Merge branch 'master' of github.com:MISP/misp-modules into new_module

pull/304/head
chrisr3d 2019-05-07 08:38:16 +02:00
commit 6608671a01
1 changed files with 14 additions and 6 deletions

View File

@ -127,6 +127,11 @@ def handler(q=False):
misperrors['error'] = "No vti_results returned or jobs not finished" misperrors['error'] = "No vti_results returned or jobs not finished"
return misperrors return misperrors
else: else:
if "result" in data:
if data["result"] == "ok":
return vmray_results
# Fallback
misperrors['error'] = "Unable to fetch sample id %u" % (sample_id) misperrors['error'] = "Unable to fetch sample id %u" % (sample_id)
return misperrors return misperrors
except Exception as e: # noqa except Exception as e: # noqa
@ -337,7 +342,7 @@ def vmrayArtifacts(patterns):
for el in patterns[pattern]: for el in patterns[pattern]:
values = el["mutex_name"] values = el["mutex_name"]
types = ["mutex"] types = ["mutex"]
if "sources" in el: if "operations" in el:
sources = el["operations"] sources = el["operations"]
comment = "Operations: " + ", ".join(str(x) for x in sources) comment = "Operations: " + ", ".join(str(x) for x in sources)
else: else:
@ -348,18 +353,21 @@ def vmrayArtifacts(patterns):
for el in patterns[pattern]: for el in patterns[pattern]:
values = el["reg_key_name"] values = el["reg_key_name"]
types = ["regkey"] types = ["regkey"]
if "sources" in el: include_static_to_ids_tmp = include_static_to_ids
if "operations" in el:
sources = el["operations"] sources = el["operations"]
if sources == ["access"]:
include_static_to_ids_tmp = False
comment = "Operations: " + ", ".join(str(x) for x in sources) comment = "Operations: " + ", ".join(str(x) for x in sources)
else: else:
comment = "" comment = ""
r['results'].append({'types': types, 'values': values, 'comment': comment, 'to_ids': include_static_to_ids}) r['results'].append({'types': types, 'values': values, 'comment': comment, 'to_ids': include_static_to_ids_tmp})
if pattern == "urls": if pattern == "urls":
for el in patterns[pattern]: for el in patterns[pattern]:
values = el["url"] values = el["url"]
types = ["url"] types = ["url"]
if "sources" in el: if "operations" in el:
sources = el["operations"] sources = el["operations"]
comment = "Operations: " + ", ".join(str(x) for x in sources) comment = "Operations: " + ", ".join(str(x) for x in sources)
else: else: