CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
kazuminn
2020-10-29 23:08:00 +09:00
parent e7a75ff780
commit f303508fbc
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/detections/system.rs
View File

@@ -27,8 +27,9 @@ impl System {
return; return;
} }
let servicename = &event_data["ServiceName"]; let default = String::from("");
let commandline = &event_data["ImagePath"]; let servicename = &event_data.get("ServiceName").unwrap_or(&default);
let commandline = &event_data.get("ImagePath").unwrap_or(&default);
let text = utils::check_regex(&servicename, 1); let text = utils::check_regex(&servicename, 1);
if !text.is_empty() { if !text.is_empty() {
println!("Message : New Service Created"); println!("Message : New Service Created");
@@ -50,7 +51,8 @@ impl System {
return; return;
} }
let servicename = &event_data["param1"]; let default = String::from("");
let servicename = &event_data.get("param1").unwrap_or(&default);
println!("Message : Interactive service warning"); println!("Message : Interactive service warning");
println!("Results : Service name: {}", servicename); println!("Results : Service name: {}", servicename);
println!("Results : Malware (and some third party software) trigger this warning"); println!("Results : Malware (and some third party software) trigger this warning");
@@ -62,7 +64,8 @@ impl System {
return; return;
} }
let servicename = &event_data["param1"]; let default = String::from("");
let servicename = &event_data.get("param1").unwrap_or(&default);
let text = utils::check_regex(&servicename, 1); let text = utils::check_regex(&servicename, 1);
if !text.is_empty() { if !text.is_empty() {
println!("Message : Suspicious Service Name"); println!("Message : Suspicious Service Name");