Ejemplo n.º 1
0
 def from_obj(mal_conf_param_obj):
     if not mal_conf_param_obj:
         return None
     mal_conf_param_ = MalwareConfigurationParameter()
     mal_conf_param_.name = VocabString.from_obj(mal_conf_param_obj.get_Name())
     if mal_conf_param_obj.get_Value(): mal_conf_param_.value = mal_conf_param_obj.get_Value()
     return mal_conf_param_
Ejemplo n.º 2
0
 def from_obj(malware_subject_relationship_obj):
     if not malware_subject_relationship_obj:
         return None
     malware_subject_relationship_ = MalwareSubjectRelationship()
     malware_subject_relationship_.type = VocabString.from_obj(malware_subject_relationship_obj.get_Type())
     malware_subject_relationship_.malware_subject_references = [MalwareSubjectReference.from_obj(x) for x in malware_subject_relationship_obj.get_Malware_Subject_Reference()]
     return malware_subject_relationship_
Ejemplo n.º 3
0
 def from_obj(capability_property_obj):
     if not capability_property_obj:
         return None
     capability_property_ = CapabilityProperty()
     capability_property_.name = VocabString.from_obj(capability_property_obj.get_Name())
     capability_property_.value = String.from_obj(capability_property_obj.get_Value())
     return capability_property_
Ejemplo n.º 4
0
 def from_obj(action_argument_obj):
     if not action_argument_obj:
         return None
     action_argument_ = ActionArgument()
     action_argument_.argument_name = VocabString.from_obj(action_argument_obj.get_Argument_Name())
     action_argument_.argument_value = action_argument_obj.get_Argument_Value()
     return action_argument_
Ejemplo n.º 5
0
 def from_obj(action_relationship_obj):
     if not action_relationship_obj:
         return None
     action_relationship_ = ActionRelationship()
     action_relationship_.type = VocabString.from_obj(action_relationship_obj.Type)
     action_relationship_.action_references = [ActionReference.from_obj(x) for x in action_relationship_obj.Action_Reference]
     return action_relationship_
Ejemplo n.º 6
0
 def from_obj(action_relationship_obj):
     if not action_relationship_obj:
         return None
     action_relationship_ = ActionRelationship()
     action_relationship_.type = VocabString.from_obj(action_relationship_obj.get_Type())
     action_relationship_.action_references = [ActionReference.from_obj(x) for x in action_relationship_obj.get_Action_Reference()]
     return action_relationship_
Ejemplo n.º 7
0
 def from_obj(mal_binary_obfusc_alg_obj):
     if not mal_binary_obfusc_alg_obj:
         return None
     mal_binary_obfusc_alg_ = MalwareConfigurationObfuscationAlgorithm()
     mal_binary_obfusc_alg_.ordinal_position = mal_binary_obfusc_alg_obj.get_ordinal_position()
     mal_binary_obfusc_alg_.key = mal_binary_obfusc_alg_obj.get_Key()
     mal_binary_obfusc_alg_.algorithm_name = VocabString.from_obj(mal_binary_obfusc_alg_obj.get_Algorithm_name())
     return mal_binary_obfusc_alg_
Ejemplo n.º 8
0
 def from_obj(malware_entity_obj):
     if not malware_entity_obj:
         return None
     malware_entity_ = MalwareEntity()
     malware_entity_.type =  VocabString.from_obj(malware_entity_obj.get_Type())
     malware_entity_.name = malware_entity_obj.get_Name()
     malware_entity_.description = malware_entity_obj.get_Description()
     return malware_entity_
 def from_obj(measure_source_obj):
     if not measure_source_obj:
         return None
     measure_source_ = MeasureSource()
     measure_source_.class_ = measure_source_obj.get_class()
     measure_source_.source_type = measure_source_obj.get_source_type()
     measure_source_.name = measure_source_obj.get_name()
     measure_source_.information_source_type = VocabString.from_obj(measure_source_obj.get_Information_Source_Type())
     measure_source_.tool_type = VocabString.from_obj(measure_source_obj.get_Tool_Type())
     measure_source_.description = StructuredText.from_obj(measure_source_obj.get_Description())
     measure_source_.contributors = Personnel.from_obj(measure_source_obj.get_Contributors())
     measure_source_.time = Time.from_obj(measure_source_obj.get_Time())
     measure_source_.tools = ToolInformationList.from_obj(measure_source_obj.get_Tools())
     measure_source_.platform = None #TODO: add support
     measure_source_.system = ObjectProperties.from_obj(measure_source_obj.get_System())
     measure_source_.instance = ObjectProperties.from_obj(measure_source_obj.get_Instance())
     return measure_source_
Ejemplo n.º 10
0
 def from_obj(capability_rel_obj):
     if not capability_rel_obj:
         return None
     capability_rel_ = CapabilityRelationship()
     capability_rel_.relationship_type = VocabString.from_obj(capability_rel_obj.get_Relationship_Type())
     if capability_rel_obj.get_Capability_Reference():
         capability_rel_.capability_reference = [CapabilityReference.from_obj(x) for x in capability_rel_obj.get_Capability_Reference()]
     return capability_rel_
Ejemplo n.º 11
0
 def from_obj(grouping_relationship_obj):
     if not grouping_relationship_obj:
         return None
     grouping_relationship_ = GroupingRelationship()
     grouping_relationship_.type = VocabString.from_obj(grouping_relationship_obj.get_Type())
     grouping_relationship_.malware_family_name = grouping_relationship_obj.get_Malware_Family_Name()
     grouping_relationship_.malware_toolkit_name = grouping_relationship_obj.get_Malware_Toolkit_Name()
     grouping_relationship_.clustering_metadata = ClusteringMetadata.from_obj(grouping_relationship_obj.get_Clustering_Metadata())
     return grouping_relationship_
Ejemplo n.º 12
0
    def from_obj(relobj_obj):
        if not relobj_obj:
            return None

        relobj = RelatedObject()
        Object.from_obj(relobj_obj, relobj)
        relobj.relationship = VocabString.from_obj(relobj_obj.Relationship)

        if relobj.idref:
            relobj._inline = True

        return relobj
Ejemplo n.º 13
0
    def from_obj(relobj_obj):
        if not relobj_obj:
            return None

        relobj = RelatedObject()
        Object.from_obj(relobj_obj, relobj)
        relobj.relationship = VocabString.from_obj(relobj_obj.Relationship)

        if relobj.idref:
            relobj._inline = True

        return relobj
Ejemplo n.º 14
0
 def from_obj(capability_objective_obj):
     if not capability_objective_obj:
         return None
     capability_objective_ = CapabilityObjective()
     if capability_objective_obj.get_id(): capability_objective_.id_ = capability_objective_obj.get_id()
     capability_objective_.name = VocabString.from_obj(capability_objective_obj.get_Name())
     capability_objective_.description = capability_objective_obj.get_Description()
     if capability_objective_obj.get_Property(): 
         capability_objective_.property = [CapabilityProperty.from_obj(x) for x in capability_objective_obj.get_Property()]
     if capability_objective_obj.get_Behavior_Reference(): 
         capability_objective_.behavior_reference = [BehaviorReference.from_obj(x) for x in capability_objective_obj.get_Behavior_Reference()]
     if capability_objective_obj.get_Relationship(): 
         capability_objective_.relationship = [CapabilityObjectiveRelationship.from_obj(x) for x in capability_objective_obj.get_Relationship()]
     return capability_objective_
Ejemplo n.º 15
0
 def from_obj(action_obj, action_cls = None):
     if not action_obj:
         return None
     if action_cls == None:
         action_cls = Action()
     action_ = action_cls
     action_.id = action_obj.get_id()
     action_.idref = action_obj.get_idref()
     action_.ordinal_position = action_obj.get_ordinal_position()
     action_.action_status = action_obj.get_action_status()
     action_.context = action_obj.get_context()
     action_.timestamp = action_obj.get_timestamp()
     action_.type = VocabString.from_obj(action_obj.get_Type())
     action_.name = VocabString.from_obj(action_obj.get_Name())
     action_.description = StructuredText.from_obj(action_obj.get_Description())
     if action_obj.get_Action_Arguments() is not None: action_.action_arguments = ActionArguments.from_obj(action_obj.get_Action_Arguments())
     action_.discovery_method = MeasureSource.from_obj(action_obj.get_Discovery_Method())
     if action_obj.get_Associated_Objects() is not None : action_.associated_objects = AssociatedObjects.from_obj(action_obj.get_Associated_Objects())
     if action_obj.get_Relationships() is not None : action_.relationships = ActionRelationships.from_obj(action_obj.get_Relationships())
     #action_.frequency = Frequency.from_dict(action_dict.get('frequency')) #TODO: add support
     if action_obj.get_Action_Aliases() is not None :
         action_.action_aliases = action_obj.get_Action_Aliases().get_Action_Alias()
     return action_
Ejemplo n.º 16
0
 def from_obj(candidate_indicator_obj):
     if not candidate_indicator_obj:
         return None
     candidate_indicator_ = CandidateIndicator()
     candidate_indicator_.id = candidate_indicator_obj.get_id()
     candidate_indicator_.creation_datetime = candidate_indicator_obj.get_creation_datetime()
     candidate_indicator_.version = candidate_indicator_obj.get_version()
     candidate_indicator_.importance = VocabString.from_obj(candidate_indicator_obj.get_Importance())
     candidate_indicator_.numeric_importance = candidate_indicator_obj.get_Numeric_Importance()
     candidate_indicator_.author = candidate_indicator_obj.get_Author()
     candidate_indicator_.description = candidate_indicator_obj.get_Description()
     candidate_indicator_.malware_entity = MalwareEntity.from_obj(candidate_indicator_obj.get_Malware_Entity())
     candidate_indicator_.composition = CandidateIndicatorComposition.from_obj(candidate_indicator_obj.get_Composition())
     return candidate_indicator_
    def from_obj(extracted_string_obj):
        if not extracted_string_obj:
            return None

        extracted_string_ = ExtractedString()
        extracted_string_.encoding = VocabString.from_obj(extracted_string_obj.get_Encoding())
        extracted_string_.string_value = String.from_obj(extracted_string_obj.get_String_Value())
        extracted_string_.byte_string_value = HexBinary.from_obj(extracted_string_obj.get_Byte_String_Value())
        extracted_string_.hashes = HashList.from_obj(extracted_string_obj.get_Hashes())
        extracted_string_.address = HexBinary.from_obj(extracted_string_obj.get_Address())
        extracted_string_.length = PositiveInteger.from_obj(extracted_string_obj.get_Length())
        extracted_string_.language = String.from_obj(extracted_string_obj.get_Language())
        extracted_string_.english_translation = String.from_obj(extracted_string_obj.get_English_Translation())

        return extracted_string_
Ejemplo n.º 18
0
 def from_obj(malware_subject_obj):
     if not malware_subject_obj:
         return None
     malware_subject_ = MalwareSubject(None)
     malware_subject_.id = malware_subject_obj.get_id()
     malware_subject_.malware_instance_object_attributes = Object.from_obj(malware_subject_obj.get_Malware_Instance_Object_Attributes())
     malware_subject_.minor_variants = MinorVariants.from_obj(malware_subject_obj.get_Minor_Variants())
     malware_subject_.configuration_details = MalwareConfigurationDetails.from_obj(malware_subject_obj.get_Configuration_Details())
     malware_subject_.development_environment = MalwareDevelopmentEnvironment.from_obj(malware_subject_obj.get_Development_Environment())
     malware_subject_.field_data = None #TODO: add support
     malware_subject_.analyses = Analyses.from_obj(malware_subject_obj.get_Analyses())
     malware_subject_.findings_bundles = FindingsBundleList.from_obj(malware_subject_obj.get_Findings_Bundles())
     malware_subject_.relationships = MalwareSubjectRelationshipList.from_obj(malware_subject_obj.get_Relationships())
     if malware_subject_obj.get_Label():
         malware_subject_.label = [VocabString.from_obj(x) for x in malware_subject_obj.get_Label()]
     if malware_subject_obj.get_Compatible_Platform():
         malware_subject_.compatible_platform = [PlatformSpecification.from_obj(x) for x in malware_subject_obj.get_Compatible_Platform()]
     return malware_subject_
Ejemplo n.º 19
0
    def from_obj(toolinfo_obj, toolinfo=None):
        if not toolinfo_obj:
            return None

        if not toolinfo:
            toolinfo = ToolInformation()

        toolinfo.id_ = toolinfo_obj.id
        toolinfo.idref = toolinfo_obj.idref
        toolinfo.name = toolinfo_obj.Name
        toolinfo.type_ = [VocabString.from_obj(x) for x in toolinfo_obj.Type]
        toolinfo.description = StructuredText.from_obj(toolinfo_obj.Description)

        toolinfo.vendor = toolinfo_obj.Vendor
        toolinfo.version = toolinfo_obj.Version
        toolinfo.service_pack = toolinfo_obj.Service_Pack

        toolinfo.tool_hashes = HashList.from_obj(toolinfo_obj.Tool_Hashes)

        return toolinfo
Ejemplo n.º 20
0
    def from_obj(toolinfo_obj, toolinfo=None):
        if not toolinfo_obj:
            return None

        if not toolinfo:
            toolinfo = ToolInformation()

        toolinfo.id_ = toolinfo_obj.id
        toolinfo.idref = toolinfo_obj.idref
        toolinfo.name = toolinfo_obj.Name
        toolinfo.type_ = [VocabString.from_obj(x) for x in toolinfo_obj.Type]
        toolinfo.description = StructuredText.from_obj(
            toolinfo_obj.Description)

        toolinfo.vendor = toolinfo_obj.Vendor
        toolinfo.version = toolinfo_obj.Version
        toolinfo.service_pack = toolinfo_obj.Service_Pack

        toolinfo.tool_hashes = HashList.from_obj(toolinfo_obj.Tool_Hashes)

        return toolinfo
Ejemplo n.º 21
0
    def from_obj(extracted_string_obj):
        if not extracted_string_obj:
            return None

        extracted_string_ = ExtractedString()
        extracted_string_.encoding = VocabString.from_obj(
            extracted_string_obj.get_Encoding())
        extracted_string_.string_value = String.from_obj(
            extracted_string_obj.get_String_Value())
        extracted_string_.byte_string_value = HexBinary.from_obj(
            extracted_string_obj.get_Byte_String_Value())
        extracted_string_.hashes = HashList.from_obj(
            extracted_string_obj.get_Hashes())
        extracted_string_.address = HexBinary.from_obj(
            extracted_string_obj.get_Address())
        extracted_string_.length = PositiveInteger.from_obj(
            extracted_string_obj.get_Length())
        extracted_string_.language = String.from_obj(
            extracted_string_obj.get_Language())
        extracted_string_.english_translation = String.from_obj(
            extracted_string_obj.get_English_Translation())

        return extracted_string_
Ejemplo n.º 22
0
 def from_obj(object_obj):
     if not object_obj:
         return None
     obj = Object.from_obj(object_obj, AssociatedObject())
     obj.association_type_ = VocabString.from_obj(object_obj.get_Association_Type())
     return obj