def get_start_time(self):
'''
@summary: Get's Crypter's start time from the registry, or creates it if it
doesn't exist
@return: The time that the ransomware began it's encryption operation, in integer epoch form
'''
# Try to open registry key
try:
reg = _winreg.OpenKeyEx(_winreg.HKEY_CURRENT_USER, self.REGISTRY_LOCATION)
start_time = _winreg.QueryValueEx(reg, "")[0]
_winreg.CloseKey(reg)
# If failure, create the key
except WindowsError:
start_time = int(time.time())
reg = _winreg.CreateKey(_winreg.HKEY_CURRENT_USER, self.REGISTRY_LOCATION)
_winreg.SetValue(reg, "", _winreg.REG_SZ, str(start_time))
_winreg.CloseKey(reg)
return start_time
python类SetValue()的实例源码
def __set_value(self, value):
'Private class method.'
_winreg.SetValue(self.__self, '', REG.SZ, value)
def __set_value(self, value):
'Private class method.'
_winreg.SetValue(self.__key, '', REG.SZ, value)
def __set_value(self, value):
'Private class method.'
_winreg.SetValue(self.__key, '', REG.SZ, value)
def set_value(self, key, subkey, value):
""" Set a value in a custom subkey
"""
try:
return winreg.SetValue(key, subkey, winreg.REG_SZ, value)
except WindowsError as error:
print "Error al crear un valor"
self.no_restore = True
def _doregister(mod_name, dll_name):
assert os.path.isfile(dll_name), "Shouldn't get here if the file doesn't exist!"
try:
key = _winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE, "Software\\Python\\PythonCore\\%s\\Modules\\%s" % (sys.winver, mod_name))
except _winreg.error:
try:
key = _winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE, "Software\\Python\\PythonCore\\%s\\Modules\\%s" % (sys.winver, mod_name))
except _winreg.error:
print "Could not find the existing '%s' module registered in the registry" % (mod_name,)
usage_and_die(4)
# Create the debug key.
sub_key = _winreg.CreateKey(key, "Debug")
_winreg.SetValue(sub_key, None, _winreg.REG_SZ, dll_name)
print "Registered '%s' in the registry" % (dll_name,)