public void AnalyzeFile()
{
if (!Directory.Exists(@"C:\Temp"))
{
#if DEBUG
CustomConsole.WriteDebug(@"C:\Temp doesn't exist. Creating it...");
#endif
Directory.CreateDirectory(@"C:\Temp");
}
FilePath = Path.Combine(@"C:\Temp", "file.exe");
File.WriteAllBytes(FilePath, FileBytes);
var status = ScanFile(FilePath);
if (status.Result == ScanResult.NoThreatFound)
{
CustomConsole.WriteOutput("No threat found!");
return;
}
else
{
Malicious = true;
}
CustomConsole.WriteOutput($"Target file size: {FileBytes.Length} bytes");
CustomConsole.WriteOutput("Analyzing...");
var splitArray = new byte[FileBytes.Length / 2];
Buffer.BlockCopy(FileBytes, 0, splitArray, 0, FileBytes.Length / 2);
var lastgood = 0;
while (!Complete)
{
#if DEBUG
CustomConsole.WriteDebug($"Testing {splitArray.Length} bytes");
#endif
File.WriteAllBytes(FilePath, splitArray);
status = ScanFile(FilePath);
if (status.Result == ScanResult.ThreatFound)
{
#if DEBUG
CustomConsole.WriteDebug("Threat found, splitting");
#endif
var tmpArray = HalfSplitter(splitArray, lastgood);
Array.Resize(ref splitArray, tmpArray.Length);
Array.Copy(tmpArray, splitArray, tmpArray.Length);
}
else if (status.Result == ScanResult.NoThreatFound)
{
#if DEBUG
CustomConsole.WriteDebug("No threat found, increasing size");
#endif
lastgood = splitArray.Length;
var tmpArray = Overshot(FileBytes, splitArray.Length);
Array.Resize(ref splitArray, tmpArray.Length);
Buffer.BlockCopy(tmpArray, 0, splitArray, 0, tmpArray.Length);
}
}
}
