CIRCL
/
AIL-framework
mirror of https://github.com/CIRCL/AIL-framework
2
1
Fork 0
Code Issues Releases Wiki Activity

Update Ransom.py

pull/53/head
Alain 2016-04-02 23:10:22 +02:00
parent 3a2c072737
commit 2c84acbab7
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bin/Ransom.py
View File

@ -38,8 +38,8 @@ def search_ransom(message):
paste = Paste.Paste(message) paste = Paste.Paste(message)
content = paste.get_p_content() content = paste.get_p_content()
# DEBUG_START, for the time being (delete ASAP): # DEBUG_START, for the time being (delete or comment ASAP):
publisher.debug('!!starting ransom search for {} '.format(paste.p_name)) # publisher.debug('!!starting ransom search for {} '.format(paste.p_name))
# DEBUG_END # DEBUG_END
# Check the content of the Paste: # Check the content of the Paste:
@ -61,7 +61,7 @@ def search_ransom(message):
# if the sum of threat indices is greater than 42 (totally random number), # if the sum of threat indices is greater than 42 (totally random number),
# we consider that the Paste may be related to a Ransom or Ransomware: # we consider that the Paste may be related to a Ransom or Ransomware:
if counter > 2 : if counter > 42 :
publisher.info('{} may be a Ransom!'.format(paste.p_name)) publisher.info('{} may be a Ransom!'.format(paste.p_name))
return None return None