Updating to DB 092715032014 and inserting VIP column.

conf/database.xml

@@ -0,0 +1,649 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<main_db>
+    <db_ver>190220141439</db_ver>
+
+   <malware id="1">
+      <location>"Source/Original/Dokan_Dec2008/Dokan_Dec2008"</location>
+      <type>"botnet"</type>
+      <name>"Dokan"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"c"</date_born>
+      <platform>"00/12/2008"</platform>
+      <arch>"x86"</arch>
+   </malware>
+
+   <malware id="3">
+      <location>"Source/Original/ShadowBotv3_March2007/ShadowBotv3_March2007"</location>
+      <type>"botnet"</type>
+      <name>"ShadowBot"</name>
+      <version>"3"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"03/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+
+   <malware id="4">
+      <location>"Source/Original/rBot0.3.3_May2004/rBot0.3.3_May2004"</location>
+      <type>"botnet"</type>
+      <name>"rBot"</name>
+      <version>"0.3.3"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/05/2004"</platform>
+      <arch>"x86"</arch>
+   </malware>
+
+   <malware id="5">
+      <location>"Source/Original/ZeuS2.0.8.9_Feb2013/ZeuS2.0.8.9_Feb2013"</location>
+      <type>"botnet"</type>
+      <name>"ZeuS"</name>
+      <version>"2.0.8.9"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"c"</date_born>
+      <platform>"02/2013"</platform>
+      <arch>"x86"</arch>
+   </malware>
+
+   <malware id="6">
+      <location>"Source/Original/X0R-USB_Jan2009/X0R-USB_Jan2009"</location>
+      <type>"virus"</type>
+      <name>"X0R-USB-Virus"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"c"</date_born>
+      <platform>"00/01/2009"</platform>
+      <arch>"x86"</arch>
+   </malware>
+
+   <malware id="7">
+      <location>"Source/Original/LoexBot1.3_Sep2008/LoexBot1.3_Sep2008"</location>
+      <type>"botnet"</type>
+      <name>"LoexBot"</name>
+      <version>"1.3"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/09/2008"</platform>
+      <arch>"x86"</arch>
+   </malware>
+
+   <malware id="8">
+      <location>"Source/Original/ZunkerBot1.4.5_Sep2007/ZunkerBot1.4.5_Sep2007"</location>
+      <type>"botnet"</type>
+      <name>"ZunkerBot"</name>
+      <version>"1.4.5"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"php"</date_born>
+      <platform>"09/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+
+   <malware id="9">
+      <location>"Source/Original/DopeBotv0.22_UnCrippled_Feb2007/DopeBotv0.22_UnCrippled_Feb2007"</location>
+      <type>"botnet"</type>
+      <name>"DopeBot-UnCrippled"</name>
+      <version>"0.22"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/02/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="10">
+      <location>"Source/Original/vbBot_Jan2007/vbBot_Jan2007"</location>
+      <type>"botnet"</type>
+      <name>"vbBot"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"vb"</date_born>
+      <platform>"01/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="11">
+      <location>"Source/Original/xTBot0.0.2_2Feb2002/xTBot0.0.2_2Feb2002"</location>
+      <type>"botnet"</type>
+      <name>"xTBot"</name>
+      <version>"0.0.2"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"02/2002"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="12">
+      <location>"Source/Original/VBS.Win32.Vabian/VBS.Win32.Vabian"</location>
+      <type>"VBS-Worm"</type>
+      <name>"VBS.Win32.Vabian"</name>
+      <version>"botnet"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"vb"</date_born>
+      <platform>"unknown"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="13">
+      <location>"Source/Original/DopeBotv0.22_CrippledFeb2007/DopeBotv0.22_CrippledFeb2007"</location>
+      <type>"botnet"</type>
+      <name>"DopeBot-Crippled"</name>
+      <version>"0.22"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/02/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="14">
+      <location>"Source/Original/Win32.MiniPig_Nov2006/Win32.MiniPig_Nov2006"</location>
+      <type>"Worm"</type>
+      <name>"Win32.MiniPig"</name>
+      <version>"virus"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"c"</date_born>
+      <platform>"00/11/2006"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="15">
+      <location>"Source/Original/HellBotv3.0_10June2005/HellBotv3.0_10June2005"</location>
+      <type>"botnet"</type>
+      <name>"Hellbot"</name>
+      <version>"3.0"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/06/2005"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="16">
+      <location>"Source/Original/Win32.ogw0rm_Nov2008/Win32.ogw0rm_Nov2008"</location>
+      <type>"Worm"</type>
+      <name>"Win32.ogwOrm"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/11/2008"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="17">
+      <location>"Source/Original/DopeBot.B_Dec2004/DopeBot.B_Dec2004"</location>
+      <type>"botnet"</type>
+      <name>"DopeBot.B"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/12/2004"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="18">
+      <location>"Source/Original/LiquidBot_May2005/LiquidBot_May2005"</location>
+      <type>"botnet"</type>
+      <name>"LiquidBot"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/05/2005"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="19">
+      <location>"Source/Original/SpazBot2.12_June2007/SpazBot2.12_June2007"</location>
+      <type>"botnet"</type>
+      <name>"SpazBot"</name>
+      <version>"2.12"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"vb"</date_born>
+      <platform>"00/06/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="20">
+      <location>"Source/Original/DBotv3.1_March2007/DBotv3.1_March2007"</location>
+      <type>"botnet"</type>
+      <name>"DBot"</name>
+      <version>"3.1"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"c"</date_born>
+      <platform>"00/03/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="21">
+      <location>"Source/Original/CyberBotv2.2_October2006/CyberBotv2.2_October2006"</location>
+      <type>"botnet"</type>
+      <name>"CyberBot"</name>
+      <version>"2.2"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/10/2006"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="22">
+      <location>"Source/Original/DopeBot.A_Dec2004/DopeBot.A_Dec2004"</location>
+      <type>"botnet"</type>
+      <name>"DopeBot.A"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/12/2004"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="23">
+      <location>"Source/Original/MyDoom.A_Jan2004/MyDoom.A_Jan2004"</location>
+      <type>"virus"</type>
+      <name>"MyDoom.A"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"c"</date_born>
+      <platform>"00/01/2004"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="24">
+      <location>"Source/Original/ShadowBot_Sep2008/ShadowBot_Sep2008"</location>
+      <type>"botnet"</type>
+      <name>"ShadowBot"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/09/2008"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="25">
+      <location>"Binaries/CryptoLocker20Nov2013/CryptoLocker20Nov2013"</location>
+      <type>"ransomeware"</type>
+      <name>"CryptoLocker"</name>
+      <version>"Unknown"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"20/12/2013"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="26">
+      <location>"Binaries/CryptoLocker_10Sep2013/CryptoLocker_10Sep2013"</location>
+      <type>"ransomeware"</type>
+      <name>"CryptoLocker"</name>
+      <version>"Unknown"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"10/12/2013"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="27">
+      <location>"Binaries/IllusionBot_May2007/IllusionBot_May2007"</location>
+      <type>"botnet"</type>
+      <name>"Illusion Bot"</name>
+      <version>"Unknown"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/05/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="28">
+      <location>"Source/Original/NBot_July2008/NBot_July2008"</location>
+      <type>"botnet"</type>
+      <name>"nBot"</name>
+      <version>"0.32"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"c"</date_born>
+      <platform>"00/05/2008"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="29">
+      <location>"Binaries/Trojan.Dropper.Gen/Trojan.Dropper.Gen"</location>
+      <type>"trojan"</type>
+      <name>"Dropper"</name>
+      <version>"Unknown"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/01/2014"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="30">
+      <location>"Binaries/Trojan.NSIS.Win32/Trojan.NSIS.Win32"</location>
+      <type>"trojan"</type>
+      <name>"NSIS"</name>
+      <version>"Unknown"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/01/2014"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="31">
+      <location>"Binaries/Trojan.Win32.Bechiro.BCD/Trojan.Win32.Bechiro.BCD"</location>
+      <type>"trojan"</type>
+      <name>"Bechiro"</name>
+      <version>"BCD"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/01/2014"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="32">
+      <location>"Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013"</location>
+      <type>"botnet"</type>
+      <name>"AndroRat"</name>
+      <version>"Dec2013"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"java"</date_born>
+      <platform>"06/12/2013"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="33">
+      <location>"Binaries/CryptoLocker_22Jan2014/CryptoLocker_22Jan2014"</location>
+      <type>"ransomeware"</type>
+      <name>"CryptoLocker"</name>
+      <version>"Jan2014"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"22/01/2014"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="34">
+      <location>"Binaries/njRAT-v0.6.4/njRAT-v0.6.4"</location>
+      <type>"botnet"</type>
+      <name>"njRAT"</name>
+      <version>"0.6.4"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/09/2013"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="35">
+      <location>"Binaries/ZeusBankingVersion_26Nov2013/ZeusBankingVersion_26Nov2013"</location>
+      <type>"botnet"</type>
+      <name>"Zeus - zBot"</name>
+      <version>"Nov2013"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"23/11/2013"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="36">
+      <location>"Source/Original/NullBot_Dec2006/NullBot_Dec2006"</location>
+      <type>"botnet"</type>
+      <name>"NullBot"</name>
+      <version>"Dec2006"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"cpp"</date_born>
+      <platform>"00/12/2006"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="37">
+      <location>"Binaries/Artemis"</location>
+      <type>"trojan"</type>
+      <name>"Artemis"</name>
+      <version>"Unknown"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/0000"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="38">
+      <location>"Binaries/Somoto"</location>
+      <type>"apt"</type>
+      <name>"Somoto"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/0000"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="39">
+      <location>"Binaries/Variant.Kazy"</location>
+      <type>"trojan"</type>
+      <name>"Variant.Kazy"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/0000"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="40">
+      <location>"Binaries/Win32/Brontok.W"</location>
+      <type>"Worm"</type>
+      <name>"Brontok.FE"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/0000"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="41">
+      <location>"Binaries/Trojan.Loadmoney.1"</location>
+      <type>"trojan"</type>
+      <name>"LMclicker.1"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/0000"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="42">
+      <location>"Binaries/Win32Dircrypt.Trojan.Ransom.ABZ"</location>
+      <type>"ransomeware"</type>
+      <name>"Trojan.Ransom"</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/0000"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="43">
+      <location>"Binaries/TrojanWin32.Duqu.Stuxnet"</location>
+      <type>"botnet"</type>
+      <name>"Trojan.Win32.Duqu.Aoq ."</name>
+      <version>"unknown"</version>
+      <languages>"unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/0000"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="45">
+      <location>"Binaries/Win32.Botnet.Stuxnet.B"</location>
+      <type>"apt"</type>
+      <name>"Stuxnet Duqu"</name>
+      <version>"Realtek Signed B"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/2007"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="44">
+      <location>"Binaries/Win32.Botnet.Stuxnet.A"</location>
+      <type>"apt"</type>
+      <name>"Stuxnet Duqu"</name>
+      <version>"C-Media Electronics Incorporation Signature - A"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/2009"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="46">
+      <location>"Binaries/Skywiper-A.Flame"</location>
+      <type>"apt"</type>
+      <name>"Skywiper AKA Flame"</name>
+      <version>"A"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/00/2012"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="47">
+      <location>"Binaries/Careto_Feb2014"</location>
+      <type>"apt"</type>
+      <name>"Careto aka The Mask"</name>
+      <version>"A"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"15/02/2014"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="48">
+      <location>"Binaries/ZeusGamever_Feb2014"</location>
+      <type>"botnet"</type>
+      <name>"Zeus"</name>
+      <version>"Gamever"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"19/02/2014"</platform>
+      <arch>"x86"</arch>
+   </malware>
+   <malware id="49">
+      <location>"Binaries/Android.Spy.49_iBanking_Feb2014"</location>
+      <type>"botnet"</type>
+      <name>"Android Spy 29"</name>
+      <version>"Banking Version"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"apk"</date_born>
+      <platform>"19/02/2014"</platform>
+      <arch>"arm"</arch>
+   </malware>
+   <malware id="50">
+      <location>"Binaries/Win32.Cridex"</location>
+      <type>"worm"</type>
+      <name>"Cridex"</name>
+      <version>"B"</version>
+      <languages>"Unknown"</languages>
+      <binary />
+      <source />
+      <date_indexed />
+      <date_born>"bin"</date_born>
+      <platform>"00/02/2014"</platform>
+      <arch>"x86"</arch>
+   </malware>
+</main_db>

conf/db.ver

@@ -1 +1 @@
-190220141439
+092715032014

conf/index.csv

@@ -1,49 +1,54 @@
-1,Source/Original/Dokan_Dec2008/Dokan_Dec2008,botnet,Dokan,unknown,unknown,c,00/12/2008,x86,win32
-3,Source/Original/ShadowBotv3_March2007/ShadowBotv3_March2007,botnet,ShadowBot,3,unknown,cpp,03/2007,x86,win32
-4,Source/Original/rBot0.3.3_May2004/rBot0.3.3_May2004,botnet,rBot,0.3.3,unknown,cpp,00/05/2004,x86,win32
-5,Source/Original/ZeuS2.0.8.9_Feb2013/ZeuS2.0.8.9_Feb2013,botnet,ZeuS,2.0.8.9,unknown,c,02/2013,x86,win32
-6,Source/Original/X0R-USB_Jan2009/X0R-USB_Jan2009,virus,X0R-USB-Virus,unknown,unknown,c,00/01/2009,x86,win32
-7,Source/Original/LoexBot1.3_Sep2008/LoexBot1.3_Sep2008,botnet,LoexBot,1.3,unknown,cpp,00/09/2008,x86,win32
-8,Source/Original/ZunkerBot1.4.5_Sep2007/ZunkerBot1.4.5_Sep2007,botnet,ZunkerBot,1.4.5,unknown,php,09/2007,x86,win32
-9,Source/Original/DopeBotv0.22_UnCrippled_Feb2007/DopeBotv0.22_UnCrippled_Feb2007,botnet,DopeBot-UnCrippled,0.22,unknown,cpp,00/02/2007,x86,win32
-10,Source/Original/vbBot_Jan2007/vbBot_Jan2007,botnet,vbBot,unknown,unknown,vb,01/2007,x86,win32
-11,Source/Original/xTBot0.0.2_2Feb2002/xTBot0.0.2_2Feb2002,botnet,xTBot,0.0.2,unknown,cpp,02/2002,x86,win32
-12,Source/Original/VBS.Win32.Vabian/VBS.Win32.Vabian,VBS-Worm,VBS.Win32.Vabian,botnet,unknown,vb,unknown,x86,win32
-13,Source/Original/DopeBotv0.22_CrippledFeb2007/DopeBotv0.22_CrippledFeb2007,botnet,DopeBot-Crippled,0.22,unknown,cpp,00/02/2007,x86,win32
-14,Source/Original/Win32.MiniPig_Nov2006/Win32.MiniPig_Nov2006,Worm,Win32.MiniPig,virus,unknown,c,00/11/2006,x86,win32
-15,Source/Original/HellBotv3.0_10June2005/HellBotv3.0_10June2005,botnet,Hellbot,3.0,unknown,cpp,00/06/2005,x86,win32
-16,Source/Original/Win32.ogw0rm_Nov2008/Win32.ogw0rm_Nov2008,Worm,Win32.ogwOrm,unknown,unknown,cpp,00/11/2008,x86,win32
-17,Source/Original/DopeBot.B_Dec2004/DopeBot.B_Dec2004,botnet,DopeBot.B,unknown,unknown,cpp,00/12/2004,x86,win32
-18,Source/Original/LiquidBot_May2005/LiquidBot_May2005,botnet,LiquidBot,unknown,unknown,cpp,00/05/2005,x86,win32
-19,Source/Original/SpazBot2.12_June2007/SpazBot2.12_June2007,botnet,SpazBot,2.12,unknown,vb,00/06/2007,x86,win32
-20,Source/Original/DBotv3.1_March2007/DBotv3.1_March2007,botnet,DBot,3.1,unknown,c,00/03/2007,x86,win32
-21,Source/Original/CyberBotv2.2_October2006/CyberBotv2.2_October2006,botnet,CyberBot,2.2,unknown,cpp,00/10/2006,x86,win32
-22,Source/Original/DopeBot.A_Dec2004/DopeBot.A_Dec2004,botnet,DopeBot.A,unknown,unknown,cpp,00/12/2004,x86,win32
-23,Source/Original/MyDoom.A_Jan2004/MyDoom.A_Jan2004,virus,MyDoom.A,unknown,unknown,c,00/01/2004,x86,win32
-24,Source/Original/ShadowBot_Sep2008/ShadowBot_Sep2008,botnet,ShadowBot,unknown,unknown,cpp,00/09/2008,x86,win32
-25,Binaries/CryptoLocker20Nov2013/CryptoLocker20Nov2013,ransomeware,CryptoLocker,Unknown,Unknown,bin,20/12/2013,x86,win32
-26,Binaries/CryptoLocker_10Sep2013/CryptoLocker_10Sep2013,ransomeware,CryptoLocker,Unknown,Unknown,bin,10/12/2013,x86,win32
-27,Binaries/IllusionBot_May2007/IllusionBot_May2007,botnet,Illusion Bot,Unknown,Unknown,bin,00/05/2007,x86,win32
-28,Source/Original/NBot_July2008/NBot_July2008,botnet,nBot,0.32,Unknown,c,00/05/2008,x86,win32
-29,Binaries/Trojan.Dropper.Gen/Trojan.Dropper.Gen,trojan,Dropper,Unknown,Unknown,bin,00/01/2014,x86,win32
-30,Binaries/Trojan.NSIS.Win32/Trojan.NSIS.Win32,trojan,NSIS,Unknown,Unknown,bin,00/01/2014,x86,win32
-31,Binaries/Trojan.Win32.Bechiro.BCD/Trojan.Win32.Bechiro.BCD,trojan,Bechiro,BCD,Unknown,bin,00/01/2014,x86,win32
-32,Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013,botnet,AndroRat,Dec2013,Unknown,java,06/12/2013,x86,win32
-33,Binaries/CryptoLocker_22Jan2014/CryptoLocker_22Jan2014,ransomeware,CryptoLocker,Jan2014,Unknown,bin,22/01/2014,x86,win32
-34,Binaries/njRAT-v0.6.4/njRAT-v0.6.4,botnet,njRAT,0.6.4,Unknown,bin,00/09/2013,x86,win32
-35,Binaries/ZeusBankingVersion_26Nov2013/ZeusBankingVersion_26Nov2013,botnet,Zeus - zBot,Nov2013,Unknown,bin,23/11/2013,x86,win32
-36,Source/Original/NullBot_Dec2006/NullBot_Dec2006,botnet,NullBot,Dec2006,Unknown,cpp,00/12/2006,x86,win32
-37,Binaries/Artemis,trojan,Artemis,Unknown,Unknown,bin,00/00/0000,x86,win32
-38,Binaries/Somoto,apt,Somoto,unknown,unknown,bin,00/00/0000,x86,win32
-39,Binaries/Variant.Kazy,trojan,Variant.Kazy,unknown,unknown,bin,00/00/0000,x86,win32
-40,Binaries/Win32/Brontok.W,Worm,Brontok.FE ,unknown,unknown,bin,00/00/0000,x86,win32
-41,Binaries/Trojan.Loadmoney.1,trojan,LMclicker.1,unknown,unknown,bin,00/00/0000,x86,win32
-42,Binaries/Win32Dircrypt.Trojan.Ransom.ABZ,ransomeware,Trojan.Ransom,unknown,unknown,bin,00/00/0000,x86,win32
-43,Binaries/TrojanWin32.Duqu.Stuxnet,botnet,Trojan.Win32.Duqu.Aoq .,unknown,unknown,bin,00/00/0000,x86,win32
-45,Binaries/Win32.Botnet.Stuxnet.B,apt,Stuxnet Duqu,Realtek Signed B,Unknown,bin,00/00/2007,x86,win32
-44,Binaries/Win32.Botnet.Stuxnet.A,apt,Stuxnet Duqu,C-Media Electronics Incorporation Signature - A,Unknown,bin,00/00/2009,x86,win32
-46,Binaries/Skywiper-A.Flame,apt,Skywiper AKA Flame,A,Unknown,bin,00/00/2012,x86,win32
-47,Binaries/Careto_Feb2014,apt,Careto aka The Mask,A,Unknown,bin,15/02/2014,x86,win32
-48,Binaries/ZeusGamever_Feb2014,botnet,Zeus,Gamever,Unknown,bin,19/02/2014,x86,win32
-49,Binaries/Android.Spy.49_iBanking_Feb2014,botnet,Android Spy 29,Banking Version,Unknown,apk,19/02/2014,arm,android
-50,Binaries/Win32.Cridex,worm,Cridex,B,Unknown,bin,00/02/2014,x86,win32
+1,Source/Original/Dokan_Dec2008/Dokan_Dec2008,botnet,Dokan,unknown,unknown,c,00/12/2008,x86,win32,0
+3,Source/Original/ShadowBotv3_March2007/ShadowBotv3_March2007,botnet,ShadowBot,3,unknown,cpp,03/2007,x86,win32,0
+4,Source/Original/rBot0.3.3_May2004/rBot0.3.3_May2004,botnet,rBot,0.3.3,unknown,cpp,00/05/2004,x86,win32,0
+5,Source/Original/ZeuS2.0.8.9_Feb2013/ZeuS2.0.8.9_Feb2013,botnet,ZeuS,2.0.8.9,unknown,c,02/2013,x86,win32,1
+6,Source/Original/X0R-USB_Jan2009/X0R-USB_Jan2009,virus,X0R-USB-Virus,unknown,unknown,c,00/01/2009,x86,win32,0
+7,Source/Original/LoexBot1.3_Sep2008/LoexBot1.3_Sep2008,botnet,LoexBot,1.3,unknown,cpp,00/09/2008,x86,win32,0
+8,Source/Original/ZunkerBot1.4.5_Sep2007/ZunkerBot1.4.5_Sep2007,botnet,ZunkerBot,1.4.5,unknown,php,09/2007,x86,win32,0
+9,Source/Original/DopeBotv0.22_UnCrippled_Feb2007/DopeBotv0.22_UnCrippled_Feb2007,botnet,DopeBot-UnCrippled,0.22,unknown,cpp,00/02/2007,x86,win32,0
+10,Source/Original/vbBot_Jan2007/vbBot_Jan2007,botnet,vbBot,unknown,unknown,vb,01/2007,x86,win32,0
+11,Source/Original/xTBot0.0.2_2Feb2002/xTBot0.0.2_2Feb2002,botnet,xTBot,0.0.2,unknown,cpp,02/2002,x86,win32,0
+12,Source/Original/VBS.Win32.Vabian/VBS.Win32.Vabian,VBS-Worm,VBS.Win32.Vabian,botnet,unknown,vb,unknown,x86,win32,0
+13,Source/Original/DopeBotv0.22_CrippledFeb2007/DopeBotv0.22_CrippledFeb2007,botnet,DopeBot-Crippled,0.22,unknown,cpp,00/02/2007,x86,win32,0
+14,Source/Original/Win32.MiniPig_Nov2006/Win32.MiniPig_Nov2006,Worm,Win32.MiniPig,virus,unknown,c,00/11/2006,x86,win32,0
+15,Source/Original/HellBotv3.0_10June2005/HellBotv3.0_10June2005,botnet,Hellbot,3.0,unknown,cpp,00/06/2005,x86,win32,0
+16,Source/Original/Win32.ogw0rm_Nov2008/Win32.ogw0rm_Nov2008,Worm,Win32.ogwOrm,unknown,unknown,cpp,00/11/2008,x86,win32,0
+17,Source/Original/DopeBot.B_Dec2004/DopeBot.B_Dec2004,botnet,DopeBot.B,unknown,unknown,cpp,00/12/2004,x86,win32,0
+18,Source/Original/LiquidBot_May2005/LiquidBot_May2005,botnet,LiquidBot,unknown,unknown,cpp,00/05/2005,x86,win32,0
+19,Source/Original/SpazBot2.12_June2007/SpazBot2.12_June2007,botnet,SpazBot,2.12,unknown,vb,00/06/2007,x86,win32,0
+20,Source/Original/DBotv3.1_March2007/DBotv3.1_March2007,botnet,DBot,3.1,unknown,c,00/03/2007,x86,win32,0
+21,Source/Original/CyberBotv2.2_October2006/CyberBotv2.2_October2006,botnet,CyberBot,2.2,unknown,cpp,00/10/2006,x86,win32,0
+22,Source/Original/DopeBot.A_Dec2004/DopeBot.A_Dec2004,botnet,DopeBot.A,unknown,unknown,cpp,00/12/2004,x86,win32,0
+23,Source/Original/MyDoom.A_Jan2004/MyDoom.A_Jan2004,virus,MyDoom.A,unknown,unknown,c,00/01/2004,x86,win32,0
+24,Source/Original/ShadowBot_Sep2008/ShadowBot_Sep2008,botnet,ShadowBot,unknown,unknown,cpp,00/09/2008,x86,win32,0
+25,Binaries/CryptoLocker20Nov2013/CryptoLocker20Nov2013,ransomeware,CryptoLocker,Unknown,Unknown,bin,20/12/2013,x86,win32,1
+26,Binaries/CryptoLocker_10Sep2013/CryptoLocker_10Sep2013,ransomeware,CryptoLocker,Unknown,Unknown,bin,10/12/2013,x86,win32,1
+27,Binaries/IllusionBot_May2007/IllusionBot_May2007,botnet,Illusion Bot,Unknown,Unknown,bin,00/05/2007,x86,win32,0
+28,Source/Original/NBot_July2008/NBot_July2008,botnet,nBot,0.32,Unknown,c,00/05/2008,x86,win32,0
+29,Binaries/Trojan.Dropper.Gen/Trojan.Dropper.Gen,trojan,Dropper,Unknown,Unknown,bin,00/01/2014,x86,win32,0
+30,Binaries/Trojan.NSIS.Win32/Trojan.NSIS.Win32,trojan,NSIS,Unknown,Unknown,bin,00/01/2014,x86,win32,0
+31,Binaries/Trojan.Win32.Bechiro.BCD/Trojan.Win32.Bechiro.BCD,trojan,Bechiro,BCD,Unknown,bin,00/01/2014,x86,win32,0
+32,Binaries/AndroRat_6Dec2013/AndroRat_6Dec2013,botnet,AndroRat,Dec2013,Unknown,java,06/12/2013,x86,win32,0
+33,Binaries/CryptoLocker_22Jan2014/CryptoLocker_22Jan2014,ransomeware,CryptoLocker,Jan2014,Unknown,bin,22/01/2014,x86,win32,1
+34,Binaries/njRAT-v0.6.4/njRAT-v0.6.4,botnet,njRAT,0.6.4,Unknown,bin,00/09/2013,x86,win32,0
+35,Binaries/ZeusBankingVersion_26Nov2013/ZeusBankingVersion_26Nov2013,botnet,Zeus - zBot,Nov2013,Unknown,bin,23/11/2013,x86,win32,1
+36,Source/Original/NullBot_Dec2006/NullBot_Dec2006,botnet,NullBot,Dec2006,Unknown,cpp,00/12/2006,x86,win32,0
+37,Binaries/Artemis,trojan,Artemis,Unknown,Unknown,bin,00/00/0000,x86,win32,0
+38,Binaries/Somoto,apt,Somoto,unknown,unknown,bin,00/00/0000,x86,win32,0
+39,Binaries/Variant.Kazy,trojan,Variant.Kazy,unknown,unknown,bin,00/00/0000,x86,win32,0
+40,Binaries/Win32/Brontok.W,Worm,Brontok.FE ,unknown,unknown,bin,00/00/0000,x86,win32,1
+41,Binaries/Trojan.Loadmoney.1,trojan,LMclicker.1,unknown,unknown,bin,00/00/0000,x86,win32,0
+42,Binaries/Win32Dircrypt.Trojan.Ransom.ABZ,ransomeware,Trojan.Ransom,unknown,unknown,bin,00/00/0000,x86,win32,0
+43,Binaries/TrojanWin32.Duqu.Stuxnet,botnet,Trojan.Win32.Duqu.Aoq .,unknown,unknown,bin,00/00/0000,x86,win32,1
+45,Binaries/Win32.Botnet.Stuxnet.B,apt,Stuxnet Duqu,Realtek Signed B,Unknown,bin,00/00/2007,x86,win32,1
+44,Binaries/Win32.Botnet.Stuxnet.A,apt,Stuxnet Duqu,C-Media Electronics Incorporation Signature - A,Unknown,bin,00/00/2009,x86,win32,1
+46,Binaries/Skywiper-A.Flame,apt,Skywiper AKA Flame,A,Unknown,bin,00/00/2012,x86,win32,1
+47,Binaries/Careto_Feb2014,apt,Careto aka The Mask,A,Unknown,bin,15/02/2014,x86,win32,0
+48,Binaries/ZeusGamever_Feb2014,botnet,Zeus,Gamever,Unknown,bin,19/02/2014,x86,win32,1
+49,Binaries/Android.Spy.49_iBanking_Feb2014,botnet,Android Spy 29,Banking Version,Unknown,apk,19/02/2014,arm,android,0
+50,Binaries/Win32.Cridex,worm,Cridex,B,Unknown,bin,00/02/2014,x86,win32,0
+51,Binaries/Win32.Alina.3.4.B,apt,Alina,3.4B,Unknown,bin,15.3.2014,x86,win32,1
+52,Binaries/Win32.Boaxxe.BB,botnet,Boaxxe,BB,Unknown,bin,15.3.2014,x86,win32,0
+53,Binaries/Win32.Infostealer.Dexter,botnet,Dexter,Unknown,Unknown,bin,15.3.2014,x86,win32,0
+54,Binaries/Win32.Caphaw.Shylock,botnet,Shylock,Unknown,Unknown,bin,15.3.2014,x86,win32,1
+55,Binaries/Win32.Turla,apt,Torola\Urubus rootkit,Unknown,Russia,bin,15.3.2014,x86,win32,1

imports/globals.py

@@ -41,6 +41,8 @@ class init:
         column_for_uid = 0
         column_for_arch = 8
         column_for_plat = 9
+        column_for_vip = 10
+
         conf_folder = 'conf'
         eula_file = conf_folder + '/eula_run.conf'
         maldb_ver_file = conf_folder + '/db.ver'
@@ -77,6 +79,7 @@ class vars:
     column_for_uid = 0
     column_for_arch = 8
     column_for_plat = 9
+    column_for_vip = 10
 
     conf_folder = 'conf'
     eula_file = conf_folder + '/eula_run.conf'

imports/manysearches.py

@@ -18,10 +18,11 @@ class MuchSearch(object):
         print "\nPayloads Found:"
         array = m
         i = 0
-        print "ID\tType\t\tLang\tArch\tPlat\tName"
-        print '---\t-----\t\t-----\t----\t-----\t----------------'
+        print "ID\tVIP\tType\t\tLang\tArch\tPlat\tName"
+        print '---\t---\t-----\t\t-----\t----\t-----\t----------------'
         for element in array:
             answer = array[i][globals.vars.column_for_uid]
+            answer = array[i][globals.vars.column_for_vip]
             answer += '\t%s' % ('{0: <12}'.format(array[i][globals.vars.column_for_type]))
             answer += '\t%s' % ('{0: <12}'.format(array[i][globals.vars.column_for_pl]))
             answer += array[i][globals.vars.column_for_arch] + '\t'

imports/terminal_handler.py

@@ -23,7 +23,7 @@ class Controller:
         self.searchmeth = [ ("arch","which architecture etc; x86, x64, arm7 so on..."),
                             ("plat","platform: win32, win64, mac, android so on..."),
                             ("lang","c, cpp, vbs, bin so on..."),
-                            ("","")]
+                            ("vip", "1 or 0")]
 
         self.modules = self.GetPayloads()
 
@@ -32,7 +32,7 @@ class Controller:
         self.arch = ''
         self.lang = ''
         self.type = ''
-
+        self.vip = ''
 
     def GetPayloads(self):
         m = []
@@ -77,6 +77,8 @@ class Controller:
                     ar = manySearch.sort(ar, globals.vars.column_for_pl, self.lang)
                 if len(self.type) > 0:
                     ar = manySearch.sort(ar, globals.vars.column_for_type, self.type)
+                if len(self.vip) > 0:
+                    ar = manySearch.sort(ar, globals.vars.column_for_vip, self.vip)
                 printController = manysearches.MuchSearch()
                 printController.PrintPayloads(ar)
                 self.MainMenu()

malwares/Binaries/Win32.Alina.3.4.B/Win32.Alina.3.4.B.md5

@@ -0,0 +1 @@
+6ec4bb6df9ddd7a59734b79b96271327  Win32.Alina.3.4.B.zip

malwares/Binaries/Win32.Alina.3.4.B/Win32.Alina.3.4.B.pass

@@ -0,0 +1 @@
+infected

malwares/Binaries/Win32.Alina.3.4.B/Win32.Alina.3.4.B.sha256

@@ -0,0 +1 @@
+d584d876e3b4706066cebab7c5459d9c80a0a9a7fd095e509832dc685221401b  Win32.Alina.3.4.B.zip

malwares/Binaries/Win32.Boaxxe.BB/Win32.Boaxxe.BB.md5

@@ -0,0 +1 @@
+9c6a1317b6ddf6c11ec34f3e3240b3c7  Win32.Boaxxe.BB.zip

malwares/Binaries/Win32.Boaxxe.BB/Win32.Boaxxe.BB.pass

@@ -0,0 +1 @@
+infected

malwares/Binaries/Win32.Boaxxe.BB/Win32.Boaxxe.BB.sha256

@@ -0,0 +1 @@
+947ae5e40254363d6bdf8007a5aaffe43a8fc43c5ae4608192c9ea248459baca  Win32.Boaxxe.BB.zip

malwares/Binaries/Win32.Caphaw.Shylock/Win32.Caphaw.Shylock.pass

@@ -0,0 +1 @@
+infected

malwares/Binaries/Win32.Infostealer.Dexter/Win32.Infostealer.Dexter.md5

@@ -0,0 +1 @@
+bd7bad534d1e5a2ad6c11829b96a23e4  Win32.Infostealer.Dexter.zip

malwares/Binaries/Win32.Infostealer.Dexter/Win32.Infostealer.Dexter.pass

@@ -0,0 +1 @@
+infected

malwares/Binaries/Win32.Infostealer.Dexter/Win32.Infostealer.Dexter.sha256

@@ -0,0 +1 @@
+282032b31c4cbaa9110cf95e9f3a838788301bcb4be1a3e9f13d39a737f322e6  Win32.Infostealer.Dexter.zip

malwares/Binaries/Win32.Turla/Win32.Turla.md5

@@ -0,0 +1 @@
+92f70259f6667fe26bd52d2156ffec9a  Win32.Turla.rar

malwares/Binaries/Win32.Turla/Win32.Turla.pass

@@ -0,0 +1 @@
+infected

malwares/Binaries/Win32.Turla/Win32.Turla.sha256

@@ -0,0 +1 @@
+538167744e9225bea9aa75648d79584ae597ec943f6e451a36bdcf7c7e313388  Win32.Turla.rar