Update the path to the malware files and the paths you want to store your malware files into in the python code to separate malware based on their architecture type. Make sure you have your virus total or other virus sharing websites API key ready. We use the API key to retrieve metadata in the format of json for each malware sample, and further parse the json files to transfer our samples to their corresponding folders (intel 80386, ARM, x86,64 and others). Add more achitecture types if needed. Just add more if statements in the parse() to compare the magic value. Email me at [email protected] if you have questions.
The research paper that utilized this separator can be found here.