From 5d38dbd61760a9df0607480f08ea6468ecbbd3b1 Mon Sep 17 00:00:00 2001
From: Itamar Gafni <itamar@intezer.com>
Date: Tue, 7 Jan 2025 13:04:48 +0200
Subject: [PATCH] fix(offline-scans): Send autoruns info from offline scan

---
 intezer_sdk/__init__.py               |  2 +-
 intezer_sdk/_endpoint_analysis_api.py |  6 ++++++
 intezer_sdk/endpoint_analysis.py      | 14 ++++++++++++++
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/intezer_sdk/__init__.py b/intezer_sdk/__init__.py
index 50cf421..707b4ea 100644
--- a/intezer_sdk/__init__.py
+++ b/intezer_sdk/__init__.py
@@ -1 +1 @@
-__version__ = '1.21.8'
+__version__ = '1.21.9'
diff --git a/intezer_sdk/_endpoint_analysis_api.py b/intezer_sdk/_endpoint_analysis_api.py
index df39975..850123c 100644
--- a/intezer_sdk/_endpoint_analysis_api.py
+++ b/intezer_sdk/_endpoint_analysis_api.py
@@ -62,6 +62,12 @@ def send_scheduled_tasks_info(self, scheduled_tasks_info: dict):
                                                                   method='POST')
         raise_for_status(response)
 
+    def send_autoruns_info(self, autoruns_info: dict):
+        response = self.request_with_refresh_expired_access_token(path='/autoruns-info',
+                                                                  data=autoruns_info,
+                                                                  method='POST')
+        raise_for_status(response)
+
     def send_file_module_differences(self, file_module_differences: dict):
         response = self.request_with_refresh_expired_access_token(path='/file-module-differences',
                                                                   data=file_module_differences,
diff --git a/intezer_sdk/endpoint_analysis.py b/intezer_sdk/endpoint_analysis.py
index 087456b..3c86ac3 100644
--- a/intezer_sdk/endpoint_analysis.py
+++ b/intezer_sdk/endpoint_analysis.py
@@ -137,6 +137,7 @@ def _send_analyze_to_api(self, **additional_parameters) -> str:
 
             self._send_host_info()
             self._send_scheduled_tasks_info()
+            self._send_autoruns_info()
             self._send_processes_info()
             self._send_loaded_modules_info()
             self._send_files_info_and_upload_required()
@@ -198,6 +199,19 @@ def _send_scheduled_tasks_info(self):
         except BaseException:
             logger.warning(f'Endpoint analysis: {self.analysis_id}, failed to upload scheduled tasks info')
 
+    def _send_autoruns_info(self):
+        autoruns_info_path = os.path.join(self._offline_scan_directory, 'autoruns_info.json')
+        if not os.path.isfile(autoruns_info_path):
+            return
+        logger.info(f'Endpoint analysis: {self.analysis_id}, uploading autoruns info')
+        try:
+            with open(autoruns_info_path, encoding='utf-8') as f:
+                autoruns_info = json.load(f)
+            self._scan_api.send_autoruns_info(autoruns_info)
+        except BaseException:
+            logger.warning(f'Endpoint analysis: {self.analysis_id}, failed to upload autoruns info')
+
+
     def _send_loaded_modules_info(self):
         logger.info(f'Endpoint analysis: {self.analysis_id}, uploading loaded modules info')
         unified_modules_file_path = os.path.join(self._offline_scan_directory, 'all_loaded_modules_info.json')