign in to comment.