From 6beeeebe3c43f0643e521139d3f8b1ff4a7f3059 Mon Sep 17 00:00:00 2001
From: Julien Voisin
Date: Thu, 5 Mar 2015 15:36:22 +0100
Subject: Yara is cooler than Python

---
 modules/whitelist.py | 46 ----------------------------------------------
 1 file changed, 46 deletions(-)
 delete mode 100644 modules/whitelist.py

(limited to 'modules/whitelist.py')

diff --git a/modules/whitelist.py b/modules/whitelist.py
deleted file mode 100644
index 587b392..0000000
--- a/modules/whitelist.py
+++ /dev/null
@@ -1,46 +0,0 @@
-import os
-import hashlib
-import scanmodule
-
-def main():
-    return HashWhitelist()
-
-class HashWhitelist(scanmodule.ScanModule):
-    name = 'hashwhitelist'
-    def evaluate(self, path):
-        ''' Return in percent, the probability that
-        the file is a malware
-        @param path File to evaluate
-        '''
-        sha1 = ''
-        with open(path, 'r') as f:
-            sha1 = hashlib.sha1(f.read()).hexdigest()
-
-        lst = list()
-        for f in self.samples:
-            if sha1 == self.samples[f]:
-                lst.append([f, 100])
-        return sorted(lst, key=lambda lst: lst[1], reverse=True)
-
-    def is_malware(self, path):
-        ''' Return False if the file is whitelisted
-        '''
-        sha1 = ''
-        with open(path, 'r') as f:
-            sha1 = hashlib.sha1(f.read()).hexdigest()
-
-        for f in self.samples:
-            if sha1 == self.samples[f]:
-                return False
-        return True
-
-    def populate(self, path):
-        ''' Populate the module's internal database
-        with data from the given path
-        @param path Path to the data
-        '''
-        for root, _, filenames in os.walk(path):
-            for filename in filenames:
-                full_path = os.path.join(root, filename)
-                with open(full_path, 'r') as f:
-                    self.samples[full_path] = hashlib.sha1(f.read()).hexdigest()
-- 
cgit v1.3