Commit bd53eff6bfa08b256be4651a4d0c92967d68c59b
1 parent
2fa4c06c
olevba: improved display during long analysis
Showing
1 changed file
with
2 additions
and
0 deletions
oletools/olevba.py
| @@ -1844,6 +1844,7 @@ def print_analysis(vba_code, show_decoded_strings=False): | @@ -1844,6 +1844,7 @@ def print_analysis(vba_code, show_decoded_strings=False): | ||
| 1844 | :param show_decoded_strings: bool, if True hex-encoded strings will be displayed with their decoded content. | 1844 | :param show_decoded_strings: bool, if True hex-encoded strings will be displayed with their decoded content. |
| 1845 | :return: None | 1845 | :return: None |
| 1846 | """ | 1846 | """ |
| 1847 | + sys.stderr.write('Analysis...\r') | ||
| 1847 | results = scan_vba(vba_code, show_decoded_strings) | 1848 | results = scan_vba(vba_code, show_decoded_strings) |
| 1848 | if results: | 1849 | if results: |
| 1849 | t = prettytable.PrettyTable(('Type', 'Keyword', 'Description')) | 1850 | t = prettytable.PrettyTable(('Type', 'Keyword', 'Description')) |
| @@ -1957,6 +1958,7 @@ def process_file_triage(container, filename, data): | @@ -1957,6 +1958,7 @@ def process_file_triage(container, filename, data): | ||
| 1957 | nb_macros += 1 | 1958 | nb_macros += 1 |
| 1958 | if vba_code.strip() != '': | 1959 | if vba_code.strip() != '': |
| 1959 | # analyse the whole code, filtered to avoid false positives: | 1960 | # analyse the whole code, filtered to avoid false positives: |
| 1961 | + sys.stderr.write('Analysis...\r') | ||
| 1960 | scanner = VBA_Scanner(filter_vba(vba_code)) | 1962 | scanner = VBA_Scanner(filter_vba(vba_code)) |
| 1961 | autoexec, suspicious, iocs, hexstrings, base64strings, dridex, vbastrings = scanner.scan_summary() | 1963 | autoexec, suspicious, iocs, hexstrings, base64strings, dridex, vbastrings = scanner.scan_summary() |
| 1962 | nb_autoexec += autoexec | 1964 | nb_autoexec += autoexec |