Merge pull request #389 from t-mtsmt/fix-procmon

Fixed problem with Procmon module not working
CAPESandbox · Nov 28, 2023 · 531ecad · 531ecad
2 parents 17d04a3 + fb34814
commit 531ecad
Showing 1 changed file with 4 additions and 5 deletions.
diff --git a/analyzer/windows/modules/auxiliary/procmon.py b/analyzer/windows/modules/auxiliary/procmon.py
@@ -9,7 +9,6 @@
 from threading import Thread
 
 from lib.common.abstracts import Auxiliary
-from lib.common.constants import ROOT
 from lib.common.exceptions import CuckooPackageError
 from lib.common.results import upload_to_host
 
@@ -24,10 +23,10 @@ def __init__(self, options, config):
         self.startupinfo = subprocess.STARTUPINFO()
         self.startupinfo.dwFlags |= subprocess.STARTF_USESHOWWINDOW
 
-        bin_path = os.path.join(ROOT, "bin")
+        bin_path = os.path.join(os.getcwd(), "bin")
         self.procmon_exe = os.path.join(bin_path, "procmon.exe")
         self.procmon_pmc = os.path.join(bin_path, "procmon.pmc")
-        self.procmon_pml = os.path.join(bin_path, "procmon")
+        self.procmon_pml = os.path.join(bin_path, "procmon.PML")
         self.procmon_xml = os.path.join(bin_path, "procmon.xml")
 
     def run(self) -> bool:
@@ -75,7 +74,7 @@ def stop(self) -> bool:
                 (
                     self.procmon_exe,
                     "/OpenLog",
-                    f"{self.procmon_pml}.PML",
+                    self.procmon_pml,
                     "/LoadConfig",
                     self.procmon_pmc,
                     "/SaveAs",
@@ -87,7 +86,7 @@ def stop(self) -> bool:
             )
 
             # Upload the XML file to the host.
-            upload_to_host(self.procmon_xml, "procmon.xml")
+            upload_to_host(self.procmon_xml, "aux/procmon.xml")
             return True
         except Exception as e:
             logging.error(e, exc_info=True)