admin/awesome_anti_virus_engine
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修复沙箱功能和API实现

Browse Source 
- 在沙箱中添加了对CreateProcessW的支持,整合了CreateProcessA和CreateProcessW的共同逻辑
- 实现了URLDownloadToFileW函数,增加了对可疑URL的检测
- 更新了API钩子以支持新的API功能
- 改进了错误处理和日志记录,确保更好的调试信息输出
- 调整了主函数中的恶意软件扫描和沙箱功能调用顺序,确保恶意软件扫描优先执行
This commit is contained in:
huoji
2025-03-19 14:52:19 +08:00
parent c61773dfd8
commit 9b970ce8a2
7 changed files with 654 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ai_anti_malware/sandbox.h
View File

@@ -408,6 +408,7 @@ auto Api_FlsSetValue(void* sandbox, uc_engine* uc, uint64_t address) -> void;
auto Api_CreateFileW(void* sandbox, uc_engine* uc, uint64_t address) -> void;
auto Api_WriteFile(void* sandbox, uc_engine* uc, uint64_t address) -> void;
auto Api_CreateProcessA(void* sandbox, uc_engine* uc, uint64_t address) -> void;
auto Api_CreateProcessW(void* sandbox, uc_engine* uc, uint64_t address) -> void;
auto Api_GetCurrentProcess(void* sandbox, uc_engine* uc, uint64_t address)
-> void;
auto Api_GetCurrentThread(void* sandbox, uc_engine* uc, uint64_t address)