mirror of
https://github.com/mandiant/capa.git
synced 2025-12-22 23:26:21 -08:00
William Ballenthin
@@ -180,6 +180,7 @@ class NullFeatureExtractor(FeatureExtractor):
|
|||||||
example::
|
example::
|
||||||
|
|
||||||
extractor = NullFeatureExtractor({
|
extractor = NullFeatureExtractor({
|
||||||
|
'base address: 0x401000,
|
||||||
'file features': [
|
'file features': [
|
||||||
(0x402345, capa.features.Characteristic('embedded pe')),
|
(0x402345, capa.features.Characteristic('embedded pe')),
|
||||||
],
|
],
|
||||||
@@ -214,6 +215,9 @@ class NullFeatureExtractor(FeatureExtractor):
|
|||||||
super(NullFeatureExtractor, self).__init__()
|
super(NullFeatureExtractor, self).__init__()
|
||||||
self.features = features
|
self.features = features
|
||||||
|
|
||||||
|
def get_base_address(self):
|
||||||
|
return self.features["base address"]
|
||||||
|
|
||||||
def extract_file_features(self):
|
def extract_file_features(self):
|
||||||
for p in self.features.get("file features", []):
|
for p in self.features.get("file features", []):
|
||||||
va, feature = p
|
va, feature = p
|
||||||
|
|||||||
@@ -10,6 +10,7 @@ from fixtures import *
|
|||||||
|
|
||||||
EXTRACTOR = capa.features.extractors.NullFeatureExtractor(
|
EXTRACTOR = capa.features.extractors.NullFeatureExtractor(
|
||||||
{
|
{
|
||||||
|
"base address": 0x401000,
|
||||||
"file features": [(0x402345, capa.features.Characteristic("embedded pe")),],
|
"file features": [(0x402345, capa.features.Characteristic("embedded pe")),],
|
||||||
"functions": {
|
"functions": {
|
||||||
0x401000: {
|
0x401000: {
|
||||||
|
|||||||
Reference in New Issue
Block a user