The Script Editor allows users with malware and basic software development skills to create complex malware detection patterns using our OpenSBI syntax and the Pascal language. A simple script that you could implement using a simple .sbi file might look like this:
begin
sbiFile('<$FILE_DATA>',
'<$WINDIR>\Malware.txt',
'filesize=182,md5=83C36C493D7A254F9DE2ED63B3F92548');
end;
Now imagine you want some user input or custom calculation, because malware is individual to your system.
var sName, sFilename: String;
begin
InputQuery('Username', 'Please enter', sName);
sFilename := 'C:\Users\' + sName + '\test.txt';
sbiFile('test', sFilename, 'filesize=10');
ShowMessage('Did look for ' + sFilename);
end;
This demonstrates interaction with the user. In reality, you could of course just use the proper path template for scanning all users directories, see the OpenSBI wiki for details. Also, the use of scripting will be more in complex calculations and conditions than in user interaction. You can use Scripting to test your own detection rules or to get rid of unwanted files.
Click on image to enlarge
Legacy Information
This page shows content from our old website. It might move in the near future. To get the most up to date information, please use the navigation menu at the top.
