Georg Schölly
04685ea63e
joe: (1) allow users to disable PE object import (2) set 'to_ids' to False
2020-01-24 14:51:38 +01:00
Stefano Ortolani
66bf650b79
change: migrate to analysis API when submitting tasks to Lastline
2020-01-21 11:32:05 +00:00
chrisr3d
35c438e6ee
fix: typo
2020-01-10 10:38:12 +01:00
chrisr3d
f5452055f6
fix: Fixed vt_graph imports
2020-01-10 10:31:52 +01:00
chrisr3d
70b3079aa3
fix: Fixed pep8 in the new module and related libraries
2020-01-09 16:01:18 +01:00
chrisr3d
7722e2cb93
fix: Fixed typo on function import
2020-01-09 15:28:33 +01:00
Alvaro Garcia
10b4e78704
add vt_graph export module
2020-01-09 09:57:46 +00:00
Stefano Ortolani
f749578525
add: Modules to query/import/submit data from/to Lastline
2019-12-02 19:09:40 +00:00
chrisr3d
0b603fc5d3
fix: Fixed unnecessary dictionary field call
...
- No longer necessary to go under 'Event' field
since PyMISP does not contain it since the
latest update
2019-08-05 11:33:04 +02:00
chrisr3d
3367e47490
fix: Avoid issues when there is no pe field in a windows file sample analysis
...
- For instance: doc file
2019-07-25 17:57:36 +02:00
chrisr3d
3d41104d5b
fix: Avoid adding file object twice if a KeyError exception comes for some unexpected reasons
2019-07-25 17:47:08 +02:00
chrisr3d
ddeb04bd74
add: Parsing linux samples and their elf data
2019-07-25 17:46:21 +02:00
chrisr3d
41bbbeddfb
fix: Testing if file & registry activities fields exist before trying to parse it
2019-07-25 17:44:32 +02:00
chrisr3d
4c8fe9d8ef
fix: Testing if there is some screenshot data before trying to fetch it
2019-07-25 17:43:11 +02:00
chrisr3d
e2a0f27d75
fix: Fixed direction of the relationship between files, PEs and their sections
...
- The file object includes a PE, and the PE
includes sections, not the other way round
2019-07-24 14:58:45 +02:00
chrisr3d
42b95c4210
fix: Fixed variable names
2019-07-24 12:21:58 +02:00
chrisr3d
5602cf1759
add: Parsing apk samples and their permissions
2019-07-24 11:59:11 +02:00
chrisr3d
fc8a573ba7
fix: Changed the way references added at the end are saved
...
- Some references are saved until they are added
at the end, to make it easier when needed
- Here we changed the way they are saved, from a
dictionary with some keys to identify each part
to the actual dictionary with the keys the
function add_reference needs, so we can directly
use this dictionary as is when the references are
added to the different objects
2019-07-24 11:14:12 +02:00
chrisr3d
181e6383a3
fix: Added missing add_attribute function
2019-07-03 11:14:46 +02:00
chrisr3d
9a6d484188
add: Added screenshot of the behavior of the analyzed sample
2019-06-21 10:53:12 +02:00
chrisr3d
1ac85a4879
fix: We will display galaxies with tags
2019-06-15 08:05:14 +02:00
chrisr3d
de966eac51
fix: Returning tags & galaxies with results
...
- Tags may exist with the current version of the
parser
- Galaxies are not yet expected from the parser,
nevertheless the principle is we want to return
them as well if ever we have some galaxies from
parsing a JoeSandbox report. Can be removed if
we never galaxies at all
2019-06-07 15:22:11 +02:00
chrisr3d
b52e17fa8d
fix: Removed duplicate finalize_results function call
2019-06-07 11:38:50 +02:00
chrisr3d
07698e5c72
fix: Fixed references between domaininfo/ipinfo & their targets
...
- Fixed references when no target id is set
- Fixed domaininfo parsing when no ip is defined
2019-06-03 18:38:58 +10:00
chrisr3d
0d40830a7f
fix: Some quick fixes
...
- Fixed strptime matching because months are
expressed in abbreviated format
- Made data loaded while the parsing function is
called, in case it has to be called multiple
times at some point
2019-06-03 18:35:58 +10:00
chrisr3d
74b73f9332
chg: Moved JoeParser class to make it reachable from expansion & import modules
2019-05-29 11:26:14 +10:00