Ida batch processes virus share samples to obtain ASM files and bytes files

recently needed asm file and bytes file samples for analysis, see the see snow forum can have IDA batch mode! It smells so good!

without further ado code 

import sys
import os
import subprocess

global idcScriptFileName
global ida32tFilePath
global ida64tFilePath
#global ida32wFilePath
#global ida64wFilePath

# File these feilds with ur own ida file path and the idc file u want to execute!

idcScriptFileName = "batchmod.idc"
ida32tFilePath ='"D:\IDA 7.0\idat.exe"'
ida64tFilePath = "D:\IDA 7.0\idat64.exe"


#the binary file list text
TargetList = "D:\\batch_disassemble\\target_file_list.txt"
TargetFile_object = open(TargetList,"r").readlines()
for eachline in TargetFile_object:
    eachline = eachline.replace('\n','').replace('\r','')
    print(eachline)
    if os.path.exists(eachline):
        tmpExecStr = ida32tFilePath +" -A -c -S" + idcScriptFileName + " " + eachline
        os.system(tmpExecStr) #single process with cmdwindow
print ("All Process have been started!")

Note:

so if you’re using IDA, let’s look at what’s in your IDA directory. Exe, some of them are idaw on the web, for example, I only have idat.exe.

The idc files used in the

code are as follows (I put them in the same directory) 

//by obaby
#include <idc.idc>

static main()
{
	// turn on coagulation of data in the final pass of analysis
	SetShortPrm(INF_AF2, GetShortPrm(INF_AF2) | AF2_DODATA);
	Message("Waiting for the end of the auto analysis...\n");
	Wait();
	Message("\n\n------ Creating the output file.... --------\n");
	auto path = GetIdbPath()[0:-3] + "asm";  //change the data to the length of the file path 
	auto byteFilePath = GetIdbPath()[0:-3] + "bytes";//change the data to the length of the file path 
	auto file = fopen(path,"w");
	auto byteFile = fopen(byteFilePath,"w");
	GenerateFile(OFILE_LST,file,0,-1,0);
	auto addr = MinEA();
	auto i=0;
	for( addr; addr != BADADDR; addr = NextAddr(addr) ){
    		fprintf(byteFile,"%02X",IdbByte(addr));
    		if (i == 15){
        		fprintf(byteFile,"\n");
        		i=0;
    		} else {
        		fprintf(byteFile," ");
        		i++;
    		}
	}
	fclose(file);
	fclose(byteFile);
	Message("All done, exiting...\n");
	Exit(0); // exit to OS, error code 0 - success
}

The file name in the

code is the path to my file that I got myself, as follows: 

import os
file_path='D:\\traindata_1\\bancos'
file_list=[i for i in os.listdir(file_path)]
fw=open('target_file_list.txt','a')
for file in file_list:
    fw.write('%s\\%s\n'%(file_path,file))
fw.close()