@@ 4,13 4,33 @@ Since I'm planning on creating reports from my personal Linux threat projects, I
## How to
-For malware hashing preparing:
+It's recommended to use a virtual environment. Evrything works on python3.
```
mkdir my_virtual_space
cd my_virtual_space
-source bin/activate
-python malware_hash_indicator.py
+source bin/activate
```
+Then install all the requirements:
-Follow the instructions, and then a `.stix` file will be generated using the name of the threat. Right now the creation and modification times are the same: the one second the script is executed. There's an example of a cryptominer in the example directory.
+```
+git clone https://git.sr.ht/~alienagain/Stix_stuff
+pip3 intall -r requirements.txt
+```
+
+Then try out the hashes:
+
+```
+python3 from_csv/hashes.py from_csv/example_hashes.csv
+```
+
+or the domains:
+
+```
+python3 from_csv/domains.py from_csv/example_domains.csv
+```
+
+The files with the relationships of the example (XMRIG) will be created. Follow the docs to learn more about adding new malware and understanding the logics:
+
+* [How to (extended)](docs/from_csv_to_stix.md)
+* [Making sense of data](docs/making_sense_of_data.md)