Slow and steady wins the race! 🏆

This commit is contained in:
Sam Sneed 2024-07-25 13:29:25 -05:00
parent ef9edf2e0e
commit dd6910914c

View file

@ -246,7 +246,7 @@ def kill_suspicious_processes():
# Scan files for malware as they launch and kill if potentially malicious. # Scan files for malware as they launch and kill if potentially malicious.
for file_path in cmdline: for file_path in cmdline:
if os.path.isfile(file_path): if os.path.isfile(file_path):
if scan_for_malware(file_path) and proc_name not in bypassed_processes and proc_name.loiwer() != "csrss.exe" and proc_name.lower() != "ntoskrnl.exe": if scan_for_malware(file_path) and proc_name not in bypassed_processes and proc_name.lower() != "csrss.exe" and proc_name.lower() != "ntoskrnl.exe":
print(f"Terminating potentially malicious process {proc.info['name']} (PID: {proc.info['pid']} NOW...") print(f"Terminating potentially malicious process {proc.info['name']} (PID: {proc.info['pid']} NOW...")
proc.terminate() proc.terminate()
proc.wait() proc.wait()
@ -296,6 +296,7 @@ def monitor_browser(browser='chrome'):
raise ValueError("Unsupported browser!") raise ValueError("Unsupported browser!")
while True: while True:
try:
logs = driver.get_log('performance') logs = driver.get_log('performance')
for entry in logs: for entry in logs:
for url in monitored_urls: for url in monitored_urls:
@ -310,6 +311,8 @@ def monitor_browser(browser='chrome'):
print(f'Alert: Killing suspicious process {proc.info["name"]} (PID: {proc.info["pid"]})') print(f'Alert: Killing suspicious process {proc.info["name"]} (PID: {proc.info["pid"]})')
proc.terminate() proc.terminate()
proc.wait() proc.wait()
except (Exception) as e:
print(f"Exception while monitoring browser behavior - ${e}")
time.sleep(1) time.sleep(1)
driver.quit() driver.quit()
@ -338,7 +341,7 @@ def threadCounter():
while True: while True:
previous_count = threading.active_count() previous_count = threading.active_count()
print(f"Active AntiMalware Threads: {current_count}") print(f"Active AntiMalware Threads: {current_count}")
if current_count < previous_count and previous_count - current_count > -1: if current_count > previous_count and current_count - previous_count > -1:
print("WARNING: THREAD KILL DETECTED!") print("WARNING: THREAD KILL DETECTED!")
time.sleep(3) # check for malware every second time.sleep(3) # check for malware every second
current_count = threading.active_count() current_count = threading.active_count()