[MetaDefender] Fixed issue #7

Issue #7 has been addressed and as a result the MetaDefender collector should now not produce false positive detections.
Hackcraft-Labs · Oct 16, 2023 · e84e26a · e84e26a
1 parent 5ea15c1
commit e84e26a
Showing 1 changed file with 10 additions and 4 deletions.
diff --git a/collectors/MetaDefender.py b/collectors/MetaDefender.py
@@ -29,7 +29,13 @@ def execute(self, ioc):
 			if "error" in detection:
 				if "messages" in detection["error"]:
 					for msg in detection["error"]["messages"]:
-						if "not found" in msg:
+						if "The hash was not found" in msg:
+							return
+
+			if "process_info" in detection:
+				if "verdicts" in detection["process_info"]:
+					for msg in detection["process_info"]["verdicts"]:
+						if "No Threat Detected" in msg:
 							return
 
 			threat = 0
@@ -62,7 +68,7 @@ def execute(self, ioc):
 
 			self.report(ioc)
 
-			# print("Malware {name} with hash {hash} was uploaded on MetaDefender on {date}!".format(name=ioc['name'], hash=ioc['file_hash'], date=date))
+			#print("Malware {name} with hash {hash} was uploaded on MetaDefender on {date}!".format(name=ioc['name'], hash=ioc['file_hash'], date=date))
 			if threat > 0:
 				threat_str = "Marked as \"Theat Detected\" on {n} engines".format(n=threat)
 				self.extra(threat_str)
@@ -72,5 +78,5 @@ def execute(self, ioc):
 			if undetected > 0:
 				undetected_str = "Marked as \"No Threat Detected\" on {n} engines".format(n=undetected)
 				self.extra(undetected_str)
-		except Exception as exc:
-			print(f"[{self.NAME}] {exc}\n")
+		except:
+			pass