按照样本优化了一下

ai_anti_malware/ai_anti_malware.cpp

@@ -276,7 +276,7 @@ DetectEngineType DetectEngine::DetectMalware(std::string filePath) {
     if (peAnalyzer.AnalyzePe(peInfo)) {
         return DetectEngineType::kPeStruct;
     }
-
+    /*
     // 先机器学习引擎
     MachineLearning ml;
     double score = 1 - ml.PredictMalwareFromFile(filePath);
@@ -286,11 +286,12 @@ DetectEngineType DetectEngine::DetectMalware(std::string filePath) {
             return DetectEngineType::kMachineLearning;
         }
     }
-
+    */
     // 再沙盒引擎
     Sandbox se;
     se.InitEnv(peInfo);
-    se.Run();
+    se.TestLdrListTraversal();
+    se.Run(0x22A0);
     if (se.GetMalwareAnalysisType() == MalwareAnalysisType::kSuspicious ||
         se.GetMalwareAnalysisType() == MalwareAnalysisType::kMalware) {
         return DetectEngineType::kSandbox;
@@ -375,7 +376,7 @@ int main(int argc, char* argv[]) {
     
     std::string filePath = argv[1];
     */
-    std::string filePath = "Z:\\malware";
+    std::string filePath = "Z:\\123";
     DetectMalwareInDirectory(filePath);
     return 0;
 }