def build_context()

in tools/icedid/gzip-variant/load_core.py [0:0]

• 23 lines of code
• 2 McCabe index (conditional complexity)

def build_context(ctx_path: pathlib.Path) -> icedid_core.Ctx64:
    with ctx_path.open("r") as f:
        j = json.load(f)

    ctx = icedid_core.Ctx64()
    ctx.field_0 = j["field_0"]
    ctx.is_dll = j["is_dll"]
    ctx.stage_2_fullpath = bytes(j["stage_2_fullpath"], "utf-8")
    ctx.core_fullpath = bytes(j["core_fullpath"], "utf-8")
    ctx.core_subpath = bytes(j["core_subpath"], "utf-8")
    ctx.stage_2_export = bytes(j["stage_2_export"], "utf-8")

    with open(j["encrypted_config_path"], "rb") as f:
        encrypted_config = f.read()

    ctx.encrypted_config = win32.VirtualAlloc(
        0,
        len(encrypted_config),
        win32.MEM_COMMIT | win32.MEM_RESERVE,
        win32.PAGE_READWRITE,
    )

    if not ctx.encrypted_config:
        raise RuntimeError("Failed to allocate memory. GLE={}", win32.GetLastError())

    ctypes.memmove(ctx.encrypted_config, encrypted_config, len(encrypted_config))
    ctx.encrypted_config_size = len(encrypted_config)

    return ctx