adding new versions
adding a script to specify a single campaign related hash
added logics so to know which bundle shall be created depending on the options chosen
Since I'm planning on creating reports from my personal Linux threat projects, I'm already automating some report-formatting for technical people in STIX, which is very helpful for ingesting in general systems such as MISP.
It's recommended to use a virtual environment. Evrything works on python3.
mkdir my_virtual_space
cd my_virtual_space
source bin/activate
Then install all the requirements:
git clone https://git.sr.ht/~alienagain/Stix_stuff
pip3 intall -r requirements.txt
Then try out the hashes:
python3 from_csv/hashes.py from_csv/example_hashes.csv
or the domains:
python3 from_csv/domains.py from_csv/example_domains.csv
The files with the relationships of the example (XMRIG) will be created. Follow the docs to learn more about adding new malware and understanding the logics: