diff --git a/.gitignore b/.gitignore
index 6195c6dc..3724e6c9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,7 +12,6 @@ Thumbs.db
$RECYCLE.BIN/
Desktop.ini
conf/eula_run.conf
-.git/
# Egg
logo/
@@ -33,6 +32,3 @@ develop-eggs/
# Installer logs
pip-log.txt
-
-imports/*.pyd
-imports/*.pyc
diff --git a/README.md b/README.md
index 85e55453..82599a6b 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
About
======
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way.
-theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev.
+theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev.
**theZoo is open and welcoming visitors!**
Disclaimer
@@ -15,7 +15,7 @@ We recommend running them in a VM which has no internet connection (or an intern
GPL 3
======
-theZoo - the most awesome free malware database on the air
+theZoo - the most awesome free malware database on the air
Copyright (C) 2015, Yuval Nativ, Lahad Ludar, 5fingers
This program is free software: you can redistribute it and/or modify
@@ -54,10 +54,10 @@ Malware source code :)
## Directory Structure:
Each directory is composed of 4 files:
-- Malware files in an encrypted ZIP archive.
-- SHA256 sum of the 1st file.
+- Malware files in an encrypted ZIP archive.
+- SHA256 sum of the 1st file.
- MD5 sum of the 1st file.
-- Password file for the archive.
+- Password file for the archive.
@@ -86,12 +86,9 @@ An example line will look as follow:
Bugs and Reports
================
-The repository holding all files is currently
+The repository holding all files is currently
https://github.com/ytisf/theZoo
-## Submit Malware
-Get the file you want to submit and just run `python prep_file.py file_tosubmit.exe`. It will create a directory for you. Then just submit that along with the changes to the `conf/maldb.db` so that we know which malware it is.
-
## Change Log for v0.60:
- [x] Moved DB to SQLite3.
- [x] Searching overhaul to a freestyle fashion.
@@ -99,9 +96,9 @@ Get the file you want to submit and just run `python prep_file.py file_tosubmit.
- [x] More & more malwares.
## Change Log for v0.50:
-- [x] Better and easier UI.
-- [x] Aligned printing of malwares.
-- [x] Command line arguments are now working.
+- [x] Better and easier UI.
+- [x] Aligned printing of malwares.
+- [x] Command line arguments are now working.
- [x] Added 10 more malwares (cool ones) to the DB.
## Change Log for v0.42:
@@ -127,7 +124,7 @@ Get the file you want to submit and just run `python prep_file.py file_tosubmit.
## Predicted Change Log for v1.0
- [X] Fix auto-complete for malware frameworks. (thanks to 5fingers)
- [X] Consider changing DB to XML or SQLite3. (Sheksa - done :))
-- [X] Better UI features.
-- [ ] Fix and make 'light' version without malwares with _MalwareFetch function.
+- [ ] Move malwares to another repo.
+- [ ] Better UI features.
If you have any suggestions or malware that you have indexed (in the manner laid out in the documentation) please send it to us to - yuval[]morirt [dot]com - so we can add it for everyones enjoyment.
diff --git a/conf/db.ver b/conf/db.ver
index 7485008c..b9edbc9a 100644
--- a/conf/db.ver
+++ b/conf/db.ver
@@ -1 +1 @@
-180210052018
+105509082014
\ No newline at end of file
diff --git a/conf/maldb.db b/conf/maldb.db
index 8b43a88e..c4047fdf 100644
Binary files a/conf/maldb.db and b/conf/maldb.db differ
diff --git a/imports/colors.py b/imports/colors.py
index c169e511..bc7b1d57 100644
--- a/imports/colors.py
+++ b/imports/colors.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python
-import os
+import os
BOLD = ''
NORM = ''
@@ -24,17 +24,6 @@
BOLD = '\033[01m'
UNDERLINE = '\033[04m'
-else:
- PURPLE = ''
- BLUE = ''
- GREEN = ''
- YELLOW = ''
- RED = ''
- WHITE = ''
- MAGENTA = ''
- BOLD = ''
- UNDERLINE = ''
-
def bold(str):
return BOLD + str + WHITE
@@ -58,4 +47,4 @@ def yellow(str):
return YELLOW + str + WHITE
def white(str):
- return WHITE + str + WHITE
+ return WHITE + str + WHITE
\ No newline at end of file
diff --git a/imports/eula_handler.py b/imports/eula_handler.py
index 97d98942..57d9a120 100644
--- a/imports/eula_handler.py
+++ b/imports/eula_handler.py
@@ -42,13 +42,13 @@ def prompt_eula(self):
notice += '| ATTENTION!!! ATTENTION!!! ATTENTION!!! |\n'
notice += '| ' + globals.vars.appname + ' v' + globals.vars.version + ' |\n'
notice += '|___________________________________________________________________________|\n'
- notice += '|This program contains live and dangerous malware files. |\n'
+ notice += '|This program contains live and dangerous malware files |\n'
notice += '|This program is intended to be used only for malware analysis and research |\n'
- notice += '|and by agreeing the EULA you agree to use it only for legal purposes and |\n'
- notice += '|for studying malware. |\n'
+ notice += '|and by agreeing the EULA you agree to only use it for legal purposes and |\n'
+ notice += '|studying malware. |\n'
notice += '|You understand that these file are dangerous and should only be run on VMs |\n'
notice += '|you can control and know how to handle. Running them on a live system will |\n'
- notice += '|infect your machines with live and dangerous malwares! |\n'
+ notice += '|infect you machines will live and dangerous malwares!. |\n'
notice += '|___________________________________________________________________________|\n'
print(red(notice))
eula_answer = raw_input(
diff --git a/imports/globals.py b/imports/globals.py
index 2290a19e..4e5a3b0f 100644
--- a/imports/globals.py
+++ b/imports/globals.py
@@ -77,10 +77,9 @@ class vars:
# DEBUG_LEVEL 0 = NO DEBUGGING
# DEBUG_LEVEL 1 = DEBUG DOWNLOADS
# DEBUG_LEVEL 2 = DEBUG SQL QUERIES
-
DEBUG_LEVEL = 0
- fulllicense = appname + " Copyright (C) 2017 " + authors + "\n"
+ fulllicense = appname + " Copyright (C) 2016 " + authors + "\n"
fulllicense += "This program comes with ABSOLUTELY NO WARRANTY; for details type '" + \
sys.argv[0] + " -w'.\n"
fulllicense += "This is free software, and you are welcome to redistribute it."
@@ -107,7 +106,7 @@ class vars:
db_ver = f.read()
# ASCII Art is a must...
- screen = random.randrange(1, 6)
+ screen = random.randrange(1, 4)
if screen is 1:
maldb_banner = "\n"
@@ -159,86 +158,3 @@ class vars:
maldb_banner += " built by: " + authors + "\n"
maldb_banner += " maintained by: " + ', '.join(maintainers) + "\n"
maldb_banner += " github: " + giturl + "\n\n"
-
- elif screen is 4:
- maldb_banner = "\n"
- maldb_banner += ". .. .\n"
- maldb_banner += "|\ || /|\n"
- maldb_banner += "| \ || / |\n"
- maldb_banner += "| \ || / |\n"
- maldb_banner += "| :\___JL___/ |\n"
- maldb_banner += "| :|##XLJ: :| |\n"
- maldb_banner += "'\ :|###||: X| /'\n"
- maldb_banner += " \:|###||:X#| /\n"
- maldb_banner += " |==========|\n"
- maldb_banner += " |###XXX;;|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##Xn:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##Xn:: :|\n"
- maldb_banner += " |##XX:: n|\n"
- maldb_banner += " |##XX:: U|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##Xn:: :|\n"
- maldb_banner += " |##XU:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: n|\n"
- maldb_banner += " |##XX:: U|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##Xn:: :|\n"
- maldb_banner += " |##XU:: :|\n"
- maldb_banner += " |##Xn:: :|\ttheZoo " + version + "\n"
- maldb_banner += " |##XU:: :|\t " + giturl + "\n"
- maldb_banner += " |##XX:: :|\tauthors: " + authors + "\n"
- maldb_banner += " |##XX:: :|\tmaintained by: " + ', '.join(maintainers) + "\n"
- maldb_banner += " |##XX:: :|\tgithub: " + giturl + "\n"
- maldb_banner += " |##,_,: :|\n"
- maldb_banner += " |./ T \.:|\n"
- maldb_banner += " || o|o |:|\n"
- maldb_banner += " || | |:|\n"
- maldb_banner += " .============.\n"
- maldb_banner += " .==============.\n"
- maldb_banner += ".================.\n\n"
-
- elif screen is 5:
- maldb_banner = "\n"
- maldb_banner += "_______________________________________\n"
- maldb_banner += "|\ ___________________________________ /|\n"
- maldb_banner += "| | _ _ | |\n"
- maldb_banner += "| |(+) _ _ (+)| |\n"
- maldb_banner += "| | ~ _--/ \--_ ~ | |\n"
- maldb_banner += "| | / / \ \ | |\n"
- maldb_banner += "| | / | | \ | |\n"
- maldb_banner += "| | / | | \ | |\n"
- maldb_banner += "| | | | _______ | | | |\n"
- maldb_banner += "| | | | \ / | | | |\n"
- maldb_banner += "| | \ \_ | | _/ / | |\n"
- maldb_banner += "| | \ -__| |__- / | |\n"
- maldb_banner += "| | \_ _/ | |\n"
- maldb_banner += "| | --__ __-- | |\n"
- maldb_banner += "| | --| |-- | |\n"
- maldb_banner += "| | | | | |\n"
- maldb_banner += "| | | | | |\n"
- maldb_banner += "| | | | |\n"
- maldb_banner += "| | | |\n"
- maldb_banner += "| | T H E Z O O | |\n"
- maldb_banner += "| | I S G O O D F O R Y O U | |\n"
- maldb_banner += "| | _ %s _ | |\n" % version
- maldb_banner += "| |(+) (+)| |\n"
- maldb_banner += "| | ~ ~ | |\n"
- maldb_banner += "|/ ----------------------------------- \|\n"
- maldb_banner += "---------------------------------------\n"
- maldb_banner += "\tmaintained by: %s\n" % ', '.join(maintainers)
- maldb_banner += "\tgiturl: %s\n" % giturl
- maldb_banner += "\tauthors: %s\n" % authors
diff --git a/imports/terminal_handler.py b/imports/terminal_handler.py
index 21928b00..9830f246 100644
--- a/imports/terminal_handler.py
+++ b/imports/terminal_handler.py
@@ -2,9 +2,9 @@
import sys
import rlcompleter
try:
- import readline
+ import readline
except ImportError:
- from imports import winreadline as readline
+ from imports import winreadline as readline
from imports import globals
from imports import manysearches
@@ -14,180 +14,171 @@
# Compatilibility to Python3
if sys.version_info.major == 3:
- raw_input = input
+ raw_input = input
elif sys.version_info.major == 2:
- pass
+ pass
else:
- sys.stderr.write("What kind of sorcery is this?!\n")
+ sys.stderr.write("What kind of sorcery is this?!\n")
class Controller:
- def __init__(self):
- self.modules = None
- self.currentmodule = None
- self.db = db_handler.DBHandler()
- self.commands = [("search", "Search for malwares according to a filter,\n\t\t\te.g 'search cpp worm'."),
- ("list all", "Lists all available modules"),
- ("use", "Selects a malware by ID"),
- ("info", "Retreives information about malware"),
- ("get", "Downloads selected malware"),
- ("report-mal", "Report a malware you found"),
- ("update-db", "Updates the databse"),
- ("help", "Displays this help..."),
- ("exit", "Exits...")]
-
- self.commandsWithoutDescription = {'search': '', 'list all': '', 'use': '', 'info': '',
- 'get': '', 'report-mal': '', 'update-db': '', 'help': '', 'exit': ''}
-
- self.searchmeth = [("arch", "which architecture etc; x86, x64, arm7 so on..."),
- ("plat",
- "platform: win32, win64, mac, android so on..."),
- ("lang", "c, cpp, vbs, bin so on..."),
- ("vip", "1 or 0")]
-
- self.modules = self.GetPayloads()
- completer = globals.Completer(self.commandsWithoutDescription)
-
- readline.parse_and_bind("tab: complete")
- readline.set_completer(completer.complete)
-
- def GetPayloads(self):
- return self.db.get_full_details()
-
- def MainMenu(self):
- # This will give you the nice prompt you like so much
- while (True): # Dont hate, affiliate
- try:
- if self.currentmodule is not None:
- try:
- just_print = self.db.query("SELECT NAME FROM Malwares WHERE ID=?", self.currentmodule)[0][0]
- cmd = raw_input(
- bold(green('mdb ')) + bold(blue(just_print)) + green('#> ')).strip()
- except:
- self.currentmodule = None
- print("You have chosen an index that is out of scope...")
- break
-
- else:
- cmd = raw_input(
- bold(green('mdb ')) + green('#> ')).strip()
- except KeyboardInterrupt:
- print(bold(blue("\n\n[*]")) + " Hope you enjoyed your visit at" + bold(red(" theZoo")) + "!")
- exit()
-
- self.actOnCommand(cmd)
-
- def actOnCommand(self, cmd):
- try:
- while cmd == "":
- return
-
- if cmd == 'help':
- print(" Available commands:\n")
- for (cmd, desc) in self.commands:
- print("\t%s\t%s" % ('{0: <12}'.format(cmd), desc))
- print('')
- return
-
- # Checks if normal or freestyle search
- if re.match('^search', cmd):
- manySearch = manysearches.MuchSearch()
- try:
- args = cmd.rsplit(' ')[1:]
- manySearch.sort(args)
- except:
- print(red('[!]') + 'Uh oh, Invalid query.')
- return
-
- if cmd == 'exit':
- sys.exit(1)
-
- if cmd == 'update-db':
- update_handler = Updater()
- db_ver = update_handler.get_maldb_ver()
- update_handler.update_db(db_ver)
- return
-
- if cmd == 'report-mal':
- rprt_name = raw_input("Name of malware: ")
- rprt_type = raw_input("Type of malware: ")
- rprt_version = raw_input("Version: ")
- rprt_lang = raw_input("Language: ")
- rprt_src = raw_input("Source / Binary (s/b): ")
- rprt_arch = raw_input("Win32, ARM etc. ? ")
- rprt_reporter = raw_input(
- "Your name for a thank you note on theZoo.\n"
- "Please notice that this will be public!\n\nName: ")
- rprt_comments = raw_input("Comments? ")
-
- report = ("//%s//\n" % rprt_name)
- report += ("///type/%s///\n" % rprt_type)
- report += ("///ver/%s///\n" % rprt_version)
- report += ("///lang/%s///\n" % rprt_lang)
- report += ("///src/%s///\n" % rprt_src)
- report += ("///arch/%s///\n" % rprt_arch)
- report += ("//reporter/%s//\n" % rprt_reporter)
- report += ("//comments/%s//\n" % rprt_comments)
-
- # Just to avoid bots spamming us...
- email = "info"
- email += "\x40"
- email += "morirt\x2ecom"
- print("-------------- Begin of theZoo Report --------------")
- print(report)
- print("-------------- Ending of theZoo Report --------------")
- print("To avoid compromising your privacy we have chose this method of reporting.")
- print("If you have not stated your name we will not write a thanks in our README.")
- print("Your email will remain private in scenario and will not be published.")
- print("")
- print("Please create an archive file with the structure described in the README file")
- print("And attach it to the email. ")
- print("Please send this report to %s" % email)
-
- return
-
- if cmd == 'get':
- update_handler = Updater()
- try:
- update_handler.get_malware(self.currentmodule)
- except:
- print(red('[-] ') + 'Error getting malware.')
- return
- # If used the 'use' command
- if re.match('^use', cmd):
- try:
- cmd = re.split('\s+', cmd)
- try:
- self.currentmodule = int(cmd[1])
- except IndexError:
- print("You have chosen an index that is out of DB scale.")
- cmd = ''
- except TypeError:
- print('Please enter malware ID')
- except:
- print('The use method needs an argument [int].')
- return
-
- if cmd == 'list all':
- print("\nAvailable Payloads:")
- manySearch = manysearches.MuchSearch()
- manySearch.print_payloads(self.db.get_mal_list(), ["%", "Name", "Type"])
- return
-
- if cmd == 'info':
- if self.currentmodule is None:
- print(red("[!] ") + "First select a malware using the \'use\' command")
- return
- m = self.db.get_mal_info(self.currentmodule)
- manySearch = manysearches.MuchSearch()
- manySearch.print_payloads(m, ["%", "Name", "Ver.", "Author", "Lang", "Date", "Arch.", "Plat.", "Tags"])
- return
-
- if cmd == 'quit':
- print(":(")
- sys.exit(1)
-
- except KeyboardInterrupt:
- print("\n\nI'll just go now...")
- sys.exit()
+ def __init__(self):
+ self.modules = None
+ self.currentmodule = None
+ self.db = db_handler.DBHandler()
+ self.commands = [("search", "Search for malwares according to a filter,\n\t\t\te.g 'search cpp worm'."),
+ ("list all", "Lists all available modules"),
+ ("use", "Selects a malware by ID"),
+ ("info", "Retreives information about malware"),
+ ("get", "Downloads selected malware"),
+ ("report-mal", "Report a malware you found"),
+ ("update-db", "Updates the databse"),
+ ("help", "Displays this help..."),
+ ("exit", "Exits...")]
+
+ self.commandsWithoutDescription = {'search': '', 'list all': '', 'use': '', 'info': '',
+ 'get': '', 'report-mal': '', 'update-db': '', 'help': '', 'exit': ''}
+
+ self.searchmeth = [("arch", "which architecture etc; x86, x64, arm7 so on..."),
+ ("plat",
+ "platform: win32, win64, mac, android so on..."),
+ ("lang", "c, cpp, vbs, bin so on..."),
+ ("vip", "1 or 0")]
+
+ self.modules = self.GetPayloads()
+ completer = globals.Completer(self.commandsWithoutDescription)
+
+ readline.parse_and_bind("tab: complete")
+ readline.set_completer(completer.complete)
+
+ def GetPayloads(self):
+ return self.db.get_full_details()
+
+ def MainMenu(self):
+ # This will give you the nice prompt you like so much
+ while (True): # Dont hate, affiliate
+ try:
+ if self.currentmodule is not None:
+ just_print = self.db.query("SELECT NAME FROM Malwares WHERE ID=?", self.currentmodule)[0][0]
+ cmd = raw_input(
+ bold(green('mdb ')) + bold(blue(just_print)) + green('#> ')).strip()
+ else:
+ cmd = raw_input(
+ bold(green('mdb ')) + green('#> ')).strip()
+ except KeyboardInterrupt:
+ print(bold(blue("\n\n[*]")) + " Hope you enjoyed your visit at" + bold(red(" theZoo")) + "!")
+ exit()
+
+ self.actOnCommand(cmd)
+
+ def actOnCommand(self, cmd):
+ try:
+ while cmd == "":
+ return
+
+ if cmd == 'help':
+ print(" Available commands:\n")
+ for (cmd, desc) in self.commands:
+ print("\t%s\t%s" % ('{0: <12}'.format(cmd), desc))
+ print('')
+ return
+
+ # Checks if normal or freestyle search
+ if re.match('^search', cmd):
+ manySearch = manysearches.MuchSearch()
+ try:
+ args = cmd.rsplit(' ')[1:]
+ manySearch.sort(args)
+ except:
+ print(red('[!]') + 'Uh oh, Invalid query.')
+ return
+
+ if cmd == 'exit':
+ sys.exit(1)
+
+ if cmd == 'update-db':
+ update_handler = Updater()
+ db_ver = update_handler.get_maldb_ver()
+ update_handler.update_db(db_ver)
+ return
+
+ if cmd == 'report-mal':
+ rprt_name = raw_input("Name of malware: ")
+ rprt_type = raw_input("Type of malware: ")
+ rprt_version = raw_input("Version: ")
+ rprt_lang = raw_input("Language: ")
+ rprt_src = raw_input("Source / Binary (s/b): ")
+ rprt_arch = raw_input("Win32, ARM etc. ? ")
+ rprt_reporter = raw_input(
+ "Your name for a thank you note on theZoo.\n"
+ "Please notice that this will be public!\n\nName: ")
+ rprt_comments = raw_input("Comments? ")
+
+ report = ("//%s//\n" % rprt_name)
+ report += ("///type/%s///\n" % rprt_type)
+ report += ("///ver/%s///\n" % rprt_version)
+ report += ("///lang/%s///\n" % rprt_lang)
+ report += ("///src/%s///\n" % rprt_src)
+ report += ("///arch/%s///\n" % rprt_arch)
+ report += ("//reporter/%s//\n" % rprt_reporter)
+ report += ("//comments/%s//\n" % rprt_comments)
+
+ # Just to avoid bots spamming us...
+ email = "info"
+ email += "\x40"
+ email += "morirt\x2ecom"
+ print("-------------- Begin of theZoo Report --------------")
+ print(report)
+ print("-------------- Ending of theZoo Report --------------")
+ print("To avoid compromising your privacy we have chose this method of reporting.")
+ print("If you have not stated your name we will not write a thanks in our README.")
+ print("Your email will remain private in scenario and will not be published.")
+ print("")
+ print("Please create an archive file with the structure described in the README file")
+ print("And attach it to the email. ")
+ print("Please send this report to %s" % email)
+
+ return
+
+ if cmd == 'get':
+ update_handler = Updater()
+ try:
+ update_handler.get_malware(self.currentmodule)
+ except:
+ print(red('[-] ') + 'Error getting malware.')
+ return
+ # If used the 'use' command
+ if re.match('^use', cmd):
+ try:
+ cmd = re.split('\s+', cmd)
+ self.currentmodule = int(cmd[1])
+ cmd = ''
+ except TypeError:
+ print('Please enter malware ID')
+ except:
+ print('The use method needs an argument.')
+ return
+
+ if cmd == 'list all':
+ print("\nAvailable Payloads:")
+ manySearch = manysearches.MuchSearch()
+ manySearch.print_payloads(self.db.get_mal_list(), ["%", "Name", "Type"])
+ return
+
+ if cmd == 'info':
+ if self.currentmodule is None:
+ print(red("[!] ") + "First select a malware using the \'use\' command")
+ return
+ m = self.db.get_mal_info(self.currentmodule)
+ manySearch = manysearches.MuchSearch()
+ manySearch.print_payloads(m, ["%", "Name", "Ver.", "Author", "Lang", "Date", "Arch.", "Plat.", "Tags"])
+ return
+
+ if cmd == 'quit':
+ print(":(")
+ sys.exit(1)
+
+ except KeyboardInterrupt:
+ print("\n\nI'll just go now...")
+ sys.exit()
diff --git a/imports/update_handler.py b/imports/update_handler.py
index ea2ed39f..188c9771 100644
--- a/imports/update_handler.py
+++ b/imports/update_handler.py
@@ -1,33 +1,32 @@
#!/usr/bin/env python
- # Malware DB - the most awesome free malware database on the air
- # Copyright (C) 2014, Yuval Nativ, Lahad Ludar, 5Fingers
+ # Malware DB - the most awesome free malware database on the air
+ # Copyright (C) 2014, Yuval Nativ, Lahad Ludar, 5Fingers
- # This program is free software: you can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by
- # the Free Software Foundation, either version 3 of the License, or
- #(at your option) any later version.
+ # This program is free software: you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+ # the Free Software Foundation, either version 3 of the License, or
+ #(at your option) any later version.
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
+ # This program is distributed in the hope that it will be useful,
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ # GNU General Public License for more details.
- # You should have received a copy of the GNU General Public License
- # along with this program. If not, see .
+ # You should have received a copy of the GNU General Public License
+ # along with this program. If not, see .
import sys
-
from os import remove, rename
# Compatilibility to Python3
if sys.version_info.major == 3:
- from urllib.request import urlopen
+ from urllib.request import urlopen
elif sys.version_info.major == 2:
- from urllib2 import urlopen
- import urllib2
+ from urllib2 import urlopen
+ import urllib2
else:
- sys.stderr.write("What kind of sorcery is this?!\n")
+ sys.stderr.write("What kind of sorcery is this?!\n")
from imports import globals
from imports import db_handler
@@ -35,104 +34,94 @@
class Updater:
- def __init__(self):
- self.db = db_handler.DBHandler()
-
- def get_maldb_ver(self):
- '''
- Get current malwareDB version and see if we need an update
- '''
- try:
- with file(globals.vars.maldb_ver_file) as f:
- return f.read()
- except IOError:
- print(
- "No malware DB version file found.\nPlease try to git clone the repository again.\n")
- return 0
-
- def update_db(self, curr_db_version):
- '''
- Just update the database from GitHub
- :return:
- '''
- if globals.vars.DEBUG_LEVEL is 1:
- print(locals())
- response = urlopen(
- globals.vars.giturl_dl + globals.vars.maldb_ver_file)
- new_maldb_ver = response.read()
- if new_maldb_ver == curr_db_version:
- print(green('[+]') + " theZoo is up to date.\n" + green('[+]') + " You are at " + new_maldb_ver + " which is the latest version.")
- return
-
- print(red('[+]') + " A newer version is available: " + new_maldb_ver + "!")
- print(red('[+]') + " Updating...")
-
- # Get the new DB and update it
-
- self.download_from_repo(globals.vars.db_path)
- self.db.close_connection()
- remove(globals.vars.db_path)
- rename("maldb.db", globals.vars.db_path)
- self.db.renew_connection()
-
- # Write the new DB version into the file
-
- f = open(globals.vars.maldb_ver_file, 'w')
- f.write(new_maldb_ver)
- f.close()
- return
-
- def get_malware(self, id):
-
- # get mal location
-
- loc = self.db.query("SELECT LOCATION FROM MALWARES WHERE ID=?", id)[0][0]
-
- # get from git
- if self.download_from_repo(loc, '.zip') is False:
- return False
- if self.download_from_repo(loc, '.pass') is False:
- return False
- if self.download_from_repo(loc, '.md5') is False:
- return False
- if self.download_from_repo(loc, '.sha256') is False:
- return False
- print(bold(green("[+]")) + " Successfully downloaded a new friend.\n")
-
- def download_from_repo(self, filepath, suffix=''):
- if globals.vars.DEBUG_LEVEL is 1:
- print(locals())
- file_name = filepath.rsplit('/')[-1] + suffix
-
- # Dirty way to check if we're downloading a malware
-
- if suffix is not '':
- url = globals.vars.giturl_dl + filepath + '/' + file_name
- else:
- url = globals.vars.giturl_dl + filepath
- try:
- u = urlopen(url)
- except:
- print(bold(red("[!]")) + " Probably path name in git vs. sqlite does not match.")
- print(bold(red("[!]")) + " Please try and go to %s or report the malware ID so we can fix it." % url)
- return False
-
- f = open(file_name, 'wb')
- meta = u.info()
- file_size = int(meta.getheaders("Content-Length")[0])
- print("Downloading: %s Bytes: %s" % (file_name, file_size))
- file_size_dl = 0
- block_sz = 8192
- while True:
- buffer = u.read(block_sz)
- if not buffer:
- break
- file_size_dl += len(buffer)
- f.write(buffer)
- status = r"%10d [%3.2f%%]" % (
- file_size_dl, file_size_dl * 100. / file_size)
- status = status + chr(8) * (len(status) + 1)
- sys.stdout.write('\r' + status)
- f.close()
- print("\n")
- return True
+ def __init__(self):
+ self.db = db_handler.DBHandler()
+
+ def get_maldb_ver(self):
+ '''
+ Get current malwareDB version and see if we need an update
+ '''
+ try:
+ with file(globals.vars.maldb_ver_file) as f:
+ return f.read()
+ except IOError:
+ print(
+ "No malware DB version file found.\nPlease try to git clone the repository again.\n")
+ return 0
+
+ def update_db(self, curr_db_version):
+ '''
+ Just update the database from GitHub
+ :return:
+ '''
+ if globals.vars.DEBUG_LEVEL is 1:
+ print(locals())
+ response = urlopen(
+ globals.vars.giturl_dl + globals.vars.maldb_ver_file)
+ new_maldb_ver = response.read()
+ if new_maldb_ver == curr_db_version:
+ print(green('[+]') + " theZoo is up to date.\n" + green('[+]') + " You are at " + new_maldb_ver + " which is the latest version.")
+ return
+
+ print(red('[+]') + " A newer version is available: " + new_maldb_ver + "!")
+ print(red('[+]') + " Updating...")
+
+ # Get the new DB and update it
+
+ self.download_from_repo(globals.vars.db_path)
+ self.db.close_connection()
+ remove(globals.vars.db_path)
+ rename("maldb.db", globals.vars.db_path)
+ self.db.renew_connection()
+
+ # Write the new DB version into the file
+
+ f = open(globals.vars.maldb_ver_file, 'w')
+ f.write(new_maldb_ver)
+ f.close()
+ return
+
+ def get_malware(self, id):
+
+ # get mal location
+
+ loc = self.db.query("SELECT LOCATION FROM MALWARES WHERE ID=?", id)[0][0]
+
+ # get from git
+
+ self.download_from_repo(loc, '.zip')
+ self.download_from_repo(loc, '.pass')
+ self.download_from_repo(loc, '.md5')
+ self.download_from_repo(loc, '.sha256')
+ print(bold(green("[+]")) + " Successfully downloaded a new friend.\n")
+
+ def download_from_repo(self, filepath, suffix=''):
+ if globals.vars.DEBUG_LEVEL is 1:
+ print(locals())
+ file_name = filepath.rsplit('/')[-1] + suffix
+
+ # Dirty way to check if we're downloading a malware
+
+ if suffix is not '':
+ url = globals.vars.giturl_dl + filepath + '/' + file_name
+ else:
+ url = globals.vars.giturl_dl + filepath
+ u = urlopen(url)
+ f = open(file_name, 'wb')
+ meta = u.info()
+ file_size = int(meta.getheaders("Content-Length")[0])
+ print("Downloading: %s Bytes: %s" % (file_name, file_size))
+ file_size_dl = 0
+ block_sz = 8192
+ while True:
+ buffer = u.read(block_sz)
+ if not buffer:
+ break
+ file_size_dl += len(buffer)
+ f.write(buffer)
+ status = r"%10d [%3.2f%%]" % (
+ file_size_dl, file_size_dl * 100. / file_size)
+ status = status + chr(8) * (len(status) + 1)
+ sys.stdout.write('\r' + status)
+ f.close()
+ print("\n")
diff --git a/malwares/Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013.pass b/malwares/Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013.pass
index 81c545ef..ba701bf5 100644
--- a/malwares/Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013.pass
+++ b/malwares/Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013.pass
@@ -1 +1 @@
-1234
+infected
diff --git a/malwares/Binaries/Android.Skygofree/SkyGoFree.md5 b/malwares/Binaries/Android.Skygofree/SkyGoFree.md5
deleted file mode 100644
index cd8544f1..00000000
--- a/malwares/Binaries/Android.Skygofree/SkyGoFree.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (SkyGoFree.zip) = 8de4b0e8bab8fc35375e20650eae4230
diff --git a/malwares/Binaries/Android.Skygofree/SkyGoFree.pass b/malwares/Binaries/Android.Skygofree/SkyGoFree.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Android.Skygofree/SkyGoFree.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Android.Skygofree/SkyGoFree.sha1 b/malwares/Binaries/Android.Skygofree/SkyGoFree.sha1
deleted file mode 100644
index 024ae196..00000000
--- a/malwares/Binaries/Android.Skygofree/SkyGoFree.sha1
+++ /dev/null
@@ -1 +0,0 @@
-a33d3531d91beccbd380673f14e8380e251469b7 SkyGoFree.zip
diff --git a/malwares/Binaries/Android.Skygofree/SkyGoFree.zip b/malwares/Binaries/Android.Skygofree/SkyGoFree.zip
deleted file mode 100644
index 407238e6..00000000
Binary files a/malwares/Binaries/Android.Skygofree/SkyGoFree.zip and /dev/null differ
diff --git a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.md5 b/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.md5
deleted file mode 100644
index 8ac36f6b..00000000
--- a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.md5
+++ /dev/null
@@ -1 +0,0 @@
-390e66ffaccaa557a8d5c43c8f3a20a9
diff --git a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.pass b/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.sha256 b/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.sha256
deleted file mode 100644
index 1e676c4f..00000000
--- a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.sha256
+++ /dev/null
@@ -1 +0,0 @@
-254c1f16c8aa4c4c033e925b629d9a74ccb76ebf76204df7807b84a593f38dc0
diff --git a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.zip b/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.zip
deleted file mode 100644
index 737269ca..00000000
Binary files a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.zip and /dev/null differ
diff --git a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.md5 b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.md5
index 54cdcc20..de92998b 100644
--- a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.md5
+++ b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.md5
@@ -1 +1 @@
-49fb03c99aef6941045d16d82b315db0 EquationGroup.EquationLaser.zip
+362c95d2710dbbd3aebcfb7748cce561 EquationGroup.EquationLaser.zip
diff --git a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.sha256 b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.sha256
index 3c0a22ad..a9054a0f 100644
--- a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.sha256
+++ b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.sha256
@@ -1 +1 @@
-7fb978032849125ecade00e3bd5baa65b2d75c91fa0eb3d7eca559cda4adfaab EquationGroup.EquationLaser.zip
+7a23cccc550ef10ecd6f573380334ef95b3b72da7e30f247fcadb2a231e7ed1a EquationGroup.EquationLaser.zip
diff --git a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.zip b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.zip
index 3c35d96a..58d6731d 100644
Binary files a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.zip and b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.zip differ
diff --git a/malwares/Binaries/EquationGroup/EquationGroup.zip b/malwares/Binaries/EquationGroup/EquationGroup.zip
index ec449a9b..a38ac442 100644
Binary files a/malwares/Binaries/EquationGroup/EquationGroup.zip and b/malwares/Binaries/EquationGroup/EquationGroup.zip differ
diff --git a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.md5 b/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.md5
deleted file mode 100644
index feff3210..00000000
--- a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (FancyBear.GermanParliament) = 77e7fb6b56c3ece4ef4e93b6dc608be0
diff --git a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.pass b/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.sha256 b/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.sha256
deleted file mode 100644
index a638e146..00000000
--- a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.sha256
+++ /dev/null
@@ -1 +0,0 @@
-f46f84e53263a33e266aae520cb2c1bd0a73354e FancyBear.GermanParliament
diff --git a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.zip b/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.zip
deleted file mode 100644
index 43c89aaf..00000000
Binary files a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.zip and /dev/null differ
diff --git a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.md5 b/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.md5
deleted file mode 100644
index 859c4f98..00000000
--- a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.md5
+++ /dev/null
@@ -1 +0,0 @@
-b643673e1f2b0496785873657e56b03f Linux.Encoder.1.zip
diff --git a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.pass b/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.sha256 b/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.sha256
deleted file mode 100644
index f2c6068e..00000000
--- a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.sha256
+++ /dev/null
@@ -1 +0,0 @@
-3a94a6420474ab40a0dbc3bbe2f367c497e26df8dc161bb2f6e175bce217d738 Linux.Encoder.1.zip
diff --git a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.zip b/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.zip
deleted file mode 100644
index 7df1b02e..00000000
Binary files a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.zip and /dev/null differ
diff --git a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.md5 b/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.md5
deleted file mode 100644
index e59fce3b..00000000
--- a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.md5
+++ /dev/null
@@ -1 +0,0 @@
-566119e4e5f4bda545b3b8af33c23698
diff --git a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.pass b/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.sha256 b/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.sha256
deleted file mode 100644
index cc9820f9..00000000
--- a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.sha256
+++ /dev/null
@@ -1 +0,0 @@
-523d40c69b0972ddeff0682fcb569e8a346cf10b2894479ab227bbb24e19846e
diff --git a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.zip b/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.zip
deleted file mode 100644
index 912e56e2..00000000
Binary files a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.md5 b/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.md5
deleted file mode 100644
index 5e8784bd..00000000
--- a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.md5
+++ /dev/null
@@ -1 +0,0 @@
-126e7840a978ae90dfa731a66afbe9be
diff --git a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.pass b/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.sha256 b/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.sha256
deleted file mode 100644
index ce3d1a79..00000000
--- a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.sha256
+++ /dev/null
@@ -1 +0,0 @@
-9812152828862aa4b906049e83017fa02dea27e76b2543a7121ac259cafea722
diff --git a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.zip b/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.zip
deleted file mode 100644
index 90b86b31..00000000
Binary files a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.md5 b/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.md5
deleted file mode 100644
index 2dad6bd8..00000000
--- a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (OSX.HellRaiser.zip) = 1a4685398fa5bc12ef2b466fcf0915dd
diff --git a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.pass b/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.sha1 b/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.sha1
deleted file mode 100644
index d7b1a9cf..00000000
--- a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.sha1
+++ /dev/null
@@ -1 +0,0 @@
-50e99528b12feaaff8861842a96a850efc046cdd OSX.HellRaiser.zip
diff --git a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.zip b/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.zip
deleted file mode 100644
index 3ec08bdd..00000000
Binary files a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.md5 b/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.md5
deleted file mode 100644
index 7356c8fd..00000000
--- a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (OSX.JacksBot.zip) = ac61a733428ce8ab28e71ba6958b3548
diff --git a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.pass b/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.sha b/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.sha
deleted file mode 100644
index b55ddb7f..00000000
--- a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.sha
+++ /dev/null
@@ -1 +0,0 @@
-8cb274ab2388ec04ac4894bd9127e33651fe8c22 OSX.JacksBot.zip
diff --git a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.zip b/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.zip
deleted file mode 100644
index 37c87879..00000000
Binary files a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.md5 b/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.md5
deleted file mode 100644
index 582ad2c4..00000000
--- a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (OSX.MacSecurity.zip) = 288ab0eb964e2a4137fe2dd1a90a731e
diff --git a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.pass b/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.sha b/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.sha
deleted file mode 100644
index ac891cd4..00000000
--- a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.sha
+++ /dev/null
@@ -1 +0,0 @@
-aa10b834528f9bbcfe7cfd5772338258cefe277f OSX.MacSecurity.zip
diff --git a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.zip b/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.zip
deleted file mode 100644
index f8bff7fd..00000000
Binary files a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.md5 b/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.md5
deleted file mode 100644
index 5db1910d..00000000
--- a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (OSX.OceanLotus.A.B.zip) = d81c8b4cbc328e59ab6db6bd0f17a505
diff --git a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.pass b/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.sha b/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.sha
deleted file mode 100644
index 3c4bdcbd..00000000
--- a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.sha
+++ /dev/null
@@ -1 +0,0 @@
-240d5953cda3ec0886cc2cece02788a61a89ca47 OSX.OceanLotus.A.B.zip
diff --git a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.zip b/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.zip
deleted file mode 100644
index 314fc1c2..00000000
Binary files a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.XAgent/OSX.XAgent.md5 b/malwares/Binaries/OSX.XAgent/OSX.XAgent.md5
deleted file mode 100644
index 42fb52fb..00000000
--- a/malwares/Binaries/OSX.XAgent/OSX.XAgent.md5
+++ /dev/null
@@ -1 +0,0 @@
-362030ad87f0c0aaba1788925d3b5892 OSX.XAgent.zip
diff --git a/malwares/Binaries/OSX.XAgent/OSX.XAgent.pass b/malwares/Binaries/OSX.XAgent/OSX.XAgent.pass
deleted file mode 100644
index cba4e8bb..00000000
--- a/malwares/Binaries/OSX.XAgent/OSX.XAgent.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.XAgent/OSX.XAgent.sha256 b/malwares/Binaries/OSX.XAgent/OSX.XAgent.sha256
deleted file mode 100644
index 8f49de8d..00000000
--- a/malwares/Binaries/OSX.XAgent/OSX.XAgent.sha256
+++ /dev/null
@@ -1 +0,0 @@
-cbd27c64e557c15f7dd12528a96595717008569594b5c1b9760c6c6d6c08263b OSX.XAgent.zip
diff --git a/malwares/Binaries/OSX.XAgent/OSX.XAgent.zip b/malwares/Binaries/OSX.XAgent/OSX.XAgent.zip
deleted file mode 100644
index 5b4f8bc9..00000000
Binary files a/malwares/Binaries/OSX.XAgent/OSX.XAgent.zip and /dev/null differ
diff --git a/malwares/Binaries/Proteus/Proteus.md5 b/malwares/Binaries/Proteus/Proteus.md5
deleted file mode 100644
index 2bff40e3..00000000
--- a/malwares/Binaries/Proteus/Proteus.md5
+++ /dev/null
@@ -1 +0,0 @@
-49fd4020bf4d7bd23956ea892e6860e9
diff --git a/malwares/Binaries/Proteus/Proteus.pass b/malwares/Binaries/Proteus/Proteus.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Proteus/Proteus.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Proteus/Proteus.sha256 b/malwares/Binaries/Proteus/Proteus.sha256
deleted file mode 100644
index 9609cd17..00000000
--- a/malwares/Binaries/Proteus/Proteus.sha256
+++ /dev/null
@@ -1 +0,0 @@
-d23b4a30f6b1f083ce86ef9d8ff434056865f6973f12cb075647d013906f51a2
diff --git a/malwares/Binaries/Proteus/Proteus.zip b/malwares/Binaries/Proteus/Proteus.zip
deleted file mode 100644
index 8465b225..00000000
Binary files a/malwares/Binaries/Proteus/Proteus.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.md5 b/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.md5
deleted file mode 100644
index 3df83206..00000000
--- a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.md5
+++ /dev/null
@@ -1 +0,0 @@
-8b6bc16fd137c09a08b02bbe1bb7d670
diff --git a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.pass b/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.sha256 b/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.sha256
deleted file mode 100644
index 3210ff5e..00000000
--- a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.sha256
+++ /dev/null
@@ -1 +0,0 @@
-e67834d1e8b38ec5864cfa101b140aeaba8f1900a6e269e6a94c90fcbfe56678
diff --git a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.zip b/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.zip
deleted file mode 100644
index c82f9441..00000000
Binary files a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.md5 b/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.md5
deleted file mode 100644
index b7a906d4..00000000
--- a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.md5
+++ /dev/null
@@ -1 +0,0 @@
-6884a35803f2e795fa4b121f636332b4 Ransomware.Petrwrap.zip
diff --git a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.pass b/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.pass
deleted file mode 100644
index 58737a9c..00000000
--- a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
\ No newline at end of file
diff --git a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.sha256 b/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.sha256
deleted file mode 100644
index c102fedf..00000000
--- a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.sha256
+++ /dev/null
@@ -1 +0,0 @@
-cf01329c0463865422caa595de325e5fe3f7fba44aabebaae11a6adfeb78b91c Ransomware.Petrwrap.zip
diff --git a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.zip b/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.zip
deleted file mode 100644
index 4e7648e5..00000000
Binary files a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.md5 b/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.md5
deleted file mode 100644
index 0b6b72b8..00000000
--- a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Ransomware.Unnamed_0.zip) = abc651b27b067fb13cb11e00d33e5226
diff --git a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.pass b/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.shasum b/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.shasum
deleted file mode 100644
index 252db17d..00000000
--- a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.shasum
+++ /dev/null
@@ -1 +0,0 @@
-1869459025fcf845b90912236af43a5d8d0f14dd Ransomware.Unnamed_0.zip
diff --git a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.zip b/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.zip
deleted file mode 100644
index c7eb177b..00000000
Binary files a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.md5 b/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.md5
deleted file mode 100644
index 4196ad38..00000000
--- a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.md5
+++ /dev/null
@@ -1 +0,0 @@
-84c82835a5d21bbcf75a61706d8ab549
diff --git a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.pass b/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.sha256 b/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.sha256
deleted file mode 100644
index b45195a1..00000000
--- a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.sha256
+++ /dev/null
@@ -1 +0,0 @@
-ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa
diff --git a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip b/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip
deleted file mode 100644
index 4a7b532e..00000000
Binary files a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.md5 b/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.md5
deleted file mode 100644
index 8ffe34e1..00000000
--- a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Wannacry.exe) = 30fe2f9a048d7a734c8d9233f64810ba
diff --git a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.pass b/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.sha b/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.sha
deleted file mode 100644
index 9add984e..00000000
--- a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.sha
+++ /dev/null
@@ -1 +0,0 @@
-2027a053de21bd5c783c3f823ed1d36966780ed4 Win32.Wannacry.exe
diff --git a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.zip b/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.zip
deleted file mode 100644
index b1693e62..00000000
Binary files a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.zip and /dev/null differ
diff --git a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.md5 b/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.md5
deleted file mode 100644
index 1d4e372f..00000000
--- a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.md5
+++ /dev/null
@@ -1 +0,0 @@
-15af6227d39ca3f9d1dcd8566efb0057
diff --git a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.pass b/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.sha256 b/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.sha256
deleted file mode 100644
index 0f97cc9d..00000000
--- a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.sha256
+++ /dev/null
@@ -1 +0,0 @@
-40050153dceec2c8fbb1912f8eeabe449d1e265f0c8198008be8b34e5403e731
diff --git a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.zip b/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.zip
deleted file mode 100644
index e23c2de7..00000000
Binary files a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.md5 b/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.md5
deleted file mode 100644
index 640dc941..00000000
--- a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (m) = f8c8f6456c5a52ef24aa426e6b121685
diff --git a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.pass b/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.sha256 b/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.sha256
deleted file mode 100644
index aa5ec75e..00000000
--- a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.sha256
+++ /dev/null
@@ -1 +0,0 @@
-83e54cb97644de7084126e702937f8c3a2486a2f m
diff --git a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.zip b/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.zip
deleted file mode 100644
index 4191afcb..00000000
Binary files a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.md5 b/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.md5
deleted file mode 100644
index 0d5f94c7..00000000
--- a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.md5
+++ /dev/null
@@ -1 +0,0 @@
-5458a2e4d784abb1a1127263bd5006b5
diff --git a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.pass b/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.sha267 b/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.sha267
deleted file mode 100644
index 0eb4aaaa..00000000
--- a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.sha267
+++ /dev/null
@@ -1 +0,0 @@
-c161134bf3330c82eb0278fe54b2975c26301bdfdc4fc35d5344f9becf5574c7
diff --git a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.zip b/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.zip
deleted file mode 100644
index 0b424679..00000000
Binary files a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.md5 b/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.md5
deleted file mode 100644
index 670e6e46..00000000
--- a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.AgentTesla.exe) = 2b294b3499d1cce794badffc959b7618
diff --git a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.pass b/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.sha1 b/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.sha1
deleted file mode 100644
index 67bfba78..00000000
--- a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.sha1
+++ /dev/null
@@ -1 +0,0 @@
-9aa826795798948e8058e3ff1342d81d5d8ee4fa Win32.AgentTesla.exe
diff --git a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.zip b/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.zip
deleted file mode 100644
index 062c10df..00000000
Binary files a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.md5 b/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.md5
deleted file mode 100644
index 5e0fcc8b..00000000
--- a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.EternalRocks.zip) = 4f18cdbcc1d0e71c3a984a6db0beadde
diff --git a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.pass b/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.shasum b/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.shasum
deleted file mode 100644
index 8c47d89f..00000000
--- a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.shasum
+++ /dev/null
@@ -1 +0,0 @@
-63e46767d0b55f389f1efba522bbdbbef163ece1 Win32.EternalRocks.zip
diff --git a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.zip b/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.zip
deleted file mode 100644
index f6b049f2..00000000
Binary files a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.md5 b/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.md5
deleted file mode 100644
index 99963ede..00000000
--- a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.GravityRAT.zip) = 3ac1ede478f83cd857b5e4fcd06ef1cc
diff --git a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.pass b/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.shasum b/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.shasum
deleted file mode 100644
index 01db9317..00000000
--- a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.shasum
+++ /dev/null
@@ -1 +0,0 @@
-39f3381d551bb4e566519894e898defef77faf7c Win32.GravityRAT.zip
diff --git a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.zip b/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.zip
deleted file mode 100644
index 8a56e119..00000000
Binary files a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.md5 b/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.md5
deleted file mode 100644
index 3561ae3b..00000000
--- a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (b81b10bdf4f29347979ea8a1715cbfc560e3452ba9fffcc33cd19a3dc47083a4) = ad44a7c5e18e9958dda66ccfc406cd44
diff --git a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.pass b/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.sha256 b/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.sha256
deleted file mode 100644
index e6226942..00000000
--- a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.sha256
+++ /dev/null
@@ -1 +0,0 @@
-e2101519714f8a4056a9de18443bc6e8a1f1b977 b81b10bdf4f29347979ea8a1715cbfc560e3452ba9fffcc33cd19a3dc47083a4
diff --git a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.zip b/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.zip
deleted file mode 100644
index dd8f6bda..00000000
Binary files a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.md5 b/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.md5
deleted file mode 100644
index 6d3e83e1..00000000
--- a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Sofacy.A) = ed7f6260dec470e81dafb0e63bafb5ae
diff --git a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.pass b/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.sha256 b/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.sha256
deleted file mode 100644
index 83ff0d90..00000000
--- a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.sha256
+++ /dev/null
@@ -1 +0,0 @@
-72cfd996957bde06a02b0adb2d66d8aa9c25bf37 Win32.Sofacy.A
diff --git a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.zip b/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.zip
deleted file mode 100644
index 0016974c..00000000
Binary files a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.md5 b/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.md5
deleted file mode 100644
index 10ce2d80..00000000
--- a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.SofacyCarberp.zip) = 003b2c09b78db2b8ddbf043051dd7d00
diff --git a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.pass b/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.sha b/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.sha
deleted file mode 100644
index ba8d9fd8..00000000
--- a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.sha
+++ /dev/null
@@ -1 +0,0 @@
-998e2429365040f9e8f8eecdf8576425dd8ab233 Win32.SofacyCarberp.zip
diff --git a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.zip b/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.zip
deleted file mode 100644
index 1b7f37f7..00000000
Binary files a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.md5 b/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.md5
deleted file mode 100644
index 284b99ed..00000000
--- a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Unclassified.zip) = aed0d25af8dbf513a0cdba6c1a144ec0
diff --git a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.pass b/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.shasum b/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.shasum
deleted file mode 100644
index d3edd1e6..00000000
--- a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.shasum
+++ /dev/null
@@ -1 +0,0 @@
-82f8d9bbce6d6bc55738686a9f095c8419ab54d6 Win32.Unclassified.zip
diff --git a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.zip b/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.zip
deleted file mode 100644
index 06c01ac3..00000000
Binary files a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.md5 b/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.md5
deleted file mode 100644
index d1c61815..00000000
--- a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Unknown_SpectreMeltdown) = b6b9c196d7a9b0058330b998f461ee52
diff --git a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.pass b/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.shasum b/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.shasum
deleted file mode 100644
index 39740773..00000000
--- a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.shasum
+++ /dev/null
@@ -1 +0,0 @@
-b7154a6288fec8697915b495d33c940272c05eaf Win32.Unknown_SpectreMeltdown
diff --git a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.zip b/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.zip
deleted file mode 100644
index f2d35699..00000000
Binary files a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.md5 b/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.md5
deleted file mode 100644
index bed3a043..00000000
--- a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Unnamed_SpecMelt) = 8f188da25ac5dcdaf4bba56d84d83c56
diff --git a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.pass b/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.shasum b/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.shasum
deleted file mode 100644
index 3a4867c3..00000000
--- a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.shasum
+++ /dev/null
@@ -1 +0,0 @@
-a6ccf55c80df1151667edda4a3969929937ee6ec Win32.Unnamed_SpecMelt
diff --git a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.zip b/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.zip
deleted file mode 100644
index 577a1ecd..00000000
Binary files a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.md5 b/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.md5
deleted file mode 100644
index 9f0e8264..00000000
--- a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.VBS.APT34Dropper) = b2d13a336a3eb7bd27612be7d4e334df
diff --git a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.pass b/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.shasum b/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.shasum
deleted file mode 100644
index 0b4caee0..00000000
--- a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.shasum
+++ /dev/null
@@ -1 +0,0 @@
-b20f3ded053b0acca2feeebf8215295740235b8f Win32.VBS.APT34Dropper
diff --git a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.zip b/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.zip
deleted file mode 100644
index 237f802f..00000000
Binary files a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.md5 b/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.md5
deleted file mode 100644
index 1d3d6ba2..00000000
--- a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.WannaPeace.exe) = eefa6f98681d78b63f15d7e58934c6cc
diff --git a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.pass b/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.sha b/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.sha
deleted file mode 100644
index 858eaed2..00000000
--- a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.sha
+++ /dev/null
@@ -1 +0,0 @@
-586b5a65430263f62d656c96624967122568e274 Win32.WannaPeace.exe
diff --git a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.zip b/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.zip
deleted file mode 100644
index 0aee4b36..00000000
Binary files a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.zip and /dev/null differ
diff --git a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.md5 b/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.md5
deleted file mode 100644
index 4f945bb7..00000000
--- a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win64.Trojan.GreenBug) = 786e61331a1e84b7fe26c254de0280ad
diff --git a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.pass b/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.shasum b/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.shasum
deleted file mode 100644
index ea3a051f..00000000
--- a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.shasum
+++ /dev/null
@@ -1 +0,0 @@
-0d30f71967200c7508c4b9789951bd6be8305661 Win64.Trojan.GreenBug
diff --git a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.zip b/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.zip
deleted file mode 100644
index eb3ed727..00000000
Binary files a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.zip and /dev/null differ
diff --git a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.md5 b/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.md5
deleted file mode 100644
index dc981d1f..00000000
--- a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.md5
+++ /dev/null
@@ -1 +0,0 @@
-bc2f12cdc3f5e6dcd523699012e8c22e ExploitKit.DemonHunter.zip
diff --git a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.pass b/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.sha256 b/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.sha256
deleted file mode 100644
index 78bfa6cf..00000000
--- a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.sha256
+++ /dev/null
@@ -1 +0,0 @@
-b69139beb2a5f02e69f8f913ed7211e0d2c345a0cef556108caa69fb503c7148 ExploitKit.DemonHunter.zip
diff --git a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.zip b/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.zip
deleted file mode 100644
index a127e244..00000000
Binary files a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.zip and /dev/null differ
diff --git a/malwares/Source/Original/Rubilyn/Rubilyn.pass b/malwares/Source/Original/Rubilyn/Rubilyn.pass
index ba701bf5..cba4e8bb 100644
--- a/malwares/Source/Original/Rubilyn/Rubilyn.pass
+++ b/malwares/Source/Original/Rubilyn/Rubilyn.pass
@@ -1 +1 @@
-infected
+infected
diff --git a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.md5 b/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.md5
deleted file mode 100644
index 2a60398f..00000000
--- a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.QuasarRAT.zip) = 474f0dd9251ba99461f1a2a23b8f75f5
diff --git a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.pass b/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.pass
deleted file mode 100644
index ba701bf5..00000000
--- a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.shasum b/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.shasum
deleted file mode 100644
index d21d93d2..00000000
--- a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.shasum
+++ /dev/null
@@ -1 +0,0 @@
-89c29039f931e864799fbb70f389e42cf5ac5f77 Win32.QuasarRAT.zip
diff --git a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.zip b/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.zip
deleted file mode 100644
index 70aac22d..00000000
Binary files a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.zip and /dev/null differ
diff --git a/prep_file.py b/prep_file.py
deleted file mode 100644
index be1875f0..00000000
--- a/prep_file.py
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/bin/python
-
-import os
-import sys
-import zipfile
-import hashlib
-import subprocess
-
-
-OUTPUT_FOLDER = "OUTPUT"
-
-
-def _help():
- print("Please run with '%s filename'." % sys.argv[0])
- return
-
-def _Do(file_path):
- if not os.path.isfile(file_path):
- _help()
- print("Seems like '%s' is not a file." % file_path)
- sys.exit(1)
-
- try:
- os.mkdir(OUTPUT_FOLDER)
- except OSError:
- print("Folder exists. Please remove it before continuing.")
- sys.exit(1)
-
- if "\\" in file_path:
- filename = file_path.split("\\")[:-1]
- elif "/" in file_path:
- filename = file_path.split("/")[:-1]
- else:
- filename = file_path
-
- # Create ZIP Archive:
- try:
- rc = subprocess.call(['7z', 'a', '-pinfected', '-y', '%s/%s.zip' % (OUTPUT_FOLDER, filename)] + [file_path])
- except:
- print("Seems like you don't have 7z in your path. Please install or add with:\n\tbrew install 7zip #(OSX)\n\tsudo apt-get install p7zip-full #(Linux)")
- sys.exit(1)
-
- compressed_path = '%s/%s.zip' % (OUTPUT_FOLDER, filename)
- print("Created ZIP Archive.")
- md5sum = hashlib.md5(open(compressed_path, 'rb').read()).hexdigest()
- sha1sum = hashlib.sha1(open(compressed_path, 'rb').read()).hexdigest()
- open("%s/%s.md5" % (OUTPUT_FOLDER, filename), 'w').write(md5sum)
- open("%s/%s.sha" % (OUTPUT_FOLDER, filename), 'w').write(sha1sum)
- open("%s/%s.pass" % (OUTPUT_FOLDER, filename), 'w').write("infected")
- return True
-
-
-if __name__ == "__main__":
- if len(sys.argv) != 2:
- _help()
- sys.exit(1)
- _Do(sys.argv[1])
- print("Please don't forget to add details to 'conf/maldb.db'.")
- print("Thanks for helping us get this accessible to everyone.")
- print("")
diff --git a/theZoo.py b/theZoo.py
index 144a6be9..b5280cb1 100644
--- a/theZoo.py
+++ b/theZoo.py
@@ -77,8 +77,7 @@ def getArgvs():
# Check if update flag is on
if arguments.update_bol == 1:
a = Updater()
- with open('conf/db.ver', 'r') as f:
- a.update_db(f.readline())
+ a.update_db()
sys.exit(1)
# Check if version flag is on