This repository contains a Python script for downloading malware samples from MalwareBazaar, analyzing them, and uploading the results to MISP (Malware Information Sharing Platform & Threat Sharing).
Before running the script, ensure you have the following prerequisites installed and configured:
-
Python 3: Make sure you have Python 3.
-
Required Python Packages: Install the necessary Python packages using
pip
:
pip install requests pymisp rarfile
Before running the script, you need to configure the following variables either in the script itself or by using environment variables or a configuration file:
MISP_URL: The URL of your MISP instance.
MISP_KEY: Your MISP API key.
VT_API_KEY: Your VirusTotal API key.
Run the script using the following command:
python3 malwarebazaar2MISP.py
By default, the script will download malware samples from MalwareBazaar for the previous day. It will then analyze and upload them to your MISP instance. Make sure you have configured the required variables before running the script. You can also configure the script to use environment variables or a configuration file for sensitive information like API keys. This can help keep your credentials secure and separate from the codebase. Alternatively, you can create a configuration file (e.g., config.ini).