Search & Destroy
Our team of malware analysts monitors the Internet 24 hours a day seven days a week...

How to use Scripting?

November 7th, 2012

The script editor allows you to create complex malware detection patterns using our OpenSBI syntax and the Pascal language. A most simple script that you also implement using a simple .sbi file as well would be this:

begin sbiFile(‘<$FILE_DATA>’,’\Malware.txt’,’filesize=182,md5=83C36C493D7A254F9DE2ED63B3F92548′); end.

Now imagine you want some user input or custom calculation, because malware is individual to your system.

var sName, sFilename: String;
    InputQuery(‘Username’, ‘Please enter’, sName);
    sFilename := ‘C:\Users\’ + sName + ‘\test.txt’;
    sbiFile(‘test’, sFilename, ‘filesize=10’);
    ShowMessage(‘Did look for ‘ + sFilename);

This demonstrates interaction with the user. In reality, you could of course just use the proper path template for scanning all users directories (see the OpenSBI Wiki). Also, the use of scripting will be more in complex calculations and conditions than user interaction.

FAQ Category: Open SBI, Spybot 2