hostr/lib/malware.js

import virustotal from './virustotal';

const extensions = [
  'EXE',
  'PIF',
  'APPLICATION',
  'GADGET',
  'MSI',
  'MSP',
  'COM',
  'SCR',
  'HTA',
  'CPL',
  'MSC',
  'JAR',
  'BAT',
  'CMD',
  'VB',
  'VBS',
  'VBE',
  'JS',
  'JSE',
  'WS',
  'WSF',
  'WSC',
  'WSH',
  'PS1',
  'PS1XML',
  'PS2',
  'PS2XML',
  'PSC1',
  'PSC2',
  'MSH',
  'MSH1',
  'MSH2',
  'MSHXML',
  'MSH1XML',
  'MSH2XML',
  'SCF',
  'LNK',
  'INF',
  'REG',
  'PDF',
  'DOC',
  'XLS',
  'PPT',
  'DOCM',
  'DOTM',
  'XLSM',
  'XLTM',
  'XLAM',
  'PPTM',
  'POTM',
  'PPAM',
  'PPSM',
  'SLDM',
  'RAR',
  'TAR',
  'ZIP',
  'GZ',
];

function getExtension(filename) {
  const i = filename.lastIndexOf('.');
  return (i < 0) ? '' : filename.substr(i + 1);
}

export default function* (file) {
  if (extensions.indexOf(getExtension(file.file_name.toUpperCase())) < 0) {
    return false;
  }
  const result = yield virustotal.getFileReport(file.md5);
  return {
    positive: result.positives >= 5,
    result,
  };
}
Remove virustotal.js as a dependency 2015-08-30 21:15:31 +02:00			`import virustotal from './virustotal';`
Initial commit. 2015-07-09 23:01:43 +01:00
Get linting passing again 2016-06-06 15:37:00 +01:00			`const extensions = [`
			`'EXE',`
			`'PIF',`
			`'APPLICATION',`
			`'GADGET',`
			`'MSI',`
			`'MSP',`
			`'COM',`
			`'SCR',`
			`'HTA',`
			`'CPL',`
			`'MSC',`
			`'JAR',`
			`'BAT',`
			`'CMD',`
			`'VB',`
			`'VBS',`
			`'VBE',`
			`'JS',`
			`'JSE',`
			`'WS',`
			`'WSF',`
			`'WSC',`
			`'WSH',`
			`'PS1',`
			`'PS1XML',`
			`'PS2',`
			`'PS2XML',`
			`'PSC1',`
			`'PSC2',`
			`'MSH',`
			`'MSH1',`
			`'MSH2',`
			`'MSHXML',`
			`'MSH1XML',`
			`'MSH2XML',`
			`'SCF',`
			`'LNK',`
			`'INF',`
			`'REG',`
			`'PDF',`
			`'DOC',`
			`'XLS',`
			`'PPT',`
			`'DOCM',`
			`'DOTM',`
			`'XLSM',`
			`'XLTM',`
			`'XLAM',`
			`'PPTM',`
			`'POTM',`
			`'PPAM',`
			`'PPSM',`
			`'SLDM',`
			`'RAR',`
			`'TAR',`
			`'ZIP',`
			`'GZ',`
Initial commit. 2015-07-09 23:01:43 +01:00			`];`

			`function getExtension(filename) {`
			`const i = filename.lastIndexOf('.');`
			`return (i < 0) ? '' : filename.substr(i + 1);`
Apply Javascript styleguide 2015-08-23 22:12:32 +01:00			`}`
Initial commit. 2015-07-09 23:01:43 +01:00
Remove virustotal.js as a dependency 2015-08-30 21:15:31 +02:00			`export default function* (file) {`
			`if (extensions.indexOf(getExtension(file.file_name.toUpperCase())) < 0) {`
			`return false;`
			`}`
			`const result = yield virustotal.getFileReport(file.md5);`
			`return {`
More changes for db migration 2016-08-07 14:38:05 +01:00			`positive: result.positives >= 5,`
Get linting passing again 2016-06-06 15:37:00 +01:00			`result,`
Remove virustotal.js as a dependency 2015-08-30 21:15:31 +02:00			`};`
Apply Javascript styleguide 2015-08-23 22:12:32 +01:00			`}`