CalvinBackup/mvt
1
0
Fork 0
mirror of https://github.com/mvt-project/mvt.git synced 2026-05-19 15:08:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Support SHA1 and MD5 hash matching in AQF files module

Browse Source
This commit is contained in:
Janik Besendorf
2026-03-25 09:02:09 +01:00
parent 711f7cedc1
commit 2792988626
1 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/mvt/android/modules/androidqf/aqf_files.py
+9 -9
View File
@@ -105,15 +105,15 @@ class AQFFiles(AndroidQFModule):
)
self.detected.append(result)
if result.get("sha256", "") == "":
continue
ioc = self.indicators.check_file_hash(result["sha256"])
if ioc:
result["matched_indicator"] = ioc
self.detected.append(result)
# TODO: adds SHA1 and MD5 when available in MVT
for hash_key in ("sha256", "sha1", "md5"):
file_hash = result.get(hash_key, "")
if not file_hash:
continue
ioc = self.indicators.check_file_hash(file_hash)
if ioc:
result["matched_indicator"] = ioc
self.detected.append(result)
break
def run(self) -> None:
if timezone := self._get_device_timezone():