Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-15 04:58:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Updated PE analyzer to work with changes in master.

Browse source
This commit is contained in:
Vlad Grigorescu 2014-06-21 13:30:14 -04:00
parent b91b0646b8
commit 8ffa81f390
3 changed files with 3 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

2
scripts/base/files/pe/main.bro
View file

@ -79,7 +79,7 @@ event file_new(f: fa_file)
if ( f?$mime_type && f$mime_type == /application\/x-dosexec.*/ )
{
#print "found a windows executable";
FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_PE]);
Files::add_analyzer(f, Files::ANALYZER_PE);
#FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
# $extract_filename=fmt("exe-%d", ++blah_counter)]);
}