def addMetadata(self): """Generates header for MAEC xml and root components.""" if self.results["target"]["category"] == "file": id = "cuckoo:%s" % self.results["target"]["file"]["md5"] elif self.results["target"]["category"] == "url": id = "cuckoo:%s" % hashlib.md5(self.results["target"]["url"]).hexdigest() else: raise CuckooReportError("Unknown target type") self.m = maec.malwareMetaData( version = "1.1", id = id, author = "Cuckoo Sandbox %s" % self.results["info"]["version"], comment = "Report created with Cuckoo Sandbox %s automated and open source malware sandbox: http://www.cuckoosandbox.org" % self.results["info"]["version"], timestamp = datetime_to_iso(self.results["info"]["started"]) ) # Objects self.objects = maec.objectsType() self.m.set_objects(self.objects) # Object Properties self.properties = maec.objectPropertiesType() self.m.set_objectProperties(self.properties) # Relationships self.relationships = maec.relationshipsType() self.m.set_relationships(self.relationships)
def addAnalysis(self): """Adds analysis header.""" analysis = maec.AnalysisType( id = "%s:ana:1" % self.idMap["prefix"], analysis_method = "Dynamic", start_datetime = datetime_to_iso(self.results["info"]["started"]), complete_datetime = datetime_to_iso(self.results["info"]["ended"]), lastupdate_datetime = datetime_to_iso(self.results["info"]["ended"]) ) # Add tool analysis.set_Tools_Used(self.createTools()) # Add subject if self.results["target"]["category"] == "file": analysis.add_Subject(self.createSubjectFile(self.results["target"]["file"])) elif self.results["target"]["category"] == "url": analysis.add_Subject(self.createSubjectUrl(self.results["target"]["url"])) self.analyses.add_Analysis(analysis)
def addAnalysis(self): """Adds analysis header.""" analysis = maec.AnalysisType( id="%s:ana:1" % self.idMap["prefix"], analysis_method="Dynamic", start_datetime=datetime_to_iso(self.results["info"]["started"]), complete_datetime=datetime_to_iso(self.results["info"]["ended"]), lastupdate_datetime=datetime_to_iso(self.results["info"]["ended"])) # Add tool analysis.set_Tools_Used(self.createTools()) # Add subject if self.results["target"]["category"] == "file": analysis.add_Subject( self.createSubjectFile(self.results["target"]["file"])) elif self.results["target"]["category"] == "url": analysis.add_Subject( self.createSubjectUrl(self.results["target"]["url"])) self.analyses.add_Analysis(analysis)
def test_convert_date(self): assert_equal("2000-01-01T11:43:35", utils.datetime_to_iso("2000-01-01 11:43:35"))