def genObject_TTP(data): from stix.utils import create_id as StixID from stix.ttp import TTP from stix.common.vocabs import IntendedEffect objTTP = TTP() objTTP.idref = None objTTP.title = "Email Emmbedded URL" objTTP.description = "Target Users via Email by adding a malicious URL" objTTP.short_description = "Target Users via Email by adding a malicious URL" objTTP.behavior = genData_Behavior(data) objTTP.related_ttps = None ### _ALLOWED_VALUES = ('Advantage', 'Advantage - Economic', 'Advantage - Military', 'Advantage - Political', 'Theft', 'Theft - Intellectual Property', 'Theft - Credential Theft', 'Theft - Identity Theft', 'Theft - Theft of Proprietary Information', 'Account Takeover', 'Brand Damage', 'Competitive Advantage', 'Degradation of Service', 'Denial and Deception', 'Destruction', 'Disruption', 'Embarrassment', 'Exposure', 'Extortion', 'Fraud', 'Harassment', 'ICS Control', 'Traffic Diversion', 'Unauthorized Access') objTTP.intended_effects = data['source']['stix.ttp.TTP.intended_effects'] # objTTP.resources = None # objTTP.victim_targeting = None # objTTP.information_source = None # objTTP.exploit_targets = None # objTTP.handling = None return (objTTP)