def from_obj(file_obj, file_class=None):
if not file_obj:
return None
if not file_class:
file_ = File()
else:
file_ = file_class
ObjectProperties.from_obj(file_obj, file_)
file_.is_packed = file_obj.get_is_packed()
file_.file_name = String.from_obj(file_obj.get_File_Name())
file_.file_path = FilePath.from_obj(file_obj.get_File_Path())
file_.device_path = String.from_obj(file_obj.get_Device_Path())
file_.full_path = String.from_obj(file_obj.get_Full_Path())
file_.file_extension = String.from_obj(file_obj.get_File_Extension())
file_.size_in_bytes = UnsignedLong.from_obj(file_obj.get_Size_In_Bytes())
file_.magic_number = HexBinary.from_obj(file_obj.get_Magic_Number())
file_.file_format = String.from_obj(file_obj.get_File_Format())
file_.hashes = HashList.from_obj(file_obj.get_Hashes())
file_.extracted_features = ExtractedFeatures.from_obj(file_obj.get_Extracted_Features())
#TODO: why are there two Strings and one DateTime here?
file_.modified_time = String.from_obj(file_obj.get_Modified_Time())
file_.accessed_time = String.from_obj(file_obj.get_Accessed_Time())
file_.created_time = DateTime.from_obj(file_obj.get_Created_Time())
return file_
def from_obj(memory_obj):
if not memory_obj:
return None
memory_ = Memory()
memory_.is_injected = memory_obj.get_is_injected()
memory_.is_mapped = memory_obj.get_is_mapped()
memory_.is_protected = memory_obj.get_is_protected()
memory_.hashes = HashList.from_obj(memory_obj.get_Hashes())
memory_.name = String.from_obj(memory_obj.get_Name())
memory_.region_size = UnsignedLong.from_obj(memory_obj.get_Region_Size())
memory_.region_start_address = HexBinary.from_obj(memory_obj.get_Region_Start_Address())
memory_.extracted_features = None
return memory_
def from_obj(extracted_string_obj):
if not extracted_string_obj:
return None
extracted_string_ = ExtractedString()
extracted_string_.encoding = VocabString.from_obj(extracted_string_obj.get_Encoding())
extracted_string_.string_value = String.from_obj(extracted_string_obj.get_String_Value())
extracted_string_.byte_string_value = HexBinary.from_obj(extracted_string_obj.get_Byte_String_Value())
extracted_string_.hashes = HashList.from_obj(extracted_string_obj.get_Hashes())
extracted_string_.address = HexBinary.from_obj(extracted_string_obj.get_Address())
extracted_string_.length = PositiveInteger.from_obj(extracted_string_obj.get_Length())
extracted_string_.language = String.from_obj(extracted_string_obj.get_Language())
extracted_string_.english_translation = String.from_obj(extracted_string_obj.get_English_Translation())
return extracted_string_
def from_obj(file_obj):
if not file_obj:
return None
file_ = File()
file_.is_packed = file_obj.get_is_packed()
file_.file_name = String.from_obj(file_obj.get_File_Name())
file_.file_path = FilePath.from_obj(file_obj.get_File_Path())
file_.device_path = String.from_obj(file_obj.get_Device_Path())
file_.full_path = String.from_obj(file_obj.get_Full_Path())
file_.file_extension = String.from_obj(file_obj.get_File_Extension())
file_.size_in_bytes = UnsignedLong.from_obj(file_obj.get_Size_In_Bytes())
file_.magic_number = HexBinary.from_obj(file_obj.get_Magic_Number())
file_.file_format = String.from_obj(file_obj.get_File_Format())
file_.hashes = HashList.from_obj(file_obj.get_Hashes())
return file_
def from_obj(toolinfo_obj, toolinfo=None):
if not toolinfo_obj:
return None
if not toolinfo:
toolinfo = ToolInformation()
toolinfo.id_ = toolinfo_obj.id
toolinfo.idref = toolinfo_obj.idref
toolinfo.name = toolinfo_obj.Name
toolinfo.type_ = [VocabString.from_obj(x) for x in toolinfo_obj.Type]
toolinfo.description = StructuredText.from_obj(toolinfo_obj.Description)
toolinfo.vendor = toolinfo_obj.Vendor
toolinfo.version = toolinfo_obj.Version
toolinfo.service_pack = toolinfo_obj.Service_Pack
toolinfo.tool_hashes = HashList.from_obj(toolinfo_obj.Tool_Hashes)
return toolinfo
def from_obj(toolinfo_obj, tool_class = None):
if not toolinfo_obj:
return None
if not tool_class:
toolinfo = ToolInformation()
else:
toolinfo = tool_class
toolinfo.id_ = toolinfo_obj.get_id()
toolinfo.idref = toolinfo_obj.get_idref()
toolinfo.name = toolinfo_obj.get_Name()
toolinfo.type_ = [ToolType.from_obj(x) for x in toolinfo_obj.get_Type()]
toolinfo.description = StructuredText.from_obj(toolinfo_obj.get_Description())
toolinfo.vendor = toolinfo_obj.get_Vendor()
toolinfo.version = toolinfo_obj.get_Version()
toolinfo.service_pack = toolinfo_obj.get_Service_Pack()
toolinfo.tool_hashes = HashList.from_obj(toolinfo_obj.get_Tool_Hashes())
return toolinfo
def from_obj(toolinfo_obj, toolinfo=None):
if not toolinfo_obj:
return None
if not toolinfo:
toolinfo = ToolInformation()
toolinfo.id_ = toolinfo_obj.id
toolinfo.idref = toolinfo_obj.idref
toolinfo.name = toolinfo_obj.Name
toolinfo.type_ = [VocabString.from_obj(x) for x in toolinfo_obj.Type]
toolinfo.description = StructuredText.from_obj(
toolinfo_obj.Description)
toolinfo.vendor = toolinfo_obj.Vendor
toolinfo.version = toolinfo_obj.Version
toolinfo.service_pack = toolinfo_obj.Service_Pack
toolinfo.tool_hashes = HashList.from_obj(toolinfo_obj.Tool_Hashes)
return toolinfo
def from_obj(extracted_string_obj):
if not extracted_string_obj:
return None
extracted_string_ = ExtractedString()
extracted_string_.encoding = VocabString.from_obj(
extracted_string_obj.get_Encoding())
extracted_string_.string_value = String.from_obj(
extracted_string_obj.get_String_Value())
extracted_string_.byte_string_value = HexBinary.from_obj(
extracted_string_obj.get_Byte_String_Value())
extracted_string_.hashes = HashList.from_obj(
extracted_string_obj.get_Hashes())
extracted_string_.address = HexBinary.from_obj(
extracted_string_obj.get_Address())
extracted_string_.length = PositiveInteger.from_obj(
extracted_string_obj.get_Length())
extracted_string_.language = String.from_obj(
extracted_string_obj.get_Language())
extracted_string_.english_translation = String.from_obj(
extracted_string_obj.get_English_Translation())
return extracted_string_
def from_obj(win_service_obj):
if not win_service_obj:
return None
win_service_ = WinProcess.from_obj(win_service_obj, WinService())
win_service_.service_dll_signature_exists = win_service_obj.get_service_dll_signature_exists()
win_service_.service_dll_signature_verified = win_service_obj.get_service_dll_signature_verified()
if win_service_obj.get_Description_List() is not None:
win_service_.description_list = [String.from_obj(x) for x in win_service_obj.get_Description_List().get_Description()]
win_service_.display_name = String.from_obj(win_service_obj.get_Display_Name())
win_service_.group_name = String.from_obj(win_service_obj.get_Group_Name())
win_service_.service_name = String.from_obj(win_service_obj.get_Service_Name())
win_service_.service_dll = String.from_obj(win_service_obj.get_Service_DLL())
win_service_.service_dll_certificate_issuer = String.from_obj(win_service_obj.get_Service_DLL_Certificate_Issuer())
win_service_.service_dll_certificate_subject = String.from_obj(win_service_obj.get_Service_DLL_Certificate_Subject())
win_service_.service_dll_hashes = HashList.from_obj(win_service_obj.get_Service_DLL_Hashes())
win_service_.service_dll_signature_description = String.from_obj(win_service_obj.get_Service_DLL_Signature_Description())
win_service_.startup_command_line = String.from_obj(win_service_obj.get_Startup_Command_Line())
win_service_.startup_type = String.from_obj(win_service_obj.get_Startup_Type())
win_service_.service_status = String.from_obj(win_service_obj.get_Service_Status())
win_service_.service_type = String.from_obj(win_service_obj.get_Service_Type())
win_service_.started_as = String.from_obj(win_service_obj.get_Started_As())
return win_service_
def from_obj(toolinfo_obj, tool_class=None):
if not toolinfo_obj:
return None
if not tool_class:
toolinfo = ToolInformation()
else:
toolinfo = tool_class
toolinfo.id_ = toolinfo_obj.get_id()
toolinfo.idref = toolinfo_obj.get_idref()
toolinfo.name = toolinfo_obj.get_Name()
toolinfo.type_ = [
ToolType.from_obj(x) for x in toolinfo_obj.get_Type()
]
toolinfo.description = StructuredText.from_obj(
toolinfo_obj.get_Description())
toolinfo.vendor = toolinfo_obj.get_Vendor()
toolinfo.version = toolinfo_obj.get_Version()
toolinfo.service_pack = toolinfo_obj.get_Service_Pack()
toolinfo.tool_hashes = HashList.from_obj(
toolinfo_obj.get_Tool_Hashes())
return toolinfo