From 8ba3f2740b18d002d5370960682a310716a36fd9 Mon Sep 17 00:00:00 2001
From: "eugene.livis" <elivis@basistech.com>
Date: Thu, 17 Aug 2023 16:52:05 -0400
Subject: [PATCH] Bug fixes during ingest

---
 .../autopsy/malwarescan/MalwareScanIngestModule.java      | 8 ++++++--
 Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java   | 2 +-
 Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java | 3 ++-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java
index c52e72a350..4698392478 100644
--- a/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java
+++ b/Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java
@@ -775,7 +775,11 @@ private void createAnalysisResults(IngestJobState ingestJobState, List<CTCloudBe
                     for (Long objId : objIds) {
                         AnalysisResult res = createAnalysisResult(ingestJobState, trans, result, objId);
                         if (res != null) {
-                            createdArtifacts.add(res);
+                            // only post results that have score NOTABLE or LIKELY_NOTABLE
+                            Score score = res.getScore();
+                            if (score.getSignificance() == Score.Significance.NOTABLE || score.getSignificance() == Score.Significance.LIKELY_NOTABLE) {
+                                createdArtifacts.add(res);
+                            }
                         }
                     }
                 }
@@ -837,7 +841,7 @@ private AnalysisResult createAnalysisResult(IngestJobState ingestJobState, Sleut
                     : Bundle.MalwareScanIngestModule_SharedProcessing_createAnalysisResult_No();
 
             String justification = cloudBean.getMalwareResult().getStatusDescription();
-
+            
             return ingestJobState.getTskCase().getBlackboard().newAnalysisResult(
                     ingestJobState.getMalwareType(),
                     objId,
diff --git a/Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java b/Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java
index ded4c9cbed..a38383c183 100644
--- a/Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java
+++ b/Core/src/org/sleuthkit/autopsy/datamodel/Artifacts.java
@@ -1,7 +1,7 @@
 /*
  * Autopsy Forensic Browser
  *
- * Copyright 2011-2021 Basis Technology Corp.
+ * Copyright 2011-2023 Basis Technology Corp.
  * Contact: carrier <at> sleuthkit <dot> org
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java b/Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java
index b0f48495c3..c1761a7ad5 100755
--- a/Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java
+++ b/Core/src/org/sleuthkit/autopsy/datamodel/MalwareHits.java
@@ -255,7 +255,8 @@ public RootNode() {
                     MALWARE_ARTIFACT_TYPE);
 
             super.setName(MALWARE_HITS);
-            //this.setIconBaseWithExtension("org/sleuthkit/autopsy/images/hashset_hits.png"); // ELTODO
+            // TODO make an icon
+            this.setIconBaseWithExtension("org/sleuthkit/autopsy/images/artifact-icon.png");
         }
 
         @Override
-- 
GitLab