diff --git a/.gitignore b/.gitignore
index 6195c6d..3724e6c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,7 +12,6 @@ Thumbs.db
$RECYCLE.BIN/
Desktop.ini
conf/eula_run.conf
-.git/
# Egg
logo/
@@ -33,6 +32,3 @@ develop-eggs/
# Installer logs
pip-log.txt
-
-imports/*.pyd
-imports/*.pyc
diff --git a/README.md b/README.md
index 85e5545..82599a6 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
About
======
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way.
-theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev.
+theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev.
**theZoo is open and welcoming visitors!**
Disclaimer
@@ -15,7 +15,7 @@ We recommend running them in a VM which has no internet connection (or an intern
GPL 3
======
-theZoo - the most awesome free malware database on the air
+theZoo - the most awesome free malware database on the air
Copyright (C) 2015, Yuval Nativ, Lahad Ludar, 5fingers
This program is free software: you can redistribute it and/or modify
@@ -54,10 +54,10 @@ Malware source code :)
## Directory Structure:
Each directory is composed of 4 files:
-- Malware files in an encrypted ZIP archive.
-- SHA256 sum of the 1st file.
+- Malware files in an encrypted ZIP archive.
+- SHA256 sum of the 1st file.
- MD5 sum of the 1st file.
-- Password file for the archive.
+- Password file for the archive.
@@ -86,12 +86,9 @@ An example line will look as follow:
Bugs and Reports
================
-The repository holding all files is currently
+The repository holding all files is currently
https://github.com/ytisf/theZoo
-## Submit Malware
-Get the file you want to submit and just run `python prep_file.py file_tosubmit.exe`. It will create a directory for you. Then just submit that along with the changes to the `conf/maldb.db` so that we know which malware it is.
-
## Change Log for v0.60:
- [x] Moved DB to SQLite3.
- [x] Searching overhaul to a freestyle fashion.
@@ -99,9 +96,9 @@ Get the file you want to submit and just run `python prep_file.py file_tosubmit.
- [x] More & more malwares.
## Change Log for v0.50:
-- [x] Better and easier UI.
-- [x] Aligned printing of malwares.
-- [x] Command line arguments are now working.
+- [x] Better and easier UI.
+- [x] Aligned printing of malwares.
+- [x] Command line arguments are now working.
- [x] Added 10 more malwares (cool ones) to the DB.
## Change Log for v0.42:
@@ -127,7 +124,7 @@ Get the file you want to submit and just run `python prep_file.py file_tosubmit.
## Predicted Change Log for v1.0
- [X] Fix auto-complete for malware frameworks. (thanks to 5fingers)
- [X] Consider changing DB to XML or SQLite3. (Sheksa - done :))
-- [X] Better UI features.
-- [ ] Fix and make 'light' version without malwares with _MalwareFetch function.
+- [ ] Move malwares to another repo.
+- [ ] Better UI features.
If you have any suggestions or malware that you have indexed (in the manner laid out in the documentation) please send it to us to - yuval[]morirt [dot]com - so we can add it for everyones enjoyment.
diff --git a/conf/db.ver b/conf/db.ver
index 7485008..b9edbc9 100644
--- a/conf/db.ver
+++ b/conf/db.ver
@@ -1 +1 @@
-180210052018
+105509082014
\ No newline at end of file
diff --git a/conf/maldb.db b/conf/maldb.db
index 8b43a88..c4047fd 100644
Binary files a/conf/maldb.db and b/conf/maldb.db differ
diff --git a/imports/colors.py b/imports/colors.py
index c169e51..bc7b1d5 100644
--- a/imports/colors.py
+++ b/imports/colors.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python
-import os
+import os
BOLD = ''
NORM = ''
@@ -24,17 +24,6 @@
BOLD = '\033[01m'
UNDERLINE = '\033[04m'
-else:
- PURPLE = ''
- BLUE = ''
- GREEN = ''
- YELLOW = ''
- RED = ''
- WHITE = ''
- MAGENTA = ''
- BOLD = ''
- UNDERLINE = ''
-
def bold(str):
return BOLD + str + WHITE
@@ -58,4 +47,4 @@ def yellow(str):
return YELLOW + str + WHITE
def white(str):
- return WHITE + str + WHITE
+ return WHITE + str + WHITE
\ No newline at end of file
diff --git a/imports/eula_handler.py b/imports/eula_handler.py
index 97d9894..57d9a12 100644
--- a/imports/eula_handler.py
+++ b/imports/eula_handler.py
@@ -42,13 +42,13 @@ def prompt_eula(self):
notice += '| ATTENTION!!! ATTENTION!!! ATTENTION!!! |\n'
notice += '| ' + globals.vars.appname + ' v' + globals.vars.version + ' |\n'
notice += '|___________________________________________________________________________|\n'
- notice += '|This program contains live and dangerous malware files. |\n'
+ notice += '|This program contains live and dangerous malware files |\n'
notice += '|This program is intended to be used only for malware analysis and research |\n'
- notice += '|and by agreeing the EULA you agree to use it only for legal purposes and |\n'
- notice += '|for studying malware. |\n'
+ notice += '|and by agreeing the EULA you agree to only use it for legal purposes and |\n'
+ notice += '|studying malware. |\n'
notice += '|You understand that these file are dangerous and should only be run on VMs |\n'
notice += '|you can control and know how to handle. Running them on a live system will |\n'
- notice += '|infect your machines with live and dangerous malwares! |\n'
+ notice += '|infect you machines will live and dangerous malwares!. |\n'
notice += '|___________________________________________________________________________|\n'
print(red(notice))
eula_answer = raw_input(
diff --git a/imports/globals.py b/imports/globals.py
index 2290a19..4e5a3b0 100644
--- a/imports/globals.py
+++ b/imports/globals.py
@@ -77,10 +77,9 @@ class vars:
# DEBUG_LEVEL 0 = NO DEBUGGING
# DEBUG_LEVEL 1 = DEBUG DOWNLOADS
# DEBUG_LEVEL 2 = DEBUG SQL QUERIES
-
DEBUG_LEVEL = 0
- fulllicense = appname + " Copyright (C) 2017 " + authors + "\n"
+ fulllicense = appname + " Copyright (C) 2016 " + authors + "\n"
fulllicense += "This program comes with ABSOLUTELY NO WARRANTY; for details type '" + \
sys.argv[0] + " -w'.\n"
fulllicense += "This is free software, and you are welcome to redistribute it."
@@ -107,7 +106,7 @@ class vars:
db_ver = f.read()
# ASCII Art is a must...
- screen = random.randrange(1, 6)
+ screen = random.randrange(1, 4)
if screen is 1:
maldb_banner = "\n"
@@ -159,86 +158,3 @@ class vars:
maldb_banner += " built by: " + authors + "\n"
maldb_banner += " maintained by: " + ', '.join(maintainers) + "\n"
maldb_banner += " github: " + giturl + "\n\n"
-
- elif screen is 4:
- maldb_banner = "\n"
- maldb_banner += ". .. .\n"
- maldb_banner += "|\ || /|\n"
- maldb_banner += "| \ || / |\n"
- maldb_banner += "| \ || / |\n"
- maldb_banner += "| :\___JL___/ |\n"
- maldb_banner += "| :|##XLJ: :| |\n"
- maldb_banner += "'\ :|###||: X| /'\n"
- maldb_banner += " \:|###||:X#| /\n"
- maldb_banner += " |==========|\n"
- maldb_banner += " |###XXX;;|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##Xn:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##Xn:: :|\n"
- maldb_banner += " |##XX:: n|\n"
- maldb_banner += " |##XX:: U|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##Xn:: :|\n"
- maldb_banner += " |##XU:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: n|\n"
- maldb_banner += " |##XX:: U|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##XX:: :|\n"
- maldb_banner += " |##Xn:: :|\n"
- maldb_banner += " |##XU:: :|\n"
- maldb_banner += " |##Xn:: :|\ttheZoo " + version + "\n"
- maldb_banner += " |##XU:: :|\t " + giturl + "\n"
- maldb_banner += " |##XX:: :|\tauthors: " + authors + "\n"
- maldb_banner += " |##XX:: :|\tmaintained by: " + ', '.join(maintainers) + "\n"
- maldb_banner += " |##XX:: :|\tgithub: " + giturl + "\n"
- maldb_banner += " |##,_,: :|\n"
- maldb_banner += " |./ T \.:|\n"
- maldb_banner += " || o|o |:|\n"
- maldb_banner += " || | |:|\n"
- maldb_banner += " .============.\n"
- maldb_banner += " .==============.\n"
- maldb_banner += ".================.\n\n"
-
- elif screen is 5:
- maldb_banner = "\n"
- maldb_banner += "_______________________________________\n"
- maldb_banner += "|\ ___________________________________ /|\n"
- maldb_banner += "| | _ _ | |\n"
- maldb_banner += "| |(+) _ _ (+)| |\n"
- maldb_banner += "| | ~ _--/ \--_ ~ | |\n"
- maldb_banner += "| | / / \ \ | |\n"
- maldb_banner += "| | / | | \ | |\n"
- maldb_banner += "| | / | | \ | |\n"
- maldb_banner += "| | | | _______ | | | |\n"
- maldb_banner += "| | | | \ / | | | |\n"
- maldb_banner += "| | \ \_ | | _/ / | |\n"
- maldb_banner += "| | \ -__| |__- / | |\n"
- maldb_banner += "| | \_ _/ | |\n"
- maldb_banner += "| | --__ __-- | |\n"
- maldb_banner += "| | --| |-- | |\n"
- maldb_banner += "| | | | | |\n"
- maldb_banner += "| | | | | |\n"
- maldb_banner += "| | | | |\n"
- maldb_banner += "| | | |\n"
- maldb_banner += "| | T H E Z O O | |\n"
- maldb_banner += "| | I S G O O D F O R Y O U | |\n"
- maldb_banner += "| | _ %s _ | |\n" % version
- maldb_banner += "| |(+) (+)| |\n"
- maldb_banner += "| | ~ ~ | |\n"
- maldb_banner += "|/ ----------------------------------- \|\n"
- maldb_banner += "---------------------------------------\n"
- maldb_banner += "\tmaintained by: %s\n" % ', '.join(maintainers)
- maldb_banner += "\tgiturl: %s\n" % giturl
- maldb_banner += "\tauthors: %s\n" % authors
diff --git a/imports/terminal_handler.py b/imports/terminal_handler.py
index 21928b0..9830f24 100644
--- a/imports/terminal_handler.py
+++ b/imports/terminal_handler.py
@@ -2,9 +2,9 @@
import sys
import rlcompleter
try:
- import readline
+ import readline
except ImportError:
- from imports import winreadline as readline
+ from imports import winreadline as readline
from imports import globals
from imports import manysearches
@@ -14,180 +14,171 @@
# Compatilibility to Python3
if sys.version_info.major == 3:
- raw_input = input
+ raw_input = input
elif sys.version_info.major == 2:
- pass
+ pass
else:
- sys.stderr.write("What kind of sorcery is this?!\n")
+ sys.stderr.write("What kind of sorcery is this?!\n")
class Controller:
- def __init__(self):
- self.modules = None
- self.currentmodule = None
- self.db = db_handler.DBHandler()
- self.commands = [("search", "Search for malwares according to a filter,\n\t\t\te.g 'search cpp worm'."),
- ("list all", "Lists all available modules"),
- ("use", "Selects a malware by ID"),
- ("info", "Retreives information about malware"),
- ("get", "Downloads selected malware"),
- ("report-mal", "Report a malware you found"),
- ("update-db", "Updates the databse"),
- ("help", "Displays this help..."),
- ("exit", "Exits...")]
-
- self.commandsWithoutDescription = {'search': '', 'list all': '', 'use': '', 'info': '',
- 'get': '', 'report-mal': '', 'update-db': '', 'help': '', 'exit': ''}
-
- self.searchmeth = [("arch", "which architecture etc; x86, x64, arm7 so on..."),
- ("plat",
- "platform: win32, win64, mac, android so on..."),
- ("lang", "c, cpp, vbs, bin so on..."),
- ("vip", "1 or 0")]
-
- self.modules = self.GetPayloads()
- completer = globals.Completer(self.commandsWithoutDescription)
-
- readline.parse_and_bind("tab: complete")
- readline.set_completer(completer.complete)
-
- def GetPayloads(self):
- return self.db.get_full_details()
-
- def MainMenu(self):
- # This will give you the nice prompt you like so much
- while (True): # Dont hate, affiliate
- try:
- if self.currentmodule is not None:
- try:
- just_print = self.db.query("SELECT NAME FROM Malwares WHERE ID=?", self.currentmodule)[0][0]
- cmd = raw_input(
- bold(green('mdb ')) + bold(blue(just_print)) + green('#> ')).strip()
- except:
- self.currentmodule = None
- print("You have chosen an index that is out of scope...")
- break
-
- else:
- cmd = raw_input(
- bold(green('mdb ')) + green('#> ')).strip()
- except KeyboardInterrupt:
- print(bold(blue("\n\n[*]")) + " Hope you enjoyed your visit at" + bold(red(" theZoo")) + "!")
- exit()
-
- self.actOnCommand(cmd)
-
- def actOnCommand(self, cmd):
- try:
- while cmd == "":
- return
-
- if cmd == 'help':
- print(" Available commands:\n")
- for (cmd, desc) in self.commands:
- print("\t%s\t%s" % ('{0: <12}'.format(cmd), desc))
- print('')
- return
-
- # Checks if normal or freestyle search
- if re.match('^search', cmd):
- manySearch = manysearches.MuchSearch()
- try:
- args = cmd.rsplit(' ')[1:]
- manySearch.sort(args)
- except:
- print(red('[!]') + 'Uh oh, Invalid query.')
- return
-
- if cmd == 'exit':
- sys.exit(1)
-
- if cmd == 'update-db':
- update_handler = Updater()
- db_ver = update_handler.get_maldb_ver()
- update_handler.update_db(db_ver)
- return
-
- if cmd == 'report-mal':
- rprt_name = raw_input("Name of malware: ")
- rprt_type = raw_input("Type of malware: ")
- rprt_version = raw_input("Version: ")
- rprt_lang = raw_input("Language: ")
- rprt_src = raw_input("Source / Binary (s/b): ")
- rprt_arch = raw_input("Win32, ARM etc. ? ")
- rprt_reporter = raw_input(
- "Your name for a thank you note on theZoo.\n"
- "Please notice that this will be public!\n\nName: ")
- rprt_comments = raw_input("Comments? ")
-
- report = ("//%s//\n" % rprt_name)
- report += ("///type/%s///\n" % rprt_type)
- report += ("///ver/%s///\n" % rprt_version)
- report += ("///lang/%s///\n" % rprt_lang)
- report += ("///src/%s///\n" % rprt_src)
- report += ("///arch/%s///\n" % rprt_arch)
- report += ("//reporter/%s//\n" % rprt_reporter)
- report += ("//comments/%s//\n" % rprt_comments)
-
- # Just to avoid bots spamming us...
- email = "info"
- email += "\x40"
- email += "morirt\x2ecom"
- print("-------------- Begin of theZoo Report --------------")
- print(report)
- print("-------------- Ending of theZoo Report --------------")
- print("To avoid compromising your privacy we have chose this method of reporting.")
- print("If you have not stated your name we will not write a thanks in our README.")
- print("Your email will remain private in scenario and will not be published.")
- print("")
- print("Please create an archive file with the structure described in the README file")
- print("And attach it to the email. ")
- print("Please send this report to %s" % email)
-
- return
-
- if cmd == 'get':
- update_handler = Updater()
- try:
- update_handler.get_malware(self.currentmodule)
- except:
- print(red('[-] ') + 'Error getting malware.')
- return
- # If used the 'use' command
- if re.match('^use', cmd):
- try:
- cmd = re.split('\s+', cmd)
- try:
- self.currentmodule = int(cmd[1])
- except IndexError:
- print("You have chosen an index that is out of DB scale.")
- cmd = ''
- except TypeError:
- print('Please enter malware ID')
- except:
- print('The use method needs an argument [int].')
- return
-
- if cmd == 'list all':
- print("\nAvailable Payloads:")
- manySearch = manysearches.MuchSearch()
- manySearch.print_payloads(self.db.get_mal_list(), ["%", "Name", "Type"])
- return
-
- if cmd == 'info':
- if self.currentmodule is None:
- print(red("[!] ") + "First select a malware using the \'use\' command")
- return
- m = self.db.get_mal_info(self.currentmodule)
- manySearch = manysearches.MuchSearch()
- manySearch.print_payloads(m, ["%", "Name", "Ver.", "Author", "Lang", "Date", "Arch.", "Plat.", "Tags"])
- return
-
- if cmd == 'quit':
- print(":(")
- sys.exit(1)
-
- except KeyboardInterrupt:
- print("\n\nI'll just go now...")
- sys.exit()
+ def __init__(self):
+ self.modules = None
+ self.currentmodule = None
+ self.db = db_handler.DBHandler()
+ self.commands = [("search", "Search for malwares according to a filter,\n\t\t\te.g 'search cpp worm'."),
+ ("list all", "Lists all available modules"),
+ ("use", "Selects a malware by ID"),
+ ("info", "Retreives information about malware"),
+ ("get", "Downloads selected malware"),
+ ("report-mal", "Report a malware you found"),
+ ("update-db", "Updates the databse"),
+ ("help", "Displays this help..."),
+ ("exit", "Exits...")]
+
+ self.commandsWithoutDescription = {'search': '', 'list all': '', 'use': '', 'info': '',
+ 'get': '', 'report-mal': '', 'update-db': '', 'help': '', 'exit': ''}
+
+ self.searchmeth = [("arch", "which architecture etc; x86, x64, arm7 so on..."),
+ ("plat",
+ "platform: win32, win64, mac, android so on..."),
+ ("lang", "c, cpp, vbs, bin so on..."),
+ ("vip", "1 or 0")]
+
+ self.modules = self.GetPayloads()
+ completer = globals.Completer(self.commandsWithoutDescription)
+
+ readline.parse_and_bind("tab: complete")
+ readline.set_completer(completer.complete)
+
+ def GetPayloads(self):
+ return self.db.get_full_details()
+
+ def MainMenu(self):
+ # This will give you the nice prompt you like so much
+ while (True): # Dont hate, affiliate
+ try:
+ if self.currentmodule is not None:
+ just_print = self.db.query("SELECT NAME FROM Malwares WHERE ID=?", self.currentmodule)[0][0]
+ cmd = raw_input(
+ bold(green('mdb ')) + bold(blue(just_print)) + green('#> ')).strip()
+ else:
+ cmd = raw_input(
+ bold(green('mdb ')) + green('#> ')).strip()
+ except KeyboardInterrupt:
+ print(bold(blue("\n\n[*]")) + " Hope you enjoyed your visit at" + bold(red(" theZoo")) + "!")
+ exit()
+
+ self.actOnCommand(cmd)
+
+ def actOnCommand(self, cmd):
+ try:
+ while cmd == "":
+ return
+
+ if cmd == 'help':
+ print(" Available commands:\n")
+ for (cmd, desc) in self.commands:
+ print("\t%s\t%s" % ('{0: <12}'.format(cmd), desc))
+ print('')
+ return
+
+ # Checks if normal or freestyle search
+ if re.match('^search', cmd):
+ manySearch = manysearches.MuchSearch()
+ try:
+ args = cmd.rsplit(' ')[1:]
+ manySearch.sort(args)
+ except:
+ print(red('[!]') + 'Uh oh, Invalid query.')
+ return
+
+ if cmd == 'exit':
+ sys.exit(1)
+
+ if cmd == 'update-db':
+ update_handler = Updater()
+ db_ver = update_handler.get_maldb_ver()
+ update_handler.update_db(db_ver)
+ return
+
+ if cmd == 'report-mal':
+ rprt_name = raw_input("Name of malware: ")
+ rprt_type = raw_input("Type of malware: ")
+ rprt_version = raw_input("Version: ")
+ rprt_lang = raw_input("Language: ")
+ rprt_src = raw_input("Source / Binary (s/b): ")
+ rprt_arch = raw_input("Win32, ARM etc. ? ")
+ rprt_reporter = raw_input(
+ "Your name for a thank you note on theZoo.\n"
+ "Please notice that this will be public!\n\nName: ")
+ rprt_comments = raw_input("Comments? ")
+
+ report = ("//%s//\n" % rprt_name)
+ report += ("///type/%s///\n" % rprt_type)
+ report += ("///ver/%s///\n" % rprt_version)
+ report += ("///lang/%s///\n" % rprt_lang)
+ report += ("///src/%s///\n" % rprt_src)
+ report += ("///arch/%s///\n" % rprt_arch)
+ report += ("//reporter/%s//\n" % rprt_reporter)
+ report += ("//comments/%s//\n" % rprt_comments)
+
+ # Just to avoid bots spamming us...
+ email = "info"
+ email += "\x40"
+ email += "morirt\x2ecom"
+ print("-------------- Begin of theZoo Report --------------")
+ print(report)
+ print("-------------- Ending of theZoo Report --------------")
+ print("To avoid compromising your privacy we have chose this method of reporting.")
+ print("If you have not stated your name we will not write a thanks in our README.")
+ print("Your email will remain private in scenario and will not be published.")
+ print("")
+ print("Please create an archive file with the structure described in the README file")
+ print("And attach it to the email. ")
+ print("Please send this report to %s" % email)
+
+ return
+
+ if cmd == 'get':
+ update_handler = Updater()
+ try:
+ update_handler.get_malware(self.currentmodule)
+ except:
+ print(red('[-] ') + 'Error getting malware.')
+ return
+ # If used the 'use' command
+ if re.match('^use', cmd):
+ try:
+ cmd = re.split('\s+', cmd)
+ self.currentmodule = int(cmd[1])
+ cmd = ''
+ except TypeError:
+ print('Please enter malware ID')
+ except:
+ print('The use method needs an argument.')
+ return
+
+ if cmd == 'list all':
+ print("\nAvailable Payloads:")
+ manySearch = manysearches.MuchSearch()
+ manySearch.print_payloads(self.db.get_mal_list(), ["%", "Name", "Type"])
+ return
+
+ if cmd == 'info':
+ if self.currentmodule is None:
+ print(red("[!] ") + "First select a malware using the \'use\' command")
+ return
+ m = self.db.get_mal_info(self.currentmodule)
+ manySearch = manysearches.MuchSearch()
+ manySearch.print_payloads(m, ["%", "Name", "Ver.", "Author", "Lang", "Date", "Arch.", "Plat.", "Tags"])
+ return
+
+ if cmd == 'quit':
+ print(":(")
+ sys.exit(1)
+
+ except KeyboardInterrupt:
+ print("\n\nI'll just go now...")
+ sys.exit()
diff --git a/imports/update_handler.py b/imports/update_handler.py
index ea2ed39..188c977 100644
--- a/imports/update_handler.py
+++ b/imports/update_handler.py
@@ -1,33 +1,32 @@
#!/usr/bin/env python
- # Malware DB - the most awesome free malware database on the air
- # Copyright (C) 2014, Yuval Nativ, Lahad Ludar, 5Fingers
+ # Malware DB - the most awesome free malware database on the air
+ # Copyright (C) 2014, Yuval Nativ, Lahad Ludar, 5Fingers
- # This program is free software: you can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by
- # the Free Software Foundation, either version 3 of the License, or
- #(at your option) any later version.
+ # This program is free software: you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+ # the Free Software Foundation, either version 3 of the License, or
+ #(at your option) any later version.
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
+ # This program is distributed in the hope that it will be useful,
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ # GNU General Public License for more details.
- # You should have received a copy of the GNU General Public License
- # along with this program. If not, see .
+ # You should have received a copy of the GNU General Public License
+ # along with this program. If not, see .
import sys
-
from os import remove, rename
# Compatilibility to Python3
if sys.version_info.major == 3:
- from urllib.request import urlopen
+ from urllib.request import urlopen
elif sys.version_info.major == 2:
- from urllib2 import urlopen
- import urllib2
+ from urllib2 import urlopen
+ import urllib2
else:
- sys.stderr.write("What kind of sorcery is this?!\n")
+ sys.stderr.write("What kind of sorcery is this?!\n")
from imports import globals
from imports import db_handler
@@ -35,104 +34,94 @@
class Updater:
- def __init__(self):
- self.db = db_handler.DBHandler()
-
- def get_maldb_ver(self):
- '''
- Get current malwareDB version and see if we need an update
- '''
- try:
- with file(globals.vars.maldb_ver_file) as f:
- return f.read()
- except IOError:
- print(
- "No malware DB version file found.\nPlease try to git clone the repository again.\n")
- return 0
-
- def update_db(self, curr_db_version):
- '''
- Just update the database from GitHub
- :return:
- '''
- if globals.vars.DEBUG_LEVEL is 1:
- print(locals())
- response = urlopen(
- globals.vars.giturl_dl + globals.vars.maldb_ver_file)
- new_maldb_ver = response.read()
- if new_maldb_ver == curr_db_version:
- print(green('[+]') + " theZoo is up to date.\n" + green('[+]') + " You are at " + new_maldb_ver + " which is the latest version.")
- return
-
- print(red('[+]') + " A newer version is available: " + new_maldb_ver + "!")
- print(red('[+]') + " Updating...")
-
- # Get the new DB and update it
-
- self.download_from_repo(globals.vars.db_path)
- self.db.close_connection()
- remove(globals.vars.db_path)
- rename("maldb.db", globals.vars.db_path)
- self.db.renew_connection()
-
- # Write the new DB version into the file
-
- f = open(globals.vars.maldb_ver_file, 'w')
- f.write(new_maldb_ver)
- f.close()
- return
-
- def get_malware(self, id):
-
- # get mal location
-
- loc = self.db.query("SELECT LOCATION FROM MALWARES WHERE ID=?", id)[0][0]
-
- # get from git
- if self.download_from_repo(loc, '.zip') is False:
- return False
- if self.download_from_repo(loc, '.pass') is False:
- return False
- if self.download_from_repo(loc, '.md5') is False:
- return False
- if self.download_from_repo(loc, '.sha256') is False:
- return False
- print(bold(green("[+]")) + " Successfully downloaded a new friend.\n")
-
- def download_from_repo(self, filepath, suffix=''):
- if globals.vars.DEBUG_LEVEL is 1:
- print(locals())
- file_name = filepath.rsplit('/')[-1] + suffix
-
- # Dirty way to check if we're downloading a malware
-
- if suffix is not '':
- url = globals.vars.giturl_dl + filepath + '/' + file_name
- else:
- url = globals.vars.giturl_dl + filepath
- try:
- u = urlopen(url)
- except:
- print(bold(red("[!]")) + " Probably path name in git vs. sqlite does not match.")
- print(bold(red("[!]")) + " Please try and go to %s or report the malware ID so we can fix it." % url)
- return False
-
- f = open(file_name, 'wb')
- meta = u.info()
- file_size = int(meta.getheaders("Content-Length")[0])
- print("Downloading: %s Bytes: %s" % (file_name, file_size))
- file_size_dl = 0
- block_sz = 8192
- while True:
- buffer = u.read(block_sz)
- if not buffer:
- break
- file_size_dl += len(buffer)
- f.write(buffer)
- status = r"%10d [%3.2f%%]" % (
- file_size_dl, file_size_dl * 100. / file_size)
- status = status + chr(8) * (len(status) + 1)
- sys.stdout.write('\r' + status)
- f.close()
- print("\n")
- return True
+ def __init__(self):
+ self.db = db_handler.DBHandler()
+
+ def get_maldb_ver(self):
+ '''
+ Get current malwareDB version and see if we need an update
+ '''
+ try:
+ with file(globals.vars.maldb_ver_file) as f:
+ return f.read()
+ except IOError:
+ print(
+ "No malware DB version file found.\nPlease try to git clone the repository again.\n")
+ return 0
+
+ def update_db(self, curr_db_version):
+ '''
+ Just update the database from GitHub
+ :return:
+ '''
+ if globals.vars.DEBUG_LEVEL is 1:
+ print(locals())
+ response = urlopen(
+ globals.vars.giturl_dl + globals.vars.maldb_ver_file)
+ new_maldb_ver = response.read()
+ if new_maldb_ver == curr_db_version:
+ print(green('[+]') + " theZoo is up to date.\n" + green('[+]') + " You are at " + new_maldb_ver + " which is the latest version.")
+ return
+
+ print(red('[+]') + " A newer version is available: " + new_maldb_ver + "!")
+ print(red('[+]') + " Updating...")
+
+ # Get the new DB and update it
+
+ self.download_from_repo(globals.vars.db_path)
+ self.db.close_connection()
+ remove(globals.vars.db_path)
+ rename("maldb.db", globals.vars.db_path)
+ self.db.renew_connection()
+
+ # Write the new DB version into the file
+
+ f = open(globals.vars.maldb_ver_file, 'w')
+ f.write(new_maldb_ver)
+ f.close()
+ return
+
+ def get_malware(self, id):
+
+ # get mal location
+
+ loc = self.db.query("SELECT LOCATION FROM MALWARES WHERE ID=?", id)[0][0]
+
+ # get from git
+
+ self.download_from_repo(loc, '.zip')
+ self.download_from_repo(loc, '.pass')
+ self.download_from_repo(loc, '.md5')
+ self.download_from_repo(loc, '.sha256')
+ print(bold(green("[+]")) + " Successfully downloaded a new friend.\n")
+
+ def download_from_repo(self, filepath, suffix=''):
+ if globals.vars.DEBUG_LEVEL is 1:
+ print(locals())
+ file_name = filepath.rsplit('/')[-1] + suffix
+
+ # Dirty way to check if we're downloading a malware
+
+ if suffix is not '':
+ url = globals.vars.giturl_dl + filepath + '/' + file_name
+ else:
+ url = globals.vars.giturl_dl + filepath
+ u = urlopen(url)
+ f = open(file_name, 'wb')
+ meta = u.info()
+ file_size = int(meta.getheaders("Content-Length")[0])
+ print("Downloading: %s Bytes: %s" % (file_name, file_size))
+ file_size_dl = 0
+ block_sz = 8192
+ while True:
+ buffer = u.read(block_sz)
+ if not buffer:
+ break
+ file_size_dl += len(buffer)
+ f.write(buffer)
+ status = r"%10d [%3.2f%%]" % (
+ file_size_dl, file_size_dl * 100. / file_size)
+ status = status + chr(8) * (len(status) + 1)
+ sys.stdout.write('\r' + status)
+ f.close()
+ print("\n")
diff --git a/malwares/Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013.pass b/malwares/Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013.pass
index 81c545e..ba701bf 100644
--- a/malwares/Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013.pass
+++ b/malwares/Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013.pass
@@ -1 +1 @@
-1234
+infected
diff --git a/malwares/Binaries/Android.Skygofree/SkyGoFree.md5 b/malwares/Binaries/Android.Skygofree/SkyGoFree.md5
deleted file mode 100644
index cd8544f..0000000
--- a/malwares/Binaries/Android.Skygofree/SkyGoFree.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (SkyGoFree.zip) = 8de4b0e8bab8fc35375e20650eae4230
diff --git a/malwares/Binaries/Android.Skygofree/SkyGoFree.pass b/malwares/Binaries/Android.Skygofree/SkyGoFree.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Android.Skygofree/SkyGoFree.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Android.Skygofree/SkyGoFree.sha1 b/malwares/Binaries/Android.Skygofree/SkyGoFree.sha1
deleted file mode 100644
index 024ae19..0000000
--- a/malwares/Binaries/Android.Skygofree/SkyGoFree.sha1
+++ /dev/null
@@ -1 +0,0 @@
-a33d3531d91beccbd380673f14e8380e251469b7 SkyGoFree.zip
diff --git a/malwares/Binaries/Android.Skygofree/SkyGoFree.zip b/malwares/Binaries/Android.Skygofree/SkyGoFree.zip
deleted file mode 100644
index 407238e..0000000
Binary files a/malwares/Binaries/Android.Skygofree/SkyGoFree.zip and /dev/null differ
diff --git a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.md5 b/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.md5
deleted file mode 100644
index 8ac36f6..0000000
--- a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.md5
+++ /dev/null
@@ -1 +0,0 @@
-390e66ffaccaa557a8d5c43c8f3a20a9
diff --git a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.pass b/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.sha256 b/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.sha256
deleted file mode 100644
index 1e676c4..0000000
--- a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.sha256
+++ /dev/null
@@ -1 +0,0 @@
-254c1f16c8aa4c4c033e925b629d9a74ccb76ebf76204df7807b84a593f38dc0
diff --git a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.zip b/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.zip
deleted file mode 100644
index 737269c..0000000
Binary files a/malwares/Binaries/Android.VikingHorde/Android.VikingHorde.zip and /dev/null differ
diff --git a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.md5 b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.md5
index 54cdcc2..de92998 100644
--- a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.md5
+++ b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.md5
@@ -1 +1 @@
-49fb03c99aef6941045d16d82b315db0 EquationGroup.EquationLaser.zip
+362c95d2710dbbd3aebcfb7748cce561 EquationGroup.EquationLaser.zip
diff --git a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.sha256 b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.sha256
index 3c0a22a..a9054a0 100644
--- a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.sha256
+++ b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.sha256
@@ -1 +1 @@
-7fb978032849125ecade00e3bd5baa65b2d75c91fa0eb3d7eca559cda4adfaab EquationGroup.EquationLaser.zip
+7a23cccc550ef10ecd6f573380334ef95b3b72da7e30f247fcadb2a231e7ed1a EquationGroup.EquationLaser.zip
diff --git a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.zip b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.zip
index 3c35d96..58d6731 100644
Binary files a/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.zip and b/malwares/Binaries/EquationGroup.EquationLaser/EquationGroup.EquationLaser.zip differ
diff --git a/malwares/Binaries/EquationGroup/EquationGroup.zip b/malwares/Binaries/EquationGroup/EquationGroup.zip
index ec449a9..a38ac44 100644
Binary files a/malwares/Binaries/EquationGroup/EquationGroup.zip and b/malwares/Binaries/EquationGroup/EquationGroup.zip differ
diff --git a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.md5 b/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.md5
deleted file mode 100644
index feff321..0000000
--- a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (FancyBear.GermanParliament) = 77e7fb6b56c3ece4ef4e93b6dc608be0
diff --git a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.pass b/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.sha256 b/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.sha256
deleted file mode 100644
index a638e14..0000000
--- a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.sha256
+++ /dev/null
@@ -1 +0,0 @@
-f46f84e53263a33e266aae520cb2c1bd0a73354e FancyBear.GermanParliament
diff --git a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.zip b/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.zip
deleted file mode 100644
index 43c89aa..0000000
Binary files a/malwares/Binaries/FancyBear.GermanParliament/FancyBear.GermanParliament.zip and /dev/null differ
diff --git a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.md5 b/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.md5
deleted file mode 100644
index 859c4f9..0000000
--- a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.md5
+++ /dev/null
@@ -1 +0,0 @@
-b643673e1f2b0496785873657e56b03f Linux.Encoder.1.zip
diff --git a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.pass b/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.sha256 b/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.sha256
deleted file mode 100644
index f2c6068..0000000
--- a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.sha256
+++ /dev/null
@@ -1 +0,0 @@
-3a94a6420474ab40a0dbc3bbe2f367c497e26df8dc161bb2f6e175bce217d738 Linux.Encoder.1.zip
diff --git a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.zip b/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.zip
deleted file mode 100644
index 7df1b02..0000000
Binary files a/malwares/Binaries/Linux.Encoder.1/Linux.Encoder.1.zip and /dev/null differ
diff --git a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.md5 b/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.md5
deleted file mode 100644
index e59fce3..0000000
--- a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.md5
+++ /dev/null
@@ -1 +0,0 @@
-566119e4e5f4bda545b3b8af33c23698
diff --git a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.pass b/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.sha256 b/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.sha256
deleted file mode 100644
index cc9820f..0000000
--- a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.sha256
+++ /dev/null
@@ -1 +0,0 @@
-523d40c69b0972ddeff0682fcb569e8a346cf10b2894479ab227bbb24e19846e
diff --git a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.zip b/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.zip
deleted file mode 100644
index 912e56e..0000000
Binary files a/malwares/Binaries/Net-Worm.Win32.Kido/Net-Worm.Win32.Kido.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.md5 b/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.md5
deleted file mode 100644
index 5e8784b..0000000
--- a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.md5
+++ /dev/null
@@ -1 +0,0 @@
-126e7840a978ae90dfa731a66afbe9be
diff --git a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.pass b/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.sha256 b/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.sha256
deleted file mode 100644
index ce3d1a7..0000000
--- a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.sha256
+++ /dev/null
@@ -1 +0,0 @@
-9812152828862aa4b906049e83017fa02dea27e76b2543a7121ac259cafea722
diff --git a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.zip b/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.zip
deleted file mode 100644
index 90b86b3..0000000
Binary files a/malwares/Binaries/OSX.Backdoor.iWorm/OSX.Backdoor.iWorm.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.md5 b/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.md5
deleted file mode 100644
index 2dad6bd..0000000
--- a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (OSX.HellRaiser.zip) = 1a4685398fa5bc12ef2b466fcf0915dd
diff --git a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.pass b/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.sha1 b/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.sha1
deleted file mode 100644
index d7b1a9c..0000000
--- a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.sha1
+++ /dev/null
@@ -1 +0,0 @@
-50e99528b12feaaff8861842a96a850efc046cdd OSX.HellRaiser.zip
diff --git a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.zip b/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.zip
deleted file mode 100644
index 3ec08bd..0000000
Binary files a/malwares/Binaries/OSX.HellRaiser/OSX.HellRaiser.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.md5 b/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.md5
deleted file mode 100644
index 7356c8f..0000000
--- a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (OSX.JacksBot.zip) = ac61a733428ce8ab28e71ba6958b3548
diff --git a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.pass b/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.sha b/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.sha
deleted file mode 100644
index b55ddb7..0000000
--- a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.sha
+++ /dev/null
@@ -1 +0,0 @@
-8cb274ab2388ec04ac4894bd9127e33651fe8c22 OSX.JacksBot.zip
diff --git a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.zip b/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.zip
deleted file mode 100644
index 37c8787..0000000
Binary files a/malwares/Binaries/OSX.JacksBot/OSX.JacksBot.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.md5 b/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.md5
deleted file mode 100644
index 582ad2c..0000000
--- a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (OSX.MacSecurity.zip) = 288ab0eb964e2a4137fe2dd1a90a731e
diff --git a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.pass b/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.sha b/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.sha
deleted file mode 100644
index ac891cd..0000000
--- a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.sha
+++ /dev/null
@@ -1 +0,0 @@
-aa10b834528f9bbcfe7cfd5772338258cefe277f OSX.MacSecurity.zip
diff --git a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.zip b/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.zip
deleted file mode 100644
index f8bff7f..0000000
Binary files a/malwares/Binaries/OSX.MacSecurity/OSX.MacSecurity.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.md5 b/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.md5
deleted file mode 100644
index 5db1910..0000000
--- a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (OSX.OceanLotus.A.B.zip) = d81c8b4cbc328e59ab6db6bd0f17a505
diff --git a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.pass b/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.sha b/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.sha
deleted file mode 100644
index 3c4bdcb..0000000
--- a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.sha
+++ /dev/null
@@ -1 +0,0 @@
-240d5953cda3ec0886cc2cece02788a61a89ca47 OSX.OceanLotus.A.B.zip
diff --git a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.zip b/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.zip
deleted file mode 100644
index 314fc1c..0000000
Binary files a/malwares/Binaries/OSX.OceanLotus/OSX.OceanLotus.A.B.zip and /dev/null differ
diff --git a/malwares/Binaries/OSX.XAgent/OSX.XAgent.md5 b/malwares/Binaries/OSX.XAgent/OSX.XAgent.md5
deleted file mode 100644
index 42fb52f..0000000
--- a/malwares/Binaries/OSX.XAgent/OSX.XAgent.md5
+++ /dev/null
@@ -1 +0,0 @@
-362030ad87f0c0aaba1788925d3b5892 OSX.XAgent.zip
diff --git a/malwares/Binaries/OSX.XAgent/OSX.XAgent.pass b/malwares/Binaries/OSX.XAgent/OSX.XAgent.pass
deleted file mode 100644
index cba4e8b..0000000
--- a/malwares/Binaries/OSX.XAgent/OSX.XAgent.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/OSX.XAgent/OSX.XAgent.sha256 b/malwares/Binaries/OSX.XAgent/OSX.XAgent.sha256
deleted file mode 100644
index 8f49de8..0000000
--- a/malwares/Binaries/OSX.XAgent/OSX.XAgent.sha256
+++ /dev/null
@@ -1 +0,0 @@
-cbd27c64e557c15f7dd12528a96595717008569594b5c1b9760c6c6d6c08263b OSX.XAgent.zip
diff --git a/malwares/Binaries/OSX.XAgent/OSX.XAgent.zip b/malwares/Binaries/OSX.XAgent/OSX.XAgent.zip
deleted file mode 100644
index 5b4f8bc..0000000
Binary files a/malwares/Binaries/OSX.XAgent/OSX.XAgent.zip and /dev/null differ
diff --git a/malwares/Binaries/Proteus/Proteus.md5 b/malwares/Binaries/Proteus/Proteus.md5
deleted file mode 100644
index 2bff40e..0000000
--- a/malwares/Binaries/Proteus/Proteus.md5
+++ /dev/null
@@ -1 +0,0 @@
-49fd4020bf4d7bd23956ea892e6860e9
diff --git a/malwares/Binaries/Proteus/Proteus.pass b/malwares/Binaries/Proteus/Proteus.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Proteus/Proteus.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Proteus/Proteus.sha256 b/malwares/Binaries/Proteus/Proteus.sha256
deleted file mode 100644
index 9609cd1..0000000
--- a/malwares/Binaries/Proteus/Proteus.sha256
+++ /dev/null
@@ -1 +0,0 @@
-d23b4a30f6b1f083ce86ef9d8ff434056865f6973f12cb075647d013906f51a2
diff --git a/malwares/Binaries/Proteus/Proteus.zip b/malwares/Binaries/Proteus/Proteus.zip
deleted file mode 100644
index 8465b22..0000000
Binary files a/malwares/Binaries/Proteus/Proteus.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.md5 b/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.md5
deleted file mode 100644
index 3df8320..0000000
--- a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.md5
+++ /dev/null
@@ -1 +0,0 @@
-8b6bc16fd137c09a08b02bbe1bb7d670
diff --git a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.pass b/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.sha256 b/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.sha256
deleted file mode 100644
index 3210ff5..0000000
--- a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.sha256
+++ /dev/null
@@ -1 +0,0 @@
-e67834d1e8b38ec5864cfa101b140aeaba8f1900a6e269e6a94c90fcbfe56678
diff --git a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.zip b/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.zip
deleted file mode 100644
index c82f944..0000000
Binary files a/malwares/Binaries/Ransomware.Cerber/Ransomware.Cerber.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.md5 b/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.md5
deleted file mode 100644
index b7a906d..0000000
--- a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.md5
+++ /dev/null
@@ -1 +0,0 @@
-6884a35803f2e795fa4b121f636332b4 Ransomware.Petrwrap.zip
diff --git a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.pass b/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.pass
deleted file mode 100644
index 58737a9..0000000
--- a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
\ No newline at end of file
diff --git a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.sha256 b/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.sha256
deleted file mode 100644
index c102fed..0000000
--- a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.sha256
+++ /dev/null
@@ -1 +0,0 @@
-cf01329c0463865422caa595de325e5fe3f7fba44aabebaae11a6adfeb78b91c Ransomware.Petrwrap.zip
diff --git a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.zip b/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.zip
deleted file mode 100644
index 4e7648e..0000000
Binary files a/malwares/Binaries/Ransomware.Petrwrap/Ransomware.Petrwrap.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.md5 b/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.md5
deleted file mode 100644
index 0b6b72b..0000000
--- a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Ransomware.Unnamed_0.zip) = abc651b27b067fb13cb11e00d33e5226
diff --git a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.pass b/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.shasum b/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.shasum
deleted file mode 100644
index 252db17..0000000
--- a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.shasum
+++ /dev/null
@@ -1 +0,0 @@
-1869459025fcf845b90912236af43a5d8d0f14dd Ransomware.Unnamed_0.zip
diff --git a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.zip b/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.zip
deleted file mode 100644
index c7eb177..0000000
Binary files a/malwares/Binaries/Ransomware.Unnamed_0/Ransomware.Unnamed_0.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.md5 b/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.md5
deleted file mode 100644
index 4196ad3..0000000
--- a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.md5
+++ /dev/null
@@ -1 +0,0 @@
-84c82835a5d21bbcf75a61706d8ab549
diff --git a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.pass b/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.sha256 b/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.sha256
deleted file mode 100644
index b45195a..0000000
--- a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.sha256
+++ /dev/null
@@ -1 +0,0 @@
-ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa
diff --git a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip b/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip
deleted file mode 100644
index 4a7b532..0000000
Binary files a/malwares/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip and /dev/null differ
diff --git a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.md5 b/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.md5
deleted file mode 100644
index 8ffe34e..0000000
--- a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Wannacry.exe) = 30fe2f9a048d7a734c8d9233f64810ba
diff --git a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.pass b/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.sha b/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.sha
deleted file mode 100644
index 9add984..0000000
--- a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.sha
+++ /dev/null
@@ -1 +0,0 @@
-2027a053de21bd5c783c3f823ed1d36966780ed4 Win32.Wannacry.exe
diff --git a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.zip b/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.zip
deleted file mode 100644
index b1693e6..0000000
Binary files a/malwares/Binaries/Ransomware.WannaCry_Plus/Ransomware.Wannacry_Plus.zip and /dev/null differ
diff --git a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.md5 b/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.md5
deleted file mode 100644
index 1d4e372..0000000
--- a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.md5
+++ /dev/null
@@ -1 +0,0 @@
-15af6227d39ca3f9d1dcd8566efb0057
diff --git a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.pass b/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.sha256 b/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.sha256
deleted file mode 100644
index 0f97cc9..0000000
--- a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.sha256
+++ /dev/null
@@ -1 +0,0 @@
-40050153dceec2c8fbb1912f8eeabe449d1e265f0c8198008be8b34e5403e731
diff --git a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.zip b/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.zip
deleted file mode 100644
index e23c2de..0000000
Binary files a/malwares/Binaries/Trojan.Kovter/Trojan.Kovter.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.md5 b/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.md5
deleted file mode 100644
index 640dc94..0000000
--- a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (m) = f8c8f6456c5a52ef24aa426e6b121685
diff --git a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.pass b/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.sha256 b/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.sha256
deleted file mode 100644
index aa5ec75..0000000
--- a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.sha256
+++ /dev/null
@@ -1 +0,0 @@
-83e54cb97644de7084126e702937f8c3a2486a2f m
diff --git a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.zip b/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.zip
deleted file mode 100644
index 4191afc..0000000
Binary files a/malwares/Binaries/Win32.APT28.SekoiaRootkit/Win32.APT28.SekoiaRootkit.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.md5 b/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.md5
deleted file mode 100644
index 0d5f94c..0000000
--- a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.md5
+++ /dev/null
@@ -1 +0,0 @@
-5458a2e4d784abb1a1127263bd5006b5
diff --git a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.pass b/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.sha267 b/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.sha267
deleted file mode 100644
index 0eb4aaa..0000000
--- a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.sha267
+++ /dev/null
@@ -1 +0,0 @@
-c161134bf3330c82eb0278fe54b2975c26301bdfdc4fc35d5344f9becf5574c7
diff --git a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.zip b/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.zip
deleted file mode 100644
index 0b42467..0000000
Binary files a/malwares/Binaries/Win32.APT32.Windshield/Win32.APT32.WindShield.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.md5 b/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.md5
deleted file mode 100644
index 670e6e4..0000000
--- a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.AgentTesla.exe) = 2b294b3499d1cce794badffc959b7618
diff --git a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.pass b/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.sha1 b/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.sha1
deleted file mode 100644
index 67bfba7..0000000
--- a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.sha1
+++ /dev/null
@@ -1 +0,0 @@
-9aa826795798948e8058e3ff1342d81d5d8ee4fa Win32.AgentTesla.exe
diff --git a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.zip b/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.zip
deleted file mode 100644
index 062c10d..0000000
Binary files a/malwares/Binaries/Win32.AgentTesla/Win32.AgentTesla.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.md5 b/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.md5
deleted file mode 100644
index 5e0fcc8..0000000
--- a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.EternalRocks.zip) = 4f18cdbcc1d0e71c3a984a6db0beadde
diff --git a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.pass b/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.shasum b/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.shasum
deleted file mode 100644
index 8c47d89..0000000
--- a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.shasum
+++ /dev/null
@@ -1 +0,0 @@
-63e46767d0b55f389f1efba522bbdbbef163ece1 Win32.EternalRocks.zip
diff --git a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.zip b/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.zip
deleted file mode 100644
index f6b049f..0000000
Binary files a/malwares/Binaries/Win32.EternalRocks/Win32.EternalRocks.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.md5 b/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.md5
deleted file mode 100644
index 99963ed..0000000
--- a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.GravityRAT.zip) = 3ac1ede478f83cd857b5e4fcd06ef1cc
diff --git a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.pass b/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.shasum b/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.shasum
deleted file mode 100644
index 01db931..0000000
--- a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.shasum
+++ /dev/null
@@ -1 +0,0 @@
-39f3381d551bb4e566519894e898defef77faf7c Win32.GravityRAT.zip
diff --git a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.zip b/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.zip
deleted file mode 100644
index 8a56e11..0000000
Binary files a/malwares/Binaries/Win32.GravityRat/Win32.GravityRAT.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.md5 b/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.md5
deleted file mode 100644
index 3561ae3..0000000
--- a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (b81b10bdf4f29347979ea8a1715cbfc560e3452ba9fffcc33cd19a3dc47083a4) = ad44a7c5e18e9958dda66ccfc406cd44
diff --git a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.pass b/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.sha256 b/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.sha256
deleted file mode 100644
index e622694..0000000
--- a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.sha256
+++ /dev/null
@@ -1 +0,0 @@
-e2101519714f8a4056a9de18443bc6e8a1f1b977 b81b10bdf4f29347979ea8a1715cbfc560e3452ba9fffcc33cd19a3dc47083a4
diff --git a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.zip b/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.zip
deleted file mode 100644
index dd8f6bd..0000000
Binary files a/malwares/Binaries/Win32.Invincea_Tunnel /Win32.Invicea_Tunnel.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.md5 b/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.md5
deleted file mode 100644
index 6d3e83e..0000000
--- a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Sofacy.A) = ed7f6260dec470e81dafb0e63bafb5ae
diff --git a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.pass b/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.sha256 b/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.sha256
deleted file mode 100644
index 83ff0d9..0000000
--- a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.sha256
+++ /dev/null
@@ -1 +0,0 @@
-72cfd996957bde06a02b0adb2d66d8aa9c25bf37 Win32.Sofacy.A
diff --git a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.zip b/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.zip
deleted file mode 100644
index 0016974..0000000
Binary files a/malwares/Binaries/Win32.Sofacy.A/Win32.Sofacy.A.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.md5 b/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.md5
deleted file mode 100644
index 10ce2d8..0000000
--- a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.SofacyCarberp.zip) = 003b2c09b78db2b8ddbf043051dd7d00
diff --git a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.pass b/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.sha b/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.sha
deleted file mode 100644
index ba8d9fd..0000000
--- a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.sha
+++ /dev/null
@@ -1 +0,0 @@
-998e2429365040f9e8f8eecdf8576425dd8ab233 Win32.SofacyCarberp.zip
diff --git a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.zip b/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.zip
deleted file mode 100644
index 1b7f37f..0000000
Binary files a/malwares/Binaries/Win32.SofacyCarberp/Win32.SofacyCarberp.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.md5 b/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.md5
deleted file mode 100644
index 284b99e..0000000
--- a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Unclassified.zip) = aed0d25af8dbf513a0cdba6c1a144ec0
diff --git a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.pass b/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.shasum b/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.shasum
deleted file mode 100644
index d3edd1e..0000000
--- a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.shasum
+++ /dev/null
@@ -1 +0,0 @@
-82f8d9bbce6d6bc55738686a9f095c8419ab54d6 Win32.Unclassified.zip
diff --git a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.zip b/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.zip
deleted file mode 100644
index 06c01ac..0000000
Binary files a/malwares/Binaries/Win32.Unclassified/Win32.Unclassified.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.md5 b/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.md5
deleted file mode 100644
index d1c6181..0000000
--- a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Unknown_SpectreMeltdown) = b6b9c196d7a9b0058330b998f461ee52
diff --git a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.pass b/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.shasum b/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.shasum
deleted file mode 100644
index 3974077..0000000
--- a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.shasum
+++ /dev/null
@@ -1 +0,0 @@
-b7154a6288fec8697915b495d33c940272c05eaf Win32.Unknown_SpectreMeltdown
diff --git a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.zip b/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.zip
deleted file mode 100644
index f2d3569..0000000
Binary files a/malwares/Binaries/Win32.Unknown_SpectreMeltdown/Win32.Unknown_SpectreMeltdown.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.md5 b/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.md5
deleted file mode 100644
index bed3a04..0000000
--- a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.Unnamed_SpecMelt) = 8f188da25ac5dcdaf4bba56d84d83c56
diff --git a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.pass b/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.shasum b/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.shasum
deleted file mode 100644
index 3a4867c..0000000
--- a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.shasum
+++ /dev/null
@@ -1 +0,0 @@
-a6ccf55c80df1151667edda4a3969929937ee6ec Win32.Unnamed_SpecMelt
diff --git a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.zip b/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.zip
deleted file mode 100644
index 577a1ec..0000000
Binary files a/malwares/Binaries/Win32.Unnamed_SpecMelt/Win32.Unnamed_SpecMelt.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.md5 b/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.md5
deleted file mode 100644
index 9f0e826..0000000
--- a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.VBS.APT34Dropper) = b2d13a336a3eb7bd27612be7d4e334df
diff --git a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.pass b/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.shasum b/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.shasum
deleted file mode 100644
index 0b4caee..0000000
--- a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.shasum
+++ /dev/null
@@ -1 +0,0 @@
-b20f3ded053b0acca2feeebf8215295740235b8f Win32.VBS.APT34Dropper
diff --git a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.zip b/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.zip
deleted file mode 100644
index 237f802..0000000
Binary files a/malwares/Binaries/Win32.VBS.APT34Dropper/Win32.VBS.APT34Dropper.zip and /dev/null differ
diff --git a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.md5 b/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.md5
deleted file mode 100644
index 1d3d6ba..0000000
--- a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.WannaPeace.exe) = eefa6f98681d78b63f15d7e58934c6cc
diff --git a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.pass b/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.sha b/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.sha
deleted file mode 100644
index 858eaed..0000000
--- a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.sha
+++ /dev/null
@@ -1 +0,0 @@
-586b5a65430263f62d656c96624967122568e274 Win32.WannaPeace.exe
diff --git a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.zip b/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.zip
deleted file mode 100644
index 0aee4b3..0000000
Binary files a/malwares/Binaries/Win32.WannaPeace/Win32.WannaPeace.zip and /dev/null differ
diff --git a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.md5 b/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.md5
deleted file mode 100644
index 4f945bb..0000000
--- a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win64.Trojan.GreenBug) = 786e61331a1e84b7fe26c254de0280ad
diff --git a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.pass b/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.shasum b/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.shasum
deleted file mode 100644
index ea3a051..0000000
--- a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.shasum
+++ /dev/null
@@ -1 +0,0 @@
-0d30f71967200c7508c4b9789951bd6be8305661 Win64.Trojan.GreenBug
diff --git a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.zip b/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.zip
deleted file mode 100644
index eb3ed72..0000000
Binary files a/malwares/Binaries/Win64.Trojan.GreenBug/Win64.Trojan.GreenBug.zip and /dev/null differ
diff --git a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.md5 b/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.md5
deleted file mode 100644
index dc981d1..0000000
--- a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.md5
+++ /dev/null
@@ -1 +0,0 @@
-bc2f12cdc3f5e6dcd523699012e8c22e ExploitKit.DemonHunter.zip
diff --git a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.pass b/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.sha256 b/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.sha256
deleted file mode 100644
index 78bfa6c..0000000
--- a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.sha256
+++ /dev/null
@@ -1 +0,0 @@
-b69139beb2a5f02e69f8f913ed7211e0d2c345a0cef556108caa69fb503c7148 ExploitKit.DemonHunter.zip
diff --git a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.zip b/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.zip
deleted file mode 100644
index a127e24..0000000
Binary files a/malwares/Source/Original/ExploitKit.DemonHunter/ExploitKit.DemonHunter.zip and /dev/null differ
diff --git a/malwares/Source/Original/Rubilyn/Rubilyn.pass b/malwares/Source/Original/Rubilyn/Rubilyn.pass
index ba701bf..cba4e8b 100644
--- a/malwares/Source/Original/Rubilyn/Rubilyn.pass
+++ b/malwares/Source/Original/Rubilyn/Rubilyn.pass
@@ -1 +1 @@
-infected
+infected
diff --git a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.md5 b/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.md5
deleted file mode 100644
index 2a60398..0000000
--- a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.md5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 (Win32.QuasarRAT.zip) = 474f0dd9251ba99461f1a2a23b8f75f5
diff --git a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.pass b/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.pass
deleted file mode 100644
index ba701bf..0000000
--- a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.pass
+++ /dev/null
@@ -1 +0,0 @@
-infected
diff --git a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.shasum b/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.shasum
deleted file mode 100644
index d21d93d..0000000
--- a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.shasum
+++ /dev/null
@@ -1 +0,0 @@
-89c29039f931e864799fbb70f389e42cf5ac5f77 Win32.QuasarRAT.zip
diff --git a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.zip b/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.zip
deleted file mode 100644
index 70aac22..0000000
Binary files a/malwares/Source/Original/Win32.QuasarRAT/Win32.QuasarRAT.zip and /dev/null differ
diff --git a/prep_file.py b/prep_file.py
deleted file mode 100644
index be1875f..0000000
--- a/prep_file.py
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/bin/python
-
-import os
-import sys
-import zipfile
-import hashlib
-import subprocess
-
-
-OUTPUT_FOLDER = "OUTPUT"
-
-
-def _help():
- print("Please run with '%s filename'." % sys.argv[0])
- return
-
-def _Do(file_path):
- if not os.path.isfile(file_path):
- _help()
- print("Seems like '%s' is not a file." % file_path)
- sys.exit(1)
-
- try:
- os.mkdir(OUTPUT_FOLDER)
- except OSError:
- print("Folder exists. Please remove it before continuing.")
- sys.exit(1)
-
- if "\\" in file_path:
- filename = file_path.split("\\")[:-1]
- elif "/" in file_path:
- filename = file_path.split("/")[:-1]
- else:
- filename = file_path
-
- # Create ZIP Archive:
- try:
- rc = subprocess.call(['7z', 'a', '-pinfected', '-y', '%s/%s.zip' % (OUTPUT_FOLDER, filename)] + [file_path])
- except:
- print("Seems like you don't have 7z in your path. Please install or add with:\n\tbrew install 7zip #(OSX)\n\tsudo apt-get install p7zip-full #(Linux)")
- sys.exit(1)
-
- compressed_path = '%s/%s.zip' % (OUTPUT_FOLDER, filename)
- print("Created ZIP Archive.")
- md5sum = hashlib.md5(open(compressed_path, 'rb').read()).hexdigest()
- sha1sum = hashlib.sha1(open(compressed_path, 'rb').read()).hexdigest()
- open("%s/%s.md5" % (OUTPUT_FOLDER, filename), 'w').write(md5sum)
- open("%s/%s.sha" % (OUTPUT_FOLDER, filename), 'w').write(sha1sum)
- open("%s/%s.pass" % (OUTPUT_FOLDER, filename), 'w').write("infected")
- return True
-
-
-if __name__ == "__main__":
- if len(sys.argv) != 2:
- _help()
- sys.exit(1)
- _Do(sys.argv[1])
- print("Please don't forget to add details to 'conf/maldb.db'.")
- print("Thanks for helping us get this accessible to everyone.")
- print("")
diff --git a/theZoo.py b/theZoo.py
index 144a6be..b5280cb 100644
--- a/theZoo.py
+++ b/theZoo.py
@@ -77,8 +77,7 @@ def getArgvs():
# Check if update flag is on
if arguments.update_bol == 1:
a = Updater()
- with open('conf/db.ver', 'r') as f:
- a.update_db(f.readline())
+ a.update_db()
sys.exit(1)
# Check if version flag is on