VM-Packages icon indicating copy to clipboard operation
VM-Packages copied to clipboard

Published 20 hours ago verified publisher icon mandiant

Capture additional log files

Open MalwareMechanic opened this issue 2 years ago • 0 comments

Add the following logs to the artifacts: %PROGRAMDATA%\chocolatey\lib-bad\*\install_log.txt

Packages may create a per-install log to use for whatever they wish, see: https://github.com/mandiant/VM-Packages/blob/f27bacad8c5e658fec4434a5f1f57122ebcb7d94/packages/common.vm/tools/vm.common/vm.common.psm1#L169

The packages libraries.python*.vm use this to redirect output from pip when installing Python modules. It'd be good to grab these per-install log files as well. You'll likely need to use a regex to find them, but they should be in a subdirectory within lib-bad somewhere.

MalwareMechanic avatar Nov 30 '22 16:11 MalwareMechanic