kevoreilly · doomedraven · Sep 8, 2025 · Sep 8, 2025 · Sep 8, 2025 · Sep 8, 2025
diff --git a/lib/cuckoo/common/objects.py b/lib/cuckoo/common/objects.py
@@ -227,36 +227,34 @@
 
     def calc_hashes(self):
         """Calculate all possible hashes for this file."""
-        crc = 0
-        md5 = hashlib.md5()
-        sha1 = hashlib.sha1()
-        sha256 = hashlib.sha256()
-        sha512 = hashlib.sha512()
-        sha3_384 = hashlib.sha3_384()
-
+        hashes = {
+            "crc32": 0,
+            "md5": hashlib.md5(),
+            "sha1": hashlib.sha1(),
+            "sha256": hashlib.sha256(),
+            "sha512": hashlib.sha512(),
+            "sha3_384": hashlib.sha3_384(),
+        }
         if HAVE_TLSH:
-            tlsh_hash = tlsh.Tlsh()
+            hashes["tlsh"] = tlsh.Tlsh()
 
         for chunk in self.get_chunks():
-            crc = binascii.crc32(chunk, crc)
-            md5.update(chunk)
-            sha1.update(chunk)
-            sha256.update(chunk)
-            sha512.update(chunk)
-            sha3_384.update(chunk)
+            hashes["crc32"] = binascii.crc32(chunk, hashes["crc32"])
+            for alg in ("md5", "sha1", "sha256", "sha512", "sha3_384"):
+                hashes[alg].update(chunk)
             if HAVE_TLSH:
-                tlsh_hash.update(chunk)
-
-        self._crc32 = "".join(f"{(crc >> i) & 0xFF:02X}" for i in (24, 16, 8, 0))
-        self._md5 = md5.hexdigest()
-        self._sha1 = sha1.hexdigest()
-        self._sha256 = sha256.hexdigest()
-        self._sha512 = sha512.hexdigest()
-        self._sha3_384 = sha3_384.hexdigest()
+                hashes["tlsh"].update(chunk)
+
+        self._crc32 = "".join(f"{(hashes['crc32'] >> i) & 0xFF:02X}" for i in (24, 16, 8, 0))
+        self._md5 = hashes["md5"].hexdigest()
+        self._sha1 = hashes["sha1"].hexdigest()
+        self._sha256 = hashes["sha256"].hexdigest()
+        self._sha512 = hashes["sha512"].hexdigest()
+        self._sha3_384 = hashes["sha3_384"].hexdigest()
         if HAVE_TLSH:
             with contextlib.suppress(ValueError):
-                tlsh_hash.final()
-                self._tlsh_hash = tlsh_hash.hexdigest()
+                hashes["tlsh"].final()
+                self._tlsh_hash = hashes["tlsh"].hexdigest()
 
     @property
     def file_data(self):
@@ -370,54 +368,33 @@
         return file_type
 
     def get_type(self):
-        """Get MIME file type.
-        @return: file type.
-        """
+        """Get MIME file type."""
         if self.file_type:
             return self.file_type
-        if self.file_path:
-            try:
-                if IsPEImage(self.file_data):
-                    self._pefile = True
-                    if HAVE_PEFILE:
-                        try:
-                            self.pe = pefile.PE(data=self.file_data, fast_load=True)
-                        except pefile.PEFormatError:
-                            self.file_type = "PE image for MS Windows"
-                            log.debug("Unable to instantiate pefile on image: %s", self.file_path)
-                        emulated_isa = {IMAGE_FILE_MACHINE_AMD64, IMAGE_FILE_MACHINE_I386}
-                        if self.pe and self.pe.FILE_HEADER.Machine in emulated_isa:
-                            is_dll = self.pe.is_dll()
-                            is_x64 = self.pe.FILE_HEADER.Machine == IMAGE_FILE_MACHINE_AMD64
-                            gui_type = "console" if self.pe.OPTIONAL_HEADER.Subsystem == 3 else "GUI"
-                            dotnet_string = ""
-                            with contextlib.suppress(AttributeError, IndexError):
-                                dotnet_string = (
-                                    " Mono/.Net assembly"
-                                    if self.pe.OPTIONAL_HEADER.DATA_DIRECTORY[
-                                        pefile.DIRECTORY_ENTRY["IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR"]
-                                    ].VirtualAddress
-                                    != 0
-                                    else ""
-                                )
-                            # Emulate magic for now
-                            if is_dll and is_x64:
-                                self.file_type = f"PE32+ executable (DLL) (GUI) x86-64{dotnet_string}, for MS Windows"
-                            elif is_dll:
-                                self.file_type = f"PE32 executable (DLL) (GUI) Intel 80386{dotnet_string}, for MS Windows"
-                            elif is_x64:
-                                self.file_type = f"PE32+ executable ({gui_type}) x86-64{dotnet_string}, for MS Windows"
-                            else:
-                                self.file_type = f"PE32 executable ({gui_type}) Intel 80386{dotnet_string}, for MS Windows"
-                            log.debug("file type set using basic heuristics for: %s", self.file_path)
-                    elif not File.notified_pefile:
-                        File.notified_pefile = True
-                        log.warning("Unable to import pefile (install with `pip3 install pefile`)")
-            except Exception as e:
-                log.exception(e)
-        if not self.file_type:
-            self.file_type = self.get_content_type()
 
+        if self.file_path and IsPEImage(self.file_data):
+            self._pefile = True
+            if HAVE_PEFILE:
+                try:
+                    self.pe = pefile.PE(data=self.file_data, fast_load=True)
+                    if self.pe.FILE_HEADER.Machine in {IMAGE_FILE_MACHINE_AMD64, IMAGE_FILE_MACHINE_I386}:
+                        is_dll = self.pe.is_dll()
+                        is_x64 = self.pe.FILE_HEADER.Machine == IMAGE_FILE_MACHINE_AMD64
+                        gui_type = "GUI" if self.pe.OPTIONAL_HEADER.Subsystem != 3 else "console"
+                        dotnet = " Mono/.Net assembly" if self.pe.OPTIONAL_HEADER.DATA_DIRECTORY[pefile.DIRECTORY_ENTRY["IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR"]].VirtualAddress != 0 else ""
+
+                        arch = "x86-64" if is_x64 else "Intel 80386"
+                        pe_type = "PE32+" if is_x64 else "PE32"
+                        dll_str = " (DLL)" if is_dll else ""
+
+                        self.file_type = f"{pe_type} executable{dll_str} ({gui_type}) {arch}{dotnet}, for MS Windows"
+                        return self.file_type
+                except pefile.PEFormatError:
+                    self.file_type = "PE image for MS Windows"
+                except Exception as e:
+                    log.exception(e)
+
+        self.file_type = self.get_content_type()
         return self.file_type
 
     def _yara_encode_string(self, yara_string):

diff --git a/lib/cuckoo/core/resultserver.py b/lib/cuckoo/core/resultserver.py
@@ -319,19 +319,19 @@ def __del__(self):
 
 
 def check_names_for_typeinfo(arginfo):
-    argnames = [i[0] if isinstance(i, (list, tuple)) else i for i in arginfo]
-
+    argnames = []
     converters = []
     for i in arginfo:
         if isinstance(i, (list, tuple)):
+            argnames.append(i[0])
             r = TYPECONVERTERS.get(i[1])
             if not r:
                 log.debug("Analyzer sent unknown format specifier '%s'", i[1])
                 r = default_converter
             converters.append(r)
         else:
+            argnames.append(i)
             converters.append(default_converter)
-
     return argnames, converters
 
 
@@ -589,27 +589,19 @@ def __init__(self):
 
         try:
             sock.bind((ip, port))
-        except (OSError, socket.error) as e:
+        except socket.error as e:
             if e.errno == errno.EADDRINUSE:
                 raise CuckooCriticalError(
-                    f"Cannot bind ResultServer on port {port} because it was in use, bailing"
-                    "This might happen because CAPE is already running in the background as cape.service"
-                    "sudo systemctl stop cape.service"
-                    "to stop the background service. You can also run the just use the background service without starting it again here in the terminal."
+                    f"Cannot bind ResultServer on port {port} because it is already in use. This might happen because CAPE is already running. "
+                    "To fix this, you can stop the existing CAPE service by running 'sudo systemctl stop cape.service'."
                 )
             elif e.errno == errno.EADDRNOTAVAIL:
                 raise CuckooCriticalError(
-                    f"Unable to bind ResultServer on {ip}:{port} {e}. This "
-                    "usually happens when you start Cuckoo without "
-                    "bringing up the virtual interface associated with "
-                    "the ResultServer IP address. Please refer to "
-                    "https://cuckoo.sh/docs/faq/#troubles-problem "
-                    "for more information"
-                    "One more reason this might happen is if you don't correctly set the IP of the resultserver in cuckoo.conf."
-                    "Make sure the resultserver IP is set to the host IP"
+                    f"Unable to bind ResultServer on {ip}:{port}. This usually happens when the network interface is not configured correctly. "
+                    "Please ensure the resultserver IP in cuckoo.conf is set to the host IP and the interface is up."
                 )
             else:
-                raise CuckooCriticalError(f"Unable to bind ResultServer on {ip}:{port} {e}")
+                raise CuckooCriticalError(f"Unable to bind ResultServer on {ip}:{port}: {e}")
 
         # We allow user to specify port 0 to get a random port, report it back
         # here