예제 #1
0
 def from_dict(candidate_indicator_collection_dict):
     if not candidate_indicator_collection_dict:
         return None
     candidate_indicator_collection_ = BaseCollection.from_dict(candidate_indicator_collection_dict, CandidateIndicatorCollection())
     candidate_indicator_collection_.id = candidate_indicator_collection_dict.get('id')
     candidate_indicator_collection_.candidate_indicator_list = CandidateIndicatorList.from_list(candidate_indicator_collection_dict.get('candidate_indicator_list'))
     return candidate_indicator_collection_
예제 #2
0
 def from_dict(bundle_dict):
     if not bundle_dict:
         return None
     bundle_ = Bundle(None, None)
     bundle_.id = bundle_dict.get('id')
     bundle_.schema_version = bundle_dict.get('schema_version')
     bundle_.defined_subject = bundle_dict.get('defined_subject')
     bundle_.content_type = bundle_dict.get('content_type')
     bundle_.timestamp = datetime.datetime.strptime(bundle_dict.get('timestamp'), "%Y-%m-%dT%H:%M:%S.%f")
     bundle_.malware_instance_object_attributes = Object.from_dict(bundle_dict.get('malware_instance_object_attributes'))
     bundle_.av_classifications = AVClassifications.from_list(bundle_dict.get('av_classifications'))
     bundle_.process_tree = ProcessTree.from_dict(bundle_dict.get('process_tree'))
     bundle_.behaviors = BehaviorList.from_list(bundle_dict.get('behaviors'))
     bundle_.actions = ActionList.from_list(bundle_dict.get('actions'))
     bundle_.candidate_indicators = CandidateIndicatorList.from_list(bundle_dict.get('candidate_indicators'))
     bundle_.collections = Collections.from_dict(bundle_dict.get('collections'))
     return bundle_
예제 #3
0
 def from_dict(bundle_dict):
     if not bundle_dict:
         return None
     bundle_ = Bundle(None, None)
     bundle_.id = bundle_dict.get("id")
     bundle_.schema_version = bundle_dict.get("schema_version")
     bundle_.defined_subject = bundle_dict.get("defined_subject")
     bundle_.content_type = bundle_dict.get("content_type")
     bundle_.timestamp = datetime.datetime.strptime(bundle_dict.get("timestamp"), "%Y-%m-%dT%H:%M:%S.%f")
     bundle_.malware_instance_object_attributes = Object.from_dict(
         bundle_dict.get("malware_instance_object_attributes")
     )
     bundle_.av_classifications = AVClassifications.from_list(bundle_dict.get("av_classifications"))
     bundle_.process_tree = ProcessTree.from_dict(bundle_dict.get("process_tree"))
     bundle_.behaviors = BehaviorList.from_list(bundle_dict.get("behaviors", []))
     bundle_.capabilities = CapabilityList.from_dict(bundle_dict.get("capabilities"))
     bundle_.actions = ActionList.from_list(bundle_dict.get("actions", []))
     bundle_.objects = ObjectList.from_list(bundle_dict.get("objects", []))
     bundle_.candidate_indicators = CandidateIndicatorList.from_list(bundle_dict.get("candidate_indicators", []))
     bundle_.collections = Collections.from_dict(bundle_dict.get("collections"))
     return bundle_