1. Python / Говнокод #9813

    −90

    1. 01
    2. 02
    3. 03
    4. 04
    5. 05
    6. 06
    7. 07
    8. 08
    9. 09
    10. 10
    11. 11
    12. 12
    13. 13
    14. 14
    15. 15
    16. 16
    17. 17
    def runRidor():
    	isDirty = 0
    	#Except (DebugSize <= 14) and (ImageVersion <= 760) and (VirtualSize2 > 992) and (ExportSize <= 80.5) => isDirty = 1  (1702.0/16.0) [855.0/5.0]
    	if input.DebugSize <= 14 and input.ImageVersion <= 760 and input.VirtualSize2 > 992 and input.ExportSize <= 80.5:
    		isDirty = 1
    #Except (DebugSize <= 14) and (ImageVersion <= 4525) and (ExportSize <= 198.5) and (ResourceSize <= 37532) and (VirtualSize2 <= 6) and (ResourceSize <= 7348) and (ResourceSize > 1773) => isDirty = 1  (106.0/0.0) [48.0/0.0]
    	elif input.DebugSize <= 14 and input.ImageVersion <= 4525  and input.ExportSize <= 198.5 and input.ResourceSize <= 7348 and input.VirtualSize2 <=6 and input.ResourceSize > 1773:
    		isDirty = 1
    #Except (DebugSize <= 14) and (ImageVersion <= 4950) and (ExportSize <= 192) and (IatRVA > 256) and (VirtualSize2 > 42) and (ExportSize <= 56) and (NumberOfSections > 3.5) => isDirty = 1  (193.0/0.0) [91.0/0.0]
    	elif input.DebugSize <= 14 and input.ImageVersion <= 4950 and input.ExportSize <= 56 and input.IatRVA > 256 and input.VirtualSize2 > 42 and input.NumberOfSections > 3.5:
    		isDirty = 1
    #Except (DebugSize <= 14) and (ImageVersion <= 4950) and (VirtualSize2 <= 6) and (ResourceSize <= 37532) and (ResourceSize <= 17302) => isDirty = 1  (388.0/0.0) [216.0/7.0]
    	elif input.DebugSize <= 14 and input.ImageVersion <= 4950 and input.VirtualSize2 <= 6 and input.ResourceSize > 17302:
    		isDirty = 1
    #Except (DebugSize <= 14) and (NumberOfSections > 2.5) and (ResourceSize > 1776) and (IatRVA <= 6144) and (ExportSize <= 219.5) and (VirtualSize2 > 2410) and (VirtualSize2 <= 61224) => isDirty = 1  (238.0/0.0) [116.0/0.0]
    	elif input.DebugSize <= 14 and input.NumberOfSections >= 2.5 and input.ResourceSize <= 1776 and input.IatRVA <= 6144 and input.ExportSize <= 219.5 and input.VirtualSize2 > 2410 and input.VirtualSize2 <= 61224:
    		isDirty = 1

    Пример того, как не надо писать на питоне, показывает Adobe. Полная версия: http://voxel.dl.sourceforge.net/project/malclassifier.adobe/AdobeMalwareClassifier.py

    Запостил: SvartalF, 30 Марта 2012

    Комментарии (4) RSS

    • Возможно сгенерированный (ну и в конце дописали).
      Ответить
      • почему бы не генерировать ДАННЫЕ, а потом разбирать их нормальным кодом?
        Ответить
    • Ridor - что за зверь?
      Rider, Reader или Pidor?
      Ответить

    Добавить комментарий