Skip to content

Commit

Permalink
make more fields optional for more flexible model
Browse files Browse the repository at this point in the history
tmp
  • Loading branch information
mr-tz committed Dec 12, 2024
1 parent 893378c commit 55720dd
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 9 deletions.
9 changes: 5 additions & 4 deletions capa/features/extractors/vmray/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,8 @@ class VMRayMonitorProcess:
monitor_id: int # unique ID assigned to process by VMRay
origin_monitor_id: int # unique VMRay ID of parent process
image_name: str
filename: str
cmd_line: str
filename: Optional[str] = ""
cmd_line: Optional[str] = ""


class VMRayAnalysis:
Expand Down Expand Up @@ -151,8 +151,9 @@ def _compute_sections(self):
for pefile_section in self.sample_file_static_data.pe.sections:
self.sections[pefile_section.virtual_address] = pefile_section.name
elif self.sample_file_static_data.elf:
for elffile_section in self.sample_file_static_data.elf.sections:
self.sections[elffile_section.header.sh_addr] = elffile_section.header.sh_name
if self.sample_file_static_data.elf.sections:
for elffile_section in self.sample_file_static_data.elf.sections:
self.sections[elffile_section.header.sh_addr] = elffile_section.header.sh_name

def _compute_monitor_processes(self):
for process in self.sv2.processes.values():
Expand Down
6 changes: 3 additions & 3 deletions capa/features/extractors/vmray/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -276,7 +276,7 @@ class ElfFileHeader(BaseModel):

class ElfFile(BaseModel):
# file_header: ElfFileHeader
sections: list[ElfFileSection]
sections: Optional[list[ElfFileSection]] = None


class StaticData(BaseModel):
Expand Down Expand Up @@ -316,9 +316,9 @@ class Process(BaseModel):
# monitor_reason: str
origin_monitor_id: int # VMRay ID of parent process
os_pid: int
filename: SanitizedString
filename: Optional[SanitizedString] = ""
image_name: str
cmd_line: SanitizedString
cmd_line: Optional[SanitizedString] = ""
ref_parent_process: Optional[GenericReference] = None


Expand Down
4 changes: 2 additions & 2 deletions tests/test_vmray_model.py
Original file line number Diff line number Diff line change
Expand Up @@ -103,8 +103,8 @@ def test_vmray_model_elffile():
"""
)

assert elffile.sections[0].header.sh_name == "abcd1234"
assert elffile.sections[0].header.sh_addr == 2863311530
assert elffile.sections and elffile.sections[0].header.sh_name == "abcd1234"
assert elffile.sections and elffile.sections[0].header.sh_addr == 2863311530


def test_vmray_model_pefile():
Expand Down

0 comments on commit 55720dd

Please sign in to comment.