From b943deba24424b16b5b9cce90ecf2c162aff58e2 Mon Sep 17 00:00:00 2001
From: alexandreborges <alexandreborges@blackstormsecurity.com>
Date: Thu, 3 Nov 2022 17:06:50 -0300
Subject: [PATCH] Malwoverview 5.1.1

---
 README.md                    | 10 ++++++++--
 malwoverview/malwoverview.py | 32 +++++++++++++++++++++-----------
 setup.py                     |  2 +-
 3 files changed, 30 insertions(+), 14 deletions(-)

diff --git a/README.md b/README.md
index cad599f..0e0ac7e 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Malwoverview
 
-[<img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/alexandreborges/malwoverview?color=red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases/tag/5.1) [<img alt="GitHub last commit" src="https://img.shields.io/github/last-commit/alexandreborges/malwoverview?color=Yellow&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub Release Date" src="https://img.shields.io/github/release-date/alexandreborges/malwoverview?label=Release%20Date&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub" src="https://img.shields.io/github/license/alexandreborges/malwoverview?style=for-the-badge">](https://github.com/alexandreborges/malwoverview/blob/master/LICENSE) 
+[<img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/alexandreborges/malwoverview?color=red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases/tag/5.1.1) [<img alt="GitHub last commit" src="https://img.shields.io/github/last-commit/alexandreborges/malwoverview?color=Yellow&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub Release Date" src="https://img.shields.io/github/release-date/alexandreborges/malwoverview?label=Release%20Date&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/releases) [<img alt="GitHub" src="https://img.shields.io/github/license/alexandreborges/malwoverview?style=for-the-badge">](https://github.com/alexandreborges/malwoverview/blob/master/LICENSE) 
 [<img alt="GitHub stars" src="https://img.shields.io/github/stars/alexandreborges/malwoverview?logoColor=Red&style=for-the-badge">](https://github.com/alexandreborges/malwoverview/stargazers) [<img alt="Twitter Follow" src="https://img.shields.io/twitter/follow/ale_sp_brazil?color=blueviolet&style=for-the-badge">](https://twitter.com/ale_sp_brazil)
 [<img alt="PayPal" src="https://img.shields.io/badge/Donate-Paypal-brightgreen?style=for-the-badge&logo=appveyor">](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=M8F458EZH8UZE&source=url)
 
@@ -68,7 +68,7 @@
       See GNU Public License on <http://www.gnu.org/licenses/>.
 
 
-# Current Version: 5.1
+# Current Version: 5.1.1
 
      Important note:  Malwoverview does NOT submit samples to any endpoint by default, 
      so it respects possible Non-Disclosure Agreements (NDAs). There're specific options
@@ -416,6 +416,12 @@ should be executed:
 
 # HISTORY
 
+Version 5.1.1:
+
+      This version:
+
+            * A formatting issue related to -v 10 option has been fixed.
+
 Version 5.1:
 
       This version:
diff --git a/malwoverview/malwoverview.py b/malwoverview/malwoverview.py
index 53e3dd2..545ccd9 100755
--- a/malwoverview/malwoverview.py
+++ b/malwoverview/malwoverview.py
@@ -20,7 +20,7 @@
 # Corey Forman (https://github.com/digitalsleuth)
 # Christian Clauss (https://github.com/cclauss)
 
-# Malwoverview.py: version 5.1
+# Malwoverview.py: version 5.1.1
 
 import os
 import sys
@@ -62,7 +62,7 @@
 __author__ = "Alexandre Borges"
 __copyright__ = "Copyright 2018-2021, Alexandre Borges"
 __license__ = "GNU General Public License v3.0"
-__version__ = "5.1"
+__version__ = "5.1.1"
 __email__ = "alexandreborges at blackstormsecurity.com"
 
 haurl = 'https://www.hybrid-analysis.com/api/v2'
@@ -1861,7 +1861,7 @@ def vtbatchcheck(filename, url, apitype):
 
     try:
 
-        print("\nSample".center(10) + "Hash".center(72) + "Description".center(26) + "Threat Label".center(26) + "AV Detection".center(24))
+        print("\nSample".center(10) + "Hash".center(68) + "Description".center(30) + "Threat Label".center(26) + "AV Detection".center(24))
         print('-' * 152, end="\n\n")
 
         fh = open(filename,'r')
@@ -1871,13 +1871,23 @@ def vtbatchcheck(filename, url, apitype):
         for hashitem in filelines:
             hashnumber = hashnumber + 1
             (type_description, threat_label, malicious) = vtbatchwork(hashitem,url)
-            if (bkg == 1):
-                print(mycolors.foreground.lightcyan + "hash_" + str(hashnumber) + "\t   " +  mycolors.reset + (hashitem.strip()).ljust(68) + mycolors.foreground.yellow + (type_description).ljust(30) + mycolors.foreground.lightcyan + (threat_label).ljust(34) +  mycolors.foreground.lightred + str(malicious))
-            if (bkg == 0):
-                print(mycolors.foreground.purple + "hash_" + str(hashnumber) + "\t   " +  mycolors.reset + (hashitem.strip()).ljust(72) + mycolors.foreground.cyan + (type_description).ljust(30) + mycolors.foreground.blue + (threat_label).ljust(34) +  mycolors.foreground.red + str(malicious))
-            if (apitype_var == 1):
-                if ((hashnumber % 4) == 0):
-                    time.sleep(61)
+            if (type_description == "NOT FOUND"):
+                if (bkg == 1):
+                    print(mycolors.foreground.lightcyan + "hash_" + str(hashnumber) + "\t   " +  mycolors.reset + (hashitem.strip()).ljust(79) + mycolors.foreground.yellow + (type_description).ljust(28) + mycolors.foreground.lightcyan + (threat_label).ljust(26) +  mycolors.foreground.lightred + str(malicious))
+                if (bkg == 0):
+                    print(mycolors.foreground.purple + "hash_" + str(hashnumber) + "\t   " +  mycolors.reset + (hashitem.strip()).ljust(79) + mycolors.foreground.cyan + (type_description).ljust(28) + mycolors.foreground.blue + (threat_label).ljust(26) +  mycolors.foreground.red + str(malicious))
+                if (apitype_var == 1):
+                    if ((hashnumber % 4) == 0):
+                        time.sleep(61)
+            else:
+                if (bkg == 1):
+                    print(mycolors.foreground.lightcyan + "hash_" + str(hashnumber) + "\t   " +  mycolors.reset + (hashitem.strip()).ljust(68) + mycolors.foreground.yellow + (type_description).ljust(30) + mycolors.foreground.lightcyan + (threat_label).ljust(34) +  mycolors.foreground.lightred + str(malicious))
+                if (bkg == 0):
+                    print(mycolors.foreground.purple + "hash_" + str(hashnumber) + "\t   " +  mycolors.reset + (hashitem.strip()).ljust(68) + mycolors.foreground.cyan + (type_description).ljust(30) + mycolors.foreground.blue + (threat_label).ljust(34) +  mycolors.foreground.red + str(malicious))
+                if (apitype_var == 1):
+                    if ((hashnumber % 4) == 0):
+                        time.sleep(61)
+
         fh.close()
 
     except OSError:
@@ -10320,7 +10330,7 @@ def sendandroidvt(package):
     ipaddrvtx = ''
     ffpname = ''
 
-    parser = argparse.ArgumentParser(prog=None, description="Malwoverview is a first response tool for threat hunting written by Alexandre Borges. This version is 5.1", usage= "python malwoverview.py -c <API configuration file> -d <directory> -o <0|1> -v <1-13> -V <virustotal arg> -a <1-15> -w <0|1> -A <filename> -l <1-6> -L <hash> -j <1-7> -J <URLhaus argument> -p <1-8> -P <polyswarm argument> -y <1-5> -Y <file name> -n <1-5> -N <argument> -m <1-8> -M <argument> -b <1-10> -B <arg> -x <1-7> -X <arg> -i <1-13> -I <INQUEST argument>")
+    parser = argparse.ArgumentParser(prog=None, description="Malwoverview is a first response tool for threat hunting written by Alexandre Borges. This version is 5.1.1", usage= "python malwoverview.py -c <API configuration file> -d <directory> -o <0|1> -v <1-13> -V <virustotal arg> -a <1-15> -w <0|1> -A <filename> -l <1-6> -L <hash> -j <1-7> -J <URLhaus argument> -p <1-8> -P <polyswarm argument> -y <1-5> -Y <file name> -n <1-5> -N <argument> -m <1-8> -M <argument> -b <1-10> -B <arg> -x <1-7> -X <arg> -i <1-13> -I <INQUEST argument>")
     parser.add_argument('-c', '--config', dest='config', type=str, metavar = "CONFIG FILE", default = (USER_HOME_DIR + '.malwapi.conf'), help='Use a custom config file to specify API\'s.')
     parser.add_argument('-d', '--directory', dest='direct',type=str, metavar = "DIRECTORY", help='Specifies the directory containing malware samples to be checked against VIRUS TOTAL. Use the option -D to decide whether you are being using a public VT API or a Premium VT API.')
     parser.add_argument('-o', '--background', dest='backg', type=int,default = 1, metavar = "BACKGROUND", help='Adapts the output colors to a light background color terminal. The default is dark background color terminal.')
diff --git a/setup.py b/setup.py
index ba351b2..1d6b18d 100644
--- a/setup.py
+++ b/setup.py
@@ -11,7 +11,7 @@
 
 setup(
     name="malwoverview",
-    version="5.1",
+    version="5.1.1",
     author="Alexandre Borges",
     author_email="alexandreborges@blackstormsecurity.com",
     license="GNU GPL v3.0",