|
26 | 26 | }, |
27 | 27 | { |
28 | 28 | "cell_type": "code", |
29 | | - "execution_count": null, |
| 29 | + "execution_count": 1, |
30 | 30 | "id": "59ab69c2", |
31 | 31 | "metadata": {}, |
32 | 32 | "outputs": [], |
33 | 33 | "source": [ |
34 | | - "from ReversingLabs.SDK.helper import *\n", |
35 | 34 | "from ReversingLabs.SDK.ticloud import AdvancedSearch\n", |
36 | 35 | "from ReversingLabs.SDK.advanced import AdvancedActions" |
37 | 36 | ] |
|
52 | 51 | }, |
53 | 52 | { |
54 | 53 | "cell_type": "code", |
55 | | - "execution_count": null, |
| 54 | + "execution_count": 2, |
56 | 55 | "id": "66ed0816", |
57 | 56 | "metadata": {}, |
58 | 57 | "outputs": [], |
|
81 | 80 | }, |
82 | 81 | { |
83 | 82 | "cell_type": "code", |
84 | | - "execution_count": null, |
| 83 | + "execution_count": 3, |
85 | 84 | "id": "791783de", |
86 | 85 | "metadata": {}, |
87 | 86 | "outputs": [], |
|
103 | 102 | }, |
104 | 103 | { |
105 | 104 | "cell_type": "code", |
106 | | - "execution_count": null, |
| 105 | + "execution_count": 4, |
107 | 106 | "id": "dbdf8739", |
108 | 107 | "metadata": {}, |
109 | 108 | "outputs": [], |
|
131 | 130 | }, |
132 | 131 | { |
133 | 132 | "cell_type": "code", |
134 | | - "execution_count": null, |
| 133 | + "execution_count": 5, |
135 | 134 | "id": "067c7c95", |
136 | 135 | "metadata": {}, |
137 | 136 | "outputs": [], |
|
155 | 154 | "id": "ae7e378c", |
156 | 155 | "metadata": {}, |
157 | 156 | "source": [ |
158 | | - "# 6. Main Execution Function\n", |
| 157 | + "# 6. Main Execution Function, results processing and output\n", |
159 | 158 | "- Performs the search using the ReversingLabs SDK\n", |
160 | 159 | "- Processes each sample to extract basic information\n", |
161 | 160 | "- Attempts to enrich each sample and extract relevant URLs\n", |
162 | | - "- Handles errors gracefully, continuing even if enrichment fails for some samples" |
| 161 | + "- Handles errors gracefully, continuing even if enrichment fails for some samples\n", |
| 162 | + "\n", |
| 163 | + " Results Processing and output:\n", |
| 164 | + "- Groups samples by the extracted URLs\n", |
| 165 | + "- Creates a default group if no URLs are found\n", |
| 166 | + "- Builds the final report structure \n", |
| 167 | + "- Writes the grouped results to a JSON file\n", |
| 168 | + "- Provides summary statistics on the console" |
163 | 169 | ] |
164 | 170 | }, |
165 | 171 | { |
166 | 172 | "cell_type": "code", |
167 | | - "execution_count": null, |
| 173 | + "execution_count": 6, |
168 | 174 | "id": "e39a9c90", |
169 | 175 | "metadata": {}, |
170 | | - "outputs": [], |
| 176 | + "outputs": [ |
| 177 | + { |
| 178 | + "name": "stdout", |
| 179 | + "output_type": "stream", |
| 180 | + "text": [ |
| 181 | + "Total samples returned: 100\n", |
| 182 | + "Error enriching sample 4dab85b94e09f648b6fa951bd193291576c7906d: Not found. No reference was found for this input\n", |
| 183 | + "Error enriching sample 6a26d852758415fb7ed430960a73865eb6558bee: Not found. No reference was found for this input\n", |
| 184 | + "Error enriching sample f8adc10b2478f61027b79a03ff8ca81b415e06f1: Not found. No reference was found for this input\n", |
| 185 | + "Error enriching sample 0b5bcb7ed2e5a5a52d7b6f1811ef6135a7cd4e1f: Not found. No reference was found for this input\n", |
| 186 | + "Error enriching sample 341bc1a87b89b11511a1e4ba8659581c37e5cf23: Not found. No reference was found for this input\n", |
| 187 | + "Error enriching sample 935b070cb1400f945e20f8eda1b0148d94ae0ad4: Not found. No reference was found for this input\n", |
| 188 | + "Error enriching sample b5ba0cf4db78d612d42ce1413c21849db6288925: Not found. No reference was found for this input\n", |
| 189 | + "Error enriching sample 4e6499008f02cfb90685bc1202faaf543df1d5e6: Not found. No reference was found for this input\n", |
| 190 | + "Error enriching sample 7b0c1421b727c074f4ed408b71a8b18ccf12f733: Not found. No reference was found for this input\n", |
| 191 | + "Error enriching sample 751ce65d5c254c0e5c3bc962ffa238f97dcf5339: Not found. No reference was found for this input\n", |
| 192 | + "Error enriching sample e02e94fea0173ccece45c56f031dc4c640a10292: Not found. No reference was found for this input\n", |
| 193 | + "Error enriching sample 2ba7a4aa387e81c7fda12332db467522215de498: Not found. No reference was found for this input\n", |
| 194 | + "Error enriching sample dc21cbd73ed295a23fbad0eb8232b32e22eb9de9: Not found. No reference was found for this input\n", |
| 195 | + "Error enriching sample 8b806fdc1977b4ff3899f5c70fe75a32b06fc268: Not found. No reference was found for this input\n", |
| 196 | + "Error enriching sample 1969d3773efa68a75b75835916ea0dd0e6942753: Not found. No reference was found for this input\n", |
| 197 | + "Error enriching sample 82d4afa41cbad21929864e1be1efb42fd7e083ba: Not found. No reference was found for this input\n", |
| 198 | + "Error enriching sample 7a1c299118a248577a265078152aab810fedf4bd: Not found. No reference was found for this input\n", |
| 199 | + "Error enriching sample 46de2d75b935774dca8d568853d98b7b37dedbb4: Not found. No reference was found for this input\n", |
| 200 | + "Error enriching sample 333be4cedeab6380c2cbb9a0a76fae53ce7b790b: Not found. No reference was found for this input\n", |
| 201 | + "Error enriching sample 5e72b48d0988933f7d1bc27e1fe9732b10462c87: Not found. No reference was found for this input\n", |
| 202 | + "Error enriching sample 576aa51f9b1504140cb4209f15f9f27e4543154a: Not found. No reference was found for this input\n", |
| 203 | + "Error enriching sample a207cffb1765b49b33516534c66dc83057146152: Not found. No reference was found for this input\n", |
| 204 | + "Error enriching sample f0bf40487ef6721ffd2fe8ffb6a8f2159706c9cf: Not found. No reference was found for this input\n", |
| 205 | + "Error enriching sample 9c58a3f63a35538bd8593da6a80983e381840b71: Not found. No reference was found for this input\n", |
| 206 | + "Error enriching sample 7725100876e01da9c21a3230897427e84b4cd008: Not found. No reference was found for this input\n", |
| 207 | + "Error enriching sample b1d3bab76286bdc8c6d80ad1c85653c474a12192: Not found. No reference was found for this input\n", |
| 208 | + "Error enriching sample ba682f53048c4efc00027b424205cc3c954ced3d: Not found. No reference was found for this input\n", |
| 209 | + "Error enriching sample 33db7173b22ca01e539c044059f0ed074db53988: Not found. No reference was found for this input\n", |
| 210 | + "Error enriching sample 53b17ea9f6257e6f27685a9d1abc307022032cac: Not found. No reference was found for this input\n", |
| 211 | + "Error enriching sample 0aaa6718ef31a15fc0083bb1bc1f499c4986e167: Not found. No reference was found for this input\n", |
| 212 | + "Error enriching sample c7d016f5807c24e0a54171552b8f7b70da784c1d: Not found. No reference was found for this input\n", |
| 213 | + "Error enriching sample 2ee70fc4fb23464cb2a1352600be2f2a774951d5: Not found. No reference was found for this input\n", |
| 214 | + "Error enriching sample d56cd6f9a30ed70701efaa57fd2a04d12bfe8cc6: Not found. No reference was found for this input\n", |
| 215 | + "Error enriching sample 97f6a461bf1b8dc7173ff4e6053f16c3918d02e8: Not found. No reference was found for this input\n", |
| 216 | + "Error enriching sample 98795358c1ba5af4de02a6c969003a0f15f159c2: Not found. No reference was found for this input\n", |
| 217 | + "Error enriching sample 83fa90ce2ef2e90f2105d729dd9f2ba72891dfad: Not found. No reference was found for this input\n", |
| 218 | + "Error enriching sample 92118a8a04c994d81f873bb012dc42ad92a2e7af: Not found. No reference was found for this input\n", |
| 219 | + "Error enriching sample 5524a5d3324ada23489c2cb0cd1f40185a1faaa0: Not found. No reference was found for this input\n", |
| 220 | + "Error enriching sample e162fec95e26ea85fe418f89b588f7a3fb1bd68b: Not found. No reference was found for this input\n", |
| 221 | + "Error enriching sample fb8f26d53e0f8bc4701e656c99cc9b416fa0249a: Not found. No reference was found for this input\n", |
| 222 | + "Error enriching sample 2e698215e97aedd0469bdc54d9b0951490e3b074: Not found. No reference was found for this input\n", |
| 223 | + "Error enriching sample cb395e46deec9fd5e0b37b4d52b2d352b6890bab: Not found. No reference was found for this input\n", |
| 224 | + "Error enriching sample b2354ae39e869b995986bc30b1d418445f922baf: Not found. No reference was found for this input\n", |
| 225 | + "Error enriching sample a217b3b38bc7a715b50b1879e6d20a76f6024259: Not found. No reference was found for this input\n", |
| 226 | + "Error enriching sample 6fce7715d697ffcd59a2392aec4b90da9ba22860: Not found. No reference was found for this input\n", |
| 227 | + "Error enriching sample 370000dc318e4fe1f47a84d806eb5e6f9698df0f: Not found. No reference was found for this input\n", |
| 228 | + "Error enriching sample 7510daad39f850389c68f7d6ef67882c71c39877: Not found. No reference was found for this input\n", |
| 229 | + "Error enriching sample 04f33a7a2af041f41041b1bb8a015ffb94c0f18c: Not found. No reference was found for this input\n", |
| 230 | + "Error enriching sample 5e643e0f8c868440619999a6fc1d79c056efa9db: Not found. No reference was found for this input\n", |
| 231 | + "Error enriching sample f195a2d23ef180be25714b431fb71a7d8c7eb973: Not found. No reference was found for this input\n", |
| 232 | + "Error enriching sample 7b921dbde2cdb3b92daac66bb0904da79651b708: Not found. No reference was found for this input\n", |
| 233 | + "Error enriching sample 9d875650ec2c6c1e8370e184217271420007e0cc: Not found. No reference was found for this input\n", |
| 234 | + "Error enriching sample 5a6d4a3f38f7fd8e5d4e61fbdc87be269063ef28: Not found. No reference was found for this input\n", |
| 235 | + "Error enriching sample f919ca75deaa7db73be682e8c9162c384f6a7417: Not found. No reference was found for this input\n", |
| 236 | + "Error enriching sample 632b2b958a4e996fad898b6b7e9500cde4869ca2: Not found. No reference was found for this input\n", |
| 237 | + "Error enriching sample e87a8d0aa0137bfd02697f5fcb203b2ef4534c44: Not found. No reference was found for this input\n", |
| 238 | + "Error enriching sample 6959fc7fffbfa0b9447f70a1bc47cec25f6f0d50: Not found. No reference was found for this input\n", |
| 239 | + "Error enriching sample 6ae06a6b03e53a20e27692ebfc448bf7719f5937: Not found. No reference was found for this input\n", |
| 240 | + "Error enriching sample 3a92e15f9aa04c93b2cb9ac5b92b7ff96e8af717: Not found. No reference was found for this input\n", |
| 241 | + "Error enriching sample 84f67258d178ceb92c976fbbdcec51d2cf10b5bc: Not found. No reference was found for this input\n", |
| 242 | + "Error enriching sample 4ba975cdeda240499f2244690295cc92572ac98e: Not found. No reference was found for this input\n", |
| 243 | + "Error enriching sample a728b3cc9973ba5de466b6406eb7c9bdcc6f7374: Not found. No reference was found for this input\n", |
| 244 | + "Error enriching sample c6f93ddd452ae3b20b99e5278491629abc33543d: Not found. No reference was found for this input\n", |
| 245 | + "Error enriching sample fc4ae33d32d8e7b2855b532daa25b65de2a91c53: Not found. No reference was found for this input\n", |
| 246 | + "Error enriching sample 16e389401dc7dc5d90c2d014a9c3074d3e000803: Not found. No reference was found for this input\n", |
| 247 | + "Error enriching sample c7d66d154e8f2235fd6f59c9474bb65a8e21c16a: Not found. No reference was found for this input\n", |
| 248 | + "Error enriching sample 0db8fe2d8c03ec798ee306a784399c989001245b: Not found. No reference was found for this input\n", |
| 249 | + "Error enriching sample 7270301199a54049c3f27ea70214cd170998f7f5: Not found. No reference was found for this input\n", |
| 250 | + "Error enriching sample b316144961f6dc81ab5a163721f5c4a788bc091b: Not found. No reference was found for this input\n", |
| 251 | + "Error enriching sample 49cd6910ec9856e9d340107bccf9419080f08782: Not found. No reference was found for this input\n", |
| 252 | + "Error enriching sample e84ffffd27ac1646a2ddb382d39cfd398660e501: Not found. No reference was found for this input\n", |
| 253 | + "Error enriching sample 4174dfe67cedee7fbb8fff134a6076a7bae46766: Not found. No reference was found for this input\n", |
| 254 | + "Error enriching sample b6c6ede64f0598390186132112e075d4654fad0e: Not found. No reference was found for this input\n", |
| 255 | + "Error enriching sample f6622fc3878c79ad0283776f6832b5c87982a9af: Not found. No reference was found for this input\n", |
| 256 | + "Error enriching sample 1b278ed16aaddee400f1cce2b7942e347a9d1320: Not found. No reference was found for this input\n", |
| 257 | + "Error enriching sample c88ec5200a7cb51a39a58c4a263a185e98f8d793: Not found. No reference was found for this input\n", |
| 258 | + "Error enriching sample 0c2cd143ddcde8557b94b57d92960f0836d7aa2a: Not found. No reference was found for this input\n", |
| 259 | + "Error enriching sample ffd62423c8ab38627ebac149c35c6a67a0354f95: Not found. No reference was found for this input\n", |
| 260 | + "Error enriching sample 152e4ec869711b1faaef37dd436e83f0eb3d89ba: Not found. No reference was found for this input\n", |
| 261 | + "Error enriching sample 9b78230b60a9724c6396a47f1061d43ba305bc9e: Not found. No reference was found for this input\n", |
| 262 | + "Error enriching sample 867eebb06fc448e2fc8a74e55d8d1428df53537f: Not found. No reference was found for this input\n", |
| 263 | + "Error enriching sample 166a66489deb3d5aca7c553655dfc85edebaa333: Not found. No reference was found for this input\n", |
| 264 | + "Error enriching sample 242d62dcce635cfd91365c636b381d15db89be0a: Not found. No reference was found for this input\n", |
| 265 | + "Error enriching sample e871d486504534bb5abe87b82e882e0c31eb49aa: Not found. No reference was found for this input\n", |
| 266 | + "Error enriching sample e8db46489a6fa568a77f8456d5594587ffc5b5d5: Not found. No reference was found for this input\n", |
| 267 | + "Error enriching sample 1a204a48ec6c94f3881c9d75630d35669bb2df8e: Not found. No reference was found for this input\n", |
| 268 | + "Error enriching sample a13668e3d5de06f0972b7944734e1767ac1fae30: Not found. No reference was found for this input\n", |
| 269 | + "Error enriching sample baa46d40c52f682ab61d80572f98583dc619d589: Not found. No reference was found for this input\n", |
| 270 | + "Error enriching sample ce0e47b9e51d94203f7b4810f7b0a531fb2bbcac: Not found. No reference was found for this input\n", |
| 271 | + "Error enriching sample 7de367c197d43a19d041046d7ce2cbe461057dfc: Not found. No reference was found for this input\n", |
| 272 | + "Error enriching sample 4f2255ed1528e3fcfb353c65bbe696999143e55e: Not found. No reference was found for this input\n", |
| 273 | + "Error enriching sample bc1bda5fcc293a6656a6c76aa1f6acb6b4ccf967: Not found. No reference was found for this input\n", |
| 274 | + "Error enriching sample 908bdd1ebf8556b32090e0fd97d612b84f7e4998: Not found. No reference was found for this input\n", |
| 275 | + "Error enriching sample fe7ea8f8f497a3f3b73eb28ccf5118285612bac1: Not found. No reference was found for this input\n", |
| 276 | + "Error enriching sample faaa72bcd2b370d63e203b7d87e969bd524cba74: Not found. No reference was found for this input\n", |
| 277 | + "Error enriching sample 53db08adbff809611b7b3567734425871acea27c: Not found. No reference was found for this input\n", |
| 278 | + "Found URLs in 4 samples\n", |
| 279 | + "Grouped report written to report.json\n" |
| 280 | + ] |
| 281 | + } |
| 282 | + ], |
171 | 283 | "source": [ |
172 | 284 | "def main():\n", |
173 | 285 | " query_string = QUERY_STRING\n", |
|
247 | 359 | " \n", |
248 | 360 | " minimal_results.append(minimal_data)\n", |
249 | 361 | "\n", |
250 | | - " print(f\"Found URLs in {urls_found_count} samples\")" |
251 | | - ] |
252 | | - }, |
253 | | - { |
254 | | - "cell_type": "markdown", |
255 | | - "id": "3f59c5f7", |
256 | | - "metadata": {}, |
257 | | - "source": [ |
258 | | - "# 7. Results Processing and output\n", |
259 | | - "- Groups samples by the extracted URLs\n", |
260 | | - "- Creates a default group if no URLs are found\n", |
261 | | - "- Builds the final report structure \n", |
262 | | - "- Writes the grouped results to a JSON file\n", |
263 | | - "- Provides summary statistics on the console" |
264 | | - ] |
265 | | - }, |
266 | | - { |
267 | | - "cell_type": "code", |
268 | | - "execution_count": null, |
269 | | - "id": "5680ca67", |
270 | | - "metadata": {}, |
271 | | - "outputs": [], |
272 | | - "source": [ |
273 | | - "url_groups = {}\n", |
274 | | - "for sample in minimal_results:\n", |
275 | | - " for url in sample.get(\"extracted_urls\", []):\n", |
276 | | - " if url not in url_groups:\n", |
277 | | - " url_groups[url] = []\n", |
278 | | - " url_groups[url].append(sample)\n", |
| 362 | + " print(f\"Found URLs in {urls_found_count} samples\")\n", |
279 | 363 | "\n", |
280 | | - "if not url_groups and minimal_results:\n", |
281 | | - " print(\"No URLs found in any samples. Creating a default group for all samples.\")\n", |
282 | | - " default_url = f\"{url_prefix}[no_specific_url_found]\"\n", |
283 | | - " url_groups[default_url] = minimal_results\n", |
| 364 | + " url_groups = {}\n", |
| 365 | + " for sample in minimal_results:\n", |
| 366 | + " for url in sample.get(\"extracted_urls\", []):\n", |
| 367 | + " if url not in url_groups:\n", |
| 368 | + " url_groups[url] = []\n", |
| 369 | + " url_groups[url].append(sample)\n", |
284 | 370 | "\n", |
285 | | - "grouped_output = {\"urls\": []}\n", |
286 | | - "for url, samples in url_groups.items():\n", |
287 | | - " hashes = [sample[\"hashes\"][\"sha1\"] for sample in samples]\n", |
288 | | - " \n", |
289 | | - " grouped_output[\"urls\"].append({\n", |
290 | | - " \"value\": url,\n", |
291 | | - " \"hashes\": hashes,\n", |
292 | | - " \"samples\": samplesđ\n", |
293 | | - " })\n", |
294 | | - "output_file = \"report.json\"\n", |
295 | | - "try:\n", |
296 | | - " with open(output_file, \"w\") as f:\n", |
297 | | - " json.dump(grouped_output, f, indent=2)\n", |
298 | | - " print(f\"Grouped report written to {output_file}\")\n", |
299 | | - "except Exception as e:\n", |
300 | | - " print(\"Error exporting report:\", e)\n", |
| 371 | + " if not url_groups and minimal_results:\n", |
| 372 | + " print(\"No URLs found in any samples. Creating a default group for all samples.\")\n", |
| 373 | + " default_url = f\"{url_prefix}[no_specific_url_found]\"\n", |
| 374 | + " url_groups[default_url] = minimal_results\n", |
| 375 | + "\n", |
| 376 | + " grouped_output = {\"urls\": []}\n", |
| 377 | + " for url, samples in url_groups.items():\n", |
| 378 | + " hashes = [sample[\"hashes\"][\"sha1\"] for sample in samples]\n", |
| 379 | + " \n", |
| 380 | + " grouped_output[\"urls\"].append({\n", |
| 381 | + " \"value\": url,\n", |
| 382 | + " \"hashes\": hashes,\n", |
| 383 | + " \"samples\": samples\n", |
| 384 | + " })\n", |
| 385 | + " output_file = \"report.json\"\n", |
| 386 | + " try:\n", |
| 387 | + " with open(output_file, \"w\") as f:\n", |
| 388 | + " json.dump(grouped_output, f, indent=2)\n", |
| 389 | + " print(f\"Grouped report written to {output_file}\")\n", |
| 390 | + " except Exception as e:\n", |
| 391 | + " print(\"Error exporting report:\", e)\n", |
301 | 392 | "\n", |
302 | 393 | "if __name__ == \"__main__\":\n", |
303 | | - " main()" |
| 394 | + " main()" |
304 | 395 | ] |
305 | 396 | }, |
306 | 397 | { |
307 | 398 | "cell_type": "markdown", |
308 | 399 | "id": "6bee59fe", |
309 | 400 | "metadata": {}, |
310 | 401 | "source": [ |
311 | | - "# 8. Results example" |
| 402 | + "# 7. Results example" |
312 | 403 | ] |
313 | 404 | }, |
314 | 405 | { |
|
547 | 638 | "name": "python3" |
548 | 639 | }, |
549 | 640 | "language_info": { |
| 641 | + "codemirror_mode": { |
| 642 | + "name": "ipython", |
| 643 | + "version": 3 |
| 644 | + }, |
| 645 | + "file_extension": ".py", |
| 646 | + "mimetype": "text/x-python", |
550 | 647 | "name": "python", |
551 | | - "version": "3.x" |
| 648 | + "nbconvert_exporter": "python", |
| 649 | + "pygments_lexer": "ipython3", |
| 650 | + "version": "3.13.0" |
552 | 651 | } |
553 | 652 | }, |
554 | 653 | "nbformat": 4, |
|
0 commit comments