-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add test data for hp-socket #220
Conversation
CI tests warn this file takes a while to analyze (5 minutes?). @Still34 do you think it's feasible to find a smaller sample or is this the best we'll get? i can poke around on VT later today, too. |
Unfotunately this is the only green sample I know of. Technically you can replace the sample with something like the official compiled demo/test files, and it'll match too - it just won't be matching a necessarily malicious file. |
thanks! |
Signed-off-by: Still Hsu <[email protected]>
9500339
to
9084ed5
Compare
Huh, weird, vivisect is having a bit of a problem with the ELF. I'll look into it. |
Signed-off-by: Still Hsu <[email protected]>
Yeah I'm struggling to find a sample that'll play nice with the CI pipeline. Any help? |
no problem! i will take look around on VT and/or we can make an exception here. though, i'll be afk for a couple days - hope that's no problem, just know im not ignoring this thread! |
i'm not going to be online much the next few weeks. i recommend we move forward with the non-malicious sample binary. @mr-tz would you help close out these PRs please? |
I can try to find a sample next week. |
sample too slow for analysis during testing |
Related PR mandiant/capa-rules#848