malware_bazaar_api.py - cmikke97/Automatic-Malware-Signature-Generation GitHub Wiki

In this page

Imported Modules

  • import csv - implements classes to read and write tabular data in CSV format - csv documentation
  • import json - json encoder and decoder - json documentation
  • import os - provides a portable way of using operating system dependent functionality - os documentation
  • import sys - system-specific parameters and functions - sys documentation
  • import tempfile - used to create temporary files and directories - tempfile documentation
  • import zipfile - provides tools to create, read, write, append, and list a ZIP file - zipfile documentation
  • from time import sleep - used to suspend execution of the calling thread for the given number of seconds - time documentation

Back to top

Classes and functions

MalwareBazaarAPI (class) - Simple Malware Bazaar API class. It implements a few methods to interact with Malware Bazaar Rest API.

  • __init__(self) (member function) - Initialize MalwareBazaarAPI class.
  • get_full_data_dump(self, dest_dir, family_list) (member function) - Get Malware Bazaar full data dump.
    • dest_dir (arg) - Directory where to extract and save the Malware Bazaar full data dump
    • family_list (arg) - List of families to retrieve samples of
  • check_sha256(s) (static member function) - Check if the one provided is a valid sha256 hash value.
    • s (arg) - (Supposedly) Sha256 of a malware sample
  • query(self, query, qtype) (member function) - Get a list of malware samples' info (max 1'000) associated with a specific hash/tag/signature.
    • query (arg) - Hash/Tag/signature to retrieve metadata of
    • qtype (arg) - Type of query to make; valid options are "hash", "tag" or "signature" (default: 'hash')
  • retrieve_malware_sample(self, sha256_hash, dest_dir, unzip) (member function) - Download malware sample from Malware Bazaar given its sha256 hash.
    • sha256_hash (arg) - Sha256 hash of the malware sample to retrieve
    • dest_dir (arg) - Destination directory where to save file
    • unzip (arg) - Whether to unzip downloaded file or not (default: False)

Back to top

Repository file structure

root/
|
β”œβ”€β”€ src/
|   |
|   β”œβ”€β”€ FreshDatasetBuilder/
|   |   |
|   |   β”œβ”€β”€ emberFeatures/
|   |   |   |
|   |   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   |   β”œβ”€β”€ features.py  - - - - - - - - - - - - - - - (features python code πŸ“–Wiki)
|   |   |   └── vectorize_features.py  - - - - - - - - - - (vectorize features python code πŸ“–Wiki)
|   |   |
|   |   β”œβ”€β”€ utils/
|   |   |   |
|   |   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   |   β”œβ”€β”€ fresh_dataset_utils.py - - - - - - - - - - (fresh dataset utils python code πŸ“–Wiki)
|   |   |   └── malware_bazaar_api.py  - - - - - - - - - - (malware bazaar API python code πŸ“–Wiki)
|   |   |
|   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   └── build_fresh_dataset.py - - - - - - - - - - (fresh dataset builder python code πŸ“–Wiki)
|   |
|   β”œβ”€β”€ Model/
|   |   |
|   |   β”œβ”€β”€ nets/
|   |   |   |
|   |   |   β”œβ”€β”€ generators/
|   |   |   |   |
|   |   |   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   |   |   β”œβ”€β”€ dataset.py - - - - - - - - - - - - - - - - (dataset (base) code πŸ“–Wiki)
|   |   |   |   β”œβ”€β”€ dataset_alt.py - - - - - - - - - - - - - - (dataset_alt code πŸ“–Wiki)
|   |   |   |   β”œβ”€β”€ fresh_dataset.py - - - - - - - - - - - - - (fresh_dataset code πŸ“–Wiki)
|   |   |   |   β”œβ”€β”€ fresh_generators.py  - - - - - - - - - - - (fresh_generators code πŸ“–Wiki)
|   |   |   |   β”œβ”€β”€ generators.py  - - - - - - - - - - - - - - (generators (base) code πŸ“–Wiki)
|   |   |   |   β”œβ”€β”€ generators_alt1.py - - - - - - - - - - - - (generators_alt1 code πŸ“–Wiki)
|   |   |   |   β”œβ”€β”€ generators_alt2.py - - - - - - - - - - - - (generators_alt2 code πŸ“–Wiki)
|   |   |   |   └── generators_alt3.py - - - - - - - - - - - - (generators_alt3 code πŸ“–Wiki)
|   |   |   |
|   |   |   β”œβ”€β”€ utils/
|   |   |   |   |
|   |   |   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   |   |   └── Net.py - - - - - - - - - - - - - - - - - - (Net code πŸ“–Wiki)
|   |   |   |
|   |   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   |   β”œβ”€β”€ ALOHA_net.py - - - - - - - - - - - - - - - (ALOHA_net code πŸ“–Wiki)
|   |   |   β”œβ”€β”€ Contrastive_Model_net.py - - - - - - - - - (Contrastive_Model_net code πŸ“–Wiki)
|   |   |   β”œβ”€β”€ Family_Classifier_net.py - - - - - - - - - (Family_Classifier_net code πŸ“–Wiki)
|   |   |   β”œβ”€β”€ MTJE_net.py  - - - - - - - - - - - - - - - (MTJE_net code πŸ“–Wiki)
|   |   |   β”œβ”€β”€ MTJE_net_cosine.py - - - - - - - - - - - - (MTJE_net_cosine code πŸ“–Wiki)
|   |   |   └── MTJE_net_pairwise_distance.py  - - - - - - (MTJE_net_pairwise_distance code πŸ“–Wiki)
|   |   |
|   |   β”œβ”€β”€ utils/
|   |   |   |
|   |   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   |   β”œβ”€β”€ contrastive_utils.py - - - - - - - - - - - (contrastive_utils code πŸ“–Wiki)
|   |   |   β”œβ”€β”€ opt_utils.py - - - - - - - - - - - - - - - (opt_utils code πŸ“–Wiki)
|   |   |   β”œβ”€β”€ plot_utils.py  - - - - - - - - - - - - - - (plot_utils code πŸ“–Wiki)
|   |   |   └── ranking_metrics.py - - - - - - - - - - - - (ranking_metrics code πŸ“–Wiki)
|   |   |
|   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   β”œβ”€β”€ evaluate.py  - - - - - - - - - - - - - - - (evaluate code πŸ“–Wiki)
|   |   β”œβ”€β”€ evaluate_contrastive.py  - - - - - - - - - (evaluate_contrastive code πŸ“–Wiki)
|   |   β”œβ”€β”€ evaluate_family_classifier.py  - - - - - - (evaluate_family_classifier code πŸ“–Wiki)
|   |   β”œβ”€β”€ evaluate_fresh.py  - - - - - - - - - - - - (evaluate_fresh code πŸ“–Wiki)
|   |   β”œβ”€β”€ gen3_speed_evaluation.py - - - - - - - - - (gen3_speed_evaluation code πŸ“–Wiki)
|   |   β”œβ”€β”€ plot.py  - - - - - - - - - - - - - - - - - (plot code πŸ“–Wiki)
|   |   β”œβ”€β”€ plot_contrastive.py  - - - - - - - - - - - (plot_contrastive code πŸ“–Wiki)
|   |   β”œβ”€β”€ plot_family_classifier.py  - - - - - - - - (plot_family_classifier code πŸ“–Wiki)
|   |   β”œβ”€β”€ plot_fresh.py  - - - - - - - - - - - - - - (plot_fresh code πŸ“–Wiki)
|   |   β”œβ”€β”€ train.py - - - - - - - - - - - - - - - - - (train code πŸ“–Wiki)
|   |   β”œβ”€β”€ train_contrastive.py - - - - - - - - - - - (train_contrastive code πŸ“–Wiki)
|   |   └── train_family_classifier.py - - - - - - - - (train_family_classifier code πŸ“–Wiki)
|   |
|   β”œβ”€β”€ Sorel20mDataset/
|   |   |
|   |   β”œβ”€β”€ generators/
|   |   |   |
|   |   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   |   β”œβ”€β”€ sorel_dataset.py - - - - - - - - - - - - - (sorel_dataset code πŸ“–Wiki)
|   |   |   └── sorel_generators.py  - - - - - - - - - - - (sorel_generators code πŸ“–Wiki)
|   |   |
|   |   β”œβ”€β”€ utils/
|   |   |   |
|   |   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   |   β”œβ”€β”€ download_utils.py  - - - - - - - - - - - - (download_utils code πŸ“–Wiki)
|   |   |   └── preproc_utils.py - - - - - - - - - - - - - (preproc_utils code πŸ“–Wiki)
|   |   |
|   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   β”œβ”€β”€ preprocess_dataset.py  - - - - - - - - - - (preprocess_dataset code πŸ“–Wiki)
|   |   β”œβ”€β”€ preprocess_ds_multi.py - - - - - - - - - - (preprocess_ds_multi code πŸ“–Wiki)
|   |   └── sorel20mDownloader.py  - - - - - - - - - - (sorel20mDownloader code πŸ“–Wiki)
|   |
|   β”œβ”€β”€ utils/
|   |   |
|   |   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   |   └── workflow_utils.py  - - - - - - - - - - - - - - - - - (workflow_utils code πŸ“–Wiki)
|   |
|   β”œβ”€β”€ __init__.py  - - - - - - - - - - - - - - - (python module init)
|   β”œβ”€β”€ config.ini - - - - - - - - - - - - - - - - (configuration file πŸ“–Wiki)
|   └── main.py  - - - - - - - - - - - - - - - - - (main code πŸ“–Wiki)
|
β”œβ”€β”€ MLproject  - - - - - - - - - - - - - - - - (MLproject file)
β”œβ”€β”€ README.md  - - - - - - - - - - - - - - - - (README)
└── conda.yaml - - - - - - - - - - - - - - - - (conda yaml environment)
⚠️ **GitHub.com Fallback** ⚠️