-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstaticFeatureExtractor.py.py
executable file
·45 lines (34 loc) · 1.34 KB
/
staticFeatureExtractor.py.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#!/usr/bin/env python
__author__ = 'AR'
import json, sys, subprocess, string, os, time
sampleNum = 0
if len(os.sys.argv) < 5:
print "Usage: ./staticFeatureExtractor -i [input path to benign samples] -o [destination for static feature files]"
os.sys.exit()
for i in xrange(len(sys.argv)):
if sys.argv[i] == '-i':
inputPath = sys.argv[i + 1]
if sys.argv[i] == '-o':
destPath = sys.argv[i + 1]
########## Execute the command as child process ##########
def executeChildProcess(command):
global sampleNum
modifiedCommand = 'readpe -H ' + str(command)
with open(destPath + str(sampleNum).zfill(4) + '.static', 'a') as f:
sampleNum += 1
ps = subprocess.Popen(modifiedCommand, stderr=subprocess.PIPE, stdout=f, shell=True)
#time.sleep(2)
#ps.terminate()
def main():
# with open(inputCmdFile, 'r') as cmdFile:
# cmdList = cmdFile.readlines()
filesList = os.listdir(inputPath)
for exeFile in filesList:
if exeFile.endswith(".exe"): #and not exeFile == "logoff.exe" and not exeFile == "shutdown":
executeChildProcess(inputPath + '\\' + exeFile)
if __name__=="__main__":
print '{:*^70}'.format(" Machine Learning and Malware Classification ")
main()
print '{:*^70}'.format('All static features stored to ' + destPath + ' directory')
print
print '{:*^70}'.format(" EOP ")