def from_dict(win_handle_dict): if not win_handle_dict: return None win_handle_ = WinHandle() win_handle_.id = UnsignedInteger.from_dict(win_handle_dict.get('id')) win_handle_.name = String.from_dict(win_handle_dict.get('name')) win_handle_.type = String.from_dict(win_handle_dict.get('type')) win_handle_.object_address = UnsignedLong.from_dict(win_handle_dict.get('id')) win_handle_.access_mask = UnsignedLong.from_dict(win_handle_dict.get('access_mask')) win_handle_.pointer_count = UnsignedLong.from_dict(win_handle_dict.get('id')) return win_handle_
def from_dict(file_dict, file_class=None): if not file_dict: return None if not file_class: file_ = File() else: file_ = file_class ObjectProperties.from_dict(file_dict, file_) file_.is_packed = file_dict.get('is_packed') file_.file_name = String.from_dict(file_dict.get('file_name')) file_.file_path = FilePath.from_dict(file_dict.get('file_path')) file_.device_path = String.from_dict(file_dict.get('device_path')) file_.full_path = String.from_dict(file_dict.get('full_path')) file_.file_extension = String.from_dict(file_dict.get('file_extension')) file_.size_in_bytes = UnsignedLong.from_dict(file_dict.get('size_in_bytes')) file_.magic_number = HexBinary.from_dict(file_dict.get('magic_number')) file_.file_format = String.from_dict(file_dict.get('file_format')) file_.hashes = HashList.from_list(file_dict.get('hashes')) file_.extracted_features = ExtractedFeatures.from_dict(file_dict.get('extracted_features')) file_.modified_time = String.from_dict(file_dict.get('modified_time')) file_.accessed_time = String.from_dict(file_dict.get('accessed_time')) file_.created_time = DateTime.from_dict(file_dict.get('created_time')) return file_
def from_dict(driver_dict): if not driver_dict: return None driver_ = WinDriver() driver_.driver_init = UnsignedLong.from_dict(driver_dict.get('driver_init')) driver_.driver_name = String.from_dict(driver_dict.get('driver_name')) driver_.driver_object_address = HexBinary.from_dict(driver_dict.get('driver_object_address')) driver_.driver_start_io = HexBinary.from_dict(driver_dict.get('driver_start_io')) return driver_
def from_dict(stream_dict): if not stream_dict: return None stream_ = Stream() for hash_ in stream_dict.get('hashes',[]): stream_.add(Hash.from_dict(hash_)) stream_.name = String.from_dict(stream_dict.get('name')) stream_.size_in_bytes = UnsignedLong.from_dict(stream_dict.get('size_in_bytes')) return stream_
def from_dict(win_kernel_hook_dict): if not win_kernel_hook_dict: return None win_kernel_hook_ = WinKernelHook() win_kernel_hook_.digital_signature_hooking = DigitalSignature.from_dict(win_kernel_hook_dict.get('digital_signature_hooking')) win_kernel_hook_.digital_signature_hooked = DigitalSignature.from_dict(win_kernel_hook_dict.get('digital_signature_hooked')) win_kernel_hook_.hooked_address = UnsignedLong.from_dict(win_kernel_hook_dict.get('hooked_address')) win_kernel_hook_.hook_description = String.from_dict(win_kernel_hook_dict.get('hook_description')) win_kernel_hook_.hooked_function = String.from_dict(win_kernel_hook_dict.get('hooked_function')) win_kernel_hook_.hooked_module = String.from_dict(win_kernel_hook_dict.get('hooked_module')) win_kernel_hook_.type = String.from_dict(win_kernel_hook_dict.get('type')) return win_kernel_hook_
def from_dict(system_dict, system_class = None): if not system_dict: return None if not system_class: system_ = System() else: system_ = system_class system_.available_physical_memory = UnsignedLong.from_dict(system_dict.get('available_physical_memory')) system_.bios_info = BIOSInfo.from_dict(system_dict.get('bios_info')) system_.date = Date.from_dict(system_dict.get('date')) system_.hostname = String.from_dict(system_dict.get('hostname')) system_.local_time = Time.from_dict(system_dict.get('local_time')) system_.network_interface_list = NetworkInterfaceList.from_list(system_dict.get('network_interface_list')) system_.os = OS.from_dict(system_dict.get('os')) system_.processor = String.from_dict(system_dict.get('processor')) system_.processor_architecture = String.from_dict(system_dict.get('processor_architecture')) system_.system_time = Time.from_dict(system_dict.get('system_time')) system_.timezone_dst = String.from_dict(system_dict.get('timezone_dst')) system_.timezone_standard = String.from_dict(system_dict.get('timezone_standard')) system_.total_physical_memory = UnsignedLong.from_dict(system_dict.get('total_physical_memory')) system_.uptime = Duration.from_dict(system_dict.get('uptime')) system_.username = String.from_dict(system_dict.get('username')) return system_
def from_dict(memory_dict): if not memory_dict: return None memory_ = Memory() memory_.is_injected = memory_dict.get('is_injected') memory_.is_mapped = memory_dict.get('is_mapped') memory_.is_protected = memory_dict.get('is_protected') memory_.hashes = HashList.from_list(memory_dict.get('hashes')) memory_.name = String.from_dict(memory_dict.get('name')) memory_.region_size = UnsignedLong.from_dict(memory_dict.get('region_size')) memory_.region_start_address = HexBinary.from_dict(memory_dict.get('region_start_address')) memory_.extracted_features = None return memory_
def from_dict(file_dict): if not file_dict: return None file_ = File() file_.is_packed = file_dict.get('is_packed') file_.file_name = String.from_dict(file_dict.get('file_name')) file_.file_path = FilePath.from_dict(file_dict.get('file_path')) file_.device_path = String.from_dict(file_dict.get('device_path')) file_.full_path = String.from_dict(file_dict.get('full_path')) file_.file_extension = String.from_dict(file_dict.get('file_extension')) file_.size_in_bytes = UnsignedLong.from_dict(file_dict.get('size_in_bytes')) file_.magic_number = HexBinary.from_dict(file_dict.get('magic_number')) file_.file_format = String.from_dict(file_dict.get('file_format')) file_.hashes = HashList.from_dict(file_dict.get('hashes')) return file_