-
Notifications
You must be signed in to change notification settings - Fork 0
/
file_locations.py
43 lines (32 loc) · 1.71 KB
/
file_locations.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
import datetime
import logging
import os
# Notes: Ross, thank you for this idea!
# MalwareBazaar API URL
mb_url = 'https://mb-api.abuse.ch/api/v1'
# Create datetime for log file
today_ = datetime.datetime.today()
today = today_.strftime('%Y-%m-%d_%H_%M_%S')
# Create log file with datetime value
logfile = os.path.join(os.environ['USERPROFILE'], 'Desktop',
'Python_Manipulated_Files', 'Python_Script_Logs', 'MalwareBazaar_AMP_' + str(today) + '.log')
# Set up logger file
logger = logging.getLogger(__name__)
logger.setLevel(logging.INFO)
formatter = logging.Formatter('%(asctime)s:%(levelname)s:%(message)s')
file_handler = logging.FileHandler(logfile)
file_handler.setFormatter(formatter)
logger.addHandler(file_handler)
# MalwareBazaar output directory
sha_output_files = os.path.join(os.environ['USERPROFILE'], 'Desktop',
'Python_Manipulated_Files', 'MalwareBazaar')
# All MalwareBazaar hashes in one text file
main_mb_df_file = os.path.join(os.environ['USERPROFILE'], 'Desktop',
'Python_Manipulated_Files', 'MalwareBazaar', 'AA_Quarantine_&_Prevent_Install.txt')
# All AMP hashes in one text file
amp_main_file = os.path.join(os.environ['USERPROFILE'], 'Desktop',
'Python_Manipulated_Files', 'MalwareBazaar_Comparison_File', 'comparison.txt')
# URL for dominant Simple Custom Detection List. *** Modify main GUID here***
main_simple_custom_detections_url = 'https://api.amp.cisco.com/v1/file_lists/modify_main_guid_here/files'
# URL for all Simple Custom Detections Lists
all_simple_custom_detections_url = 'https://api.amp.cisco.com/v1/file_lists/simple_custom_detections'