TruSTAR WhiteRabbit
This tool clusters Bitcoin (BTC) seed addresses and other threat intelligence data involved in ransomware attacks in order to provide historical trends. Users can visualize daily, weekly, and monthly activity in these clusters and correlate them to infrastructure (IPs, URLs, hashes) used off the blockchain as well as Google trends.
Running WhiteRabbit Locally
- Set up Virtual Environment.
python3 -m venv .venv-whiterabbitsource .venv-whiterabbit/bin/activate- Install Python dependencies.
pip3 install -r requirements.txt- Run WhiteRabbit.
python3 whiterabbit_main.pyLogging
Logging can be configured from
config/logging.conf(Re)compute Clusters
WhiteRabbit runs on
python 3.5.x.- Follow BlockSci instructions (https://citp.github.io/BlockSci/readme.html#quick-setup-using-amazon-ec2) for setting up an EC2 instance to run BlockSci.
- You can disregard the other steps if you only want to experiment or interested in one particular seed address. An easy way is to follow the instructions given by the
CryptoLocker_Analysis.ipynbnotebook. This notebook should live on the same server as BlockSci. - Create a file named
seed_addresses.csvin theimportdirectory. Add the following columns to the csb file:address,malware,first_seen,source. - If you would like to recompute the balances you need a to run the following on the EC2 instance running BlockSci.
python3 compute_clusters_main.py
The working directory for BlockSci is
/home/ubuntu/bitcoin (We noticed that BlockSci works well with an r4.2xlarge instance as recommended by the developers of BlockSci. Make sure you shut down the EC2 instance after you finish computing).- Once clustering is done the script computes their balances and stores them to:
balances/family_balance_cluster_#.csvThese balances are computed at transaction times where their associated Bitcoin Addresses were part of the transaction inputs or outputs. The balance data has the following columns:date,height,balance,usddateis the time of the computed balance,heightis the block height at which we computed the balance,balanceis the balance in Satoshis ( 1 BTC = 1e8 Satoshis),usdis the balance in US Dollars.
![[EXCLUSIVE!!!] CAPMONSTER PRO 2.10.7.0 CRACKED BY ANONYMOOSE](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidHgK2jErCvRhSbjRWkhYjS_dDaHMHbDQAGUUQtqQpFkLTvHXj-yMVCAxcdE4sfrFNhvsI8OHRmBKeEAHAL_L_uqqygf8ADk5gIaf5Wa4Gv-btL_SmIzjbCUonUNtNztvegMLIoRvSF3IA/s72-c/unknown.png)
![BlackBullet 2.4.4 [Cracked]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKc5nEpTlCYYPXm9yIVxxn5rzIxulCJ5VohirlITjYB60tGvzgy1RxoDGThIytgQ-KEQDDNM9phW6aZm_ZI6scZaTnLddrtt8st6EqiYKvOZEF3HLCxt5rH-dDaqdpYEKj1Mmrq7pFpLIh/s72-c/maxresdefault.jpg)
