private void post_upload()
{
try
{
ThreatbookScanner.Report Report = new ThreatbookScanner.Report();
Report = iScanner.GetFileUpload(this.textBox2.Text);
if (Report.msg == "OK")
{
this.linkLabel1.Text = Report.permalink;
this.linkLabel1.Enabled = true;
this.button7.Enabled = true;
this.button3.Enabled = true;
}
else
{
MessageBox.Show(Report.msg);
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
private void button3_Click(object sender, EventArgs e)
{
try
{
ThreatbookScanner.Report Report = new ThreatbookScanner.Report();
Report = iScanner.GetFileReport(this.label6.Text);
for (int i = 0; i < Report.data.summary.tag.s.Count; i++)
{
itag = Report.data.summary.tag.s[i];
}
this.textBox3.Text =
"威胁等级:" + Report.data.summary.threat_level +
"\r\n文件名称:" + Report.data.summary.file_name +
"\r\n文件类型:" + Report.data.summary.file_type +
"\r\nSHA256:" + Report.data.summary.sample_sha256 +
"\r\n沙箱运行环境:" + Report.data.summary.sandbox_type +
"\r\n提交时间:" + Report.data.summary.submit_time +
"\r\n样本标签:" + itag +
"\r\n威胁评分:" + Report.data.summary.threat_score +
"\r\n反病毒扫描引擎检出率:" + Report.data.summary.multi_engines;
this.textBox4.Text =
"江民(JiangMin):" + Report.data.multiengines.JiangMin +
"\r\nESET:" + Report.data.multiengines.ESET +
"\r\n360(Qihoo 360):" + Report.data.multiengines.Qihu360 +
"\r\nGDATA:" + Report.data.multiengines.GDATA +
"\r\n大蜘蛛(Dr.Web):" + Report.data.multiengines.DrWeb +
"\r\nBaidu:" + Report.data.multiengines.Baidu +
"\r\nAVG:" + Report.data.multiengines.AVG +
"\r\n安天(Antiy):" + Report.data.multiengines.Antiy +
"\r\n熊猫(Panda):" + Report.data.multiengines.Panda +
"\r\nSophos:" + Report.data.multiengines.Sophos +
"\r\n小红伞(Avira):" + Report.data.multiengines.Avira +
"\r\n火绒(Huorong):" + Report.data.multiengines.Huorong +
"\r\nIKARUS:" + Report.data.multiengines.IKARUS +
"\r\nClamAV:" + Report.data.multiengines.ClamAV +
"\r\n金山(Kingsoft):" + Report.data.multiengines.Kingsoft +
"\r\n微软(MSE):" + Report.data.multiengines.Microsoft +
"\r\nBaidu-China:" +
"\r\nNANO:" + Report.data.multiengines.NANO +
"\r\n卡巴斯基(Kaspersky):" + Report.data.multiengines.Kaspersky +
"\r\n瑞星(Rising):" + Report.data.multiengines.Rising +
"\r\nK7:" + Report.data.multiengines.K7 +
"\r\n开维(Kaiwei):" + Report.data.multiengines.Kaiwei +
"\r\nAvast:" + Report.data.multiengines.Avast +
"\r\nWebShell专杀:" + Report.data.multiengines.vbwebshell +
"\r\n腾讯(Tencent):" + Report.data.multiengines.Tencent;
for (int i = 0; i < [email protected]_basic.peid.Count; i++)
{
peid = [email protected]_basic.peid[i];
}
this.textBox6.Text =
"基本信息" +
"\r\n样本名称:" + [email protected] +
"\r\n样本类型:" + [email protected]_type +
"\r\n样本大小:" + [email protected]_size +
"\r\nMD5:" + [email protected] +
"\r\nSHA1:" + [email protected] +
"\r\nSHA256:" + [email protected] +
"\r\nSSDeep:" + [email protected] +
"\r\n\r\nPE信息" +
"\r\n导入表HASH:" + [email protected]_basic.import_hash +
"\r\n编译时间戳:" + [email protected]_basic.time_stamp +
"\r\nPEID:" + peid +
"\r\n入口所在段:" + [email protected]_basic.entry_point_section +
"\r\nPDB信息:" + [email protected]_basic.pdb_path +
"\r\n入口点(OEP):" + [email protected]_basic.entry_point +
"\r\n镜像基地址:" + [email protected]_basic.image_base;
for (int i = 0; i < Report.data.pstree.children.Count; i++)
{
children =
"进程 ID:" + Report.data.pstree.children[i].pid +
"\r\n进程名称:" + Report.data.pstree.children[i].process_name +
"\r\n进程命令符:" + Report.data.pstree.children[i].command_line +
"\r\n" + Report.data.pstree.children[i].first_seen +
"\r\n父进程 ID:" + Report.data.pstree.children[i].ppid;
}
this.textBox7.Text =
"进程详情" +
"\r\n" + children +
"\r\n" + Report.data.pstree.process_name.cn;
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
