24 lines
899 B
JavaScript
24 lines
899 B
JavaScript
import virustotal from './virustotal';
|
|
|
|
const extensions = ['EXE', 'PIF', 'APPLICATION', 'GADGET', 'MSI', 'MSP', 'COM', 'SCR', 'HTA', 'CPL', 'MSC',
|
|
'JAR', 'BAT', 'CMD', 'VB', 'VBS', 'VBE', 'JS', 'JSE', 'WS', 'WSF', 'WSC', 'WSH', 'PS1', 'PS1XML', 'PS2',
|
|
'PS2XML', 'PSC1', 'PSC2', 'MSH', 'MSH1', 'MSH2', 'MSHXML', 'MSH1XML', 'MSH2XML', 'SCF', 'LNK', 'INF', 'REG',
|
|
'PDF', 'DOC', 'XLS', 'PPT', 'DOCM', 'DOTM', 'XLSM', 'XLTM', 'XLAM', 'PPTM', 'POTM', 'PPAM', 'PPSM', 'SLDM',
|
|
'RAR', 'TAR', 'ZIP', 'GZ',
|
|
];
|
|
|
|
function getExtension(filename) {
|
|
const i = filename.lastIndexOf('.');
|
|
return (i < 0) ? '' : filename.substr(i + 1);
|
|
}
|
|
|
|
export default function* (file) {
|
|
if (extensions.indexOf(getExtension(file.file_name.toUpperCase())) < 0) {
|
|
return false;
|
|
}
|
|
const result = yield virustotal.getFileReport(file.md5);
|
|
return {
|
|
positive: result.positives >= 5,
|
|
result: result,
|
|
};
|
|
}
|