public ProcessObject TransformToProcessObject(Process process)
{
ProcessObject processObject = new ProcessObject();
VirusTotalService hasher = new VirusTotalService();
try
{
processObject.Hash = hasher.GetHash(process.MainModule.FileName);
processObject.HashMatched = CheckHash(processObject.Hash);
processObject.ProcessPriorityClass = process.PriorityClass;
processObject.PrivilegedProcessorTime = process.PrivilegedProcessorTime;
processObject.ProcessName = process.ProcessName;
processObject.TotalProcessorTime = process.TotalProcessorTime;
processObject.SessionId = process.SessionId;
processObject.Responding = process.Responding;
processObject.MainModule = new ProcessModuleObject
{
ModuleName = process.MainModule.ModuleName,
FileName = process.MainModule.FileName,
ModuleMemorySize = process.MainModule.ModuleMemorySize,
Version = process.MainModule.FileVersionInfo.FileVersion
};
processObject.MainWindowTitle = process.MainWindowTitle;
processObject.MachineName = process.MachineName;
processObject.HandleCount = process.HandleCount;
processObject.HasExited = process.HasExited;
}
catch (Exception)
{
return(null);
}
return(processObject);
}
static void Main(string[] args)
{
Hasher hasher = new Hasher(new string[] { @"C:\Users\AuthBase\source\repos\AuthBaseSystemIOMonitor\packages\EntityFramework.6.2.0" });
var hashes = hasher.HashSystem();
FileHasherContext context = new FileHasherContext();
FileRepository repository = new FileRepository(context);
//repository.SaveFiles(hashes);
Program program = new Program();
var objs = program.GetProcessInfo("devenv");
CheckHashes();
//var process = Process.GetProcessesByName("firefox")[0];
//string path = process.MainModule.FileName;
//ProcessStartInfo startInfo = new ProcessStartInfo
//{
// UseShellExecute = true,
// CreateNoWindow = false,
// WindowStyle = ProcessWindowStyle.Normal,
// FileName = @"C:\Users\AuthBase\source\repos\AuthBaseSystemIOMonitor\AuthBaseMonitoringService\Resources\DialogDisplay.exe",
// //Arguments = @"C:\hashes.json"
//};
//Process.Start(startInfo);
//System.Windows.Forms.Application.Run(new DialogDisplay.DialogDisplay());
RunTest("devenv");
VirusTotalService virusTotal = new VirusTotalService();
var output1 = virusTotal.SigCheckDirectoryFull(@"C:\Users\AuthBase\source\repos\AuthBaseSystemIOMonitor\packages");
var output2 = virusTotal.SigCheckFile(@"C:\Users\AuthBase\source\repos\AuthBaseSystemIOMonitor\AuthBaseMonitoringService\bin\Debug\AuthBaseMonitoringService.exe");
}
public ProcessObject TransformToProcessObject(Process process, Dictionary <string, float> otherResources)
{
ProcessObject processObject = new ProcessObject();
VirusTotalService hasher = new VirusTotalService();
try
{
string hash = hasher.GetHash(process.MainModule.FileName);
processObject.HashMatched = CheckHash(hash);
processObject.CPUUsage = otherResources["CPUUsage"];
processObject.RAMUsage = otherResources["RAMUsage"];
processObject.Handles = otherResources["Handles"];
processObject.Threads = otherResources["Threads"];
processObject.ReadBytes = otherResources["ReadBytes"];
processObject.WriteBytes = otherResources["WriteBytes"];
processObject.ReadOps = otherResources["ReadOps"];
processObject.WriteOps = otherResources["WriteOps"];
processObject.ProcessPriorityClass = process.PriorityClass;
processObject.PrivilegedProcessorTime = process.PrivilegedProcessorTime;
processObject.ProcessName = process.ProcessName;
processObject.TotalProcessorTime = process.TotalProcessorTime;
processObject.SessionId = process.SessionId;
processObject.Responding = process.Responding;
processObject.MainModule = new ProcessModuleObject
{
ModuleName = process.MainModule.ModuleName,
FileName = process.MainModule.FileName,
ModuleMemorySize = process.MainModule.ModuleMemorySize,
Version = process.MainModule.FileVersionInfo.FileVersion
};
processObject.MainWindowTitle = process.MainWindowTitle;
processObject.MachineName = process.MachineName;
processObject.HandleCount = process.HandleCount;
processObject.HasExited = process.HasExited;
}
catch (Exception ex)
{
return(null);
}
return(processObject);
}
