def from_obj(bundle_obj):
if not bundle_obj:
return None
bundle_ = Bundle(None, None)
bundle_.id = bundle_obj.get_id()
bundle_.schema_version = bundle_obj.get_schema_version()
bundle_.defined_subject = bundle_obj.get_defined_subject()
bundle_.content_type = bundle_obj.get_content_type()
bundle_.timestamp = bundle_obj.get_timestamp()
bundle_.malware_instance_object_attributes = Object.from_obj(
bundle_obj.get_Malware_Instance_Object_Attributes()
)
if bundle_obj.get_AV_Classifications() is not None:
bundle_.av_classifications = AVClassifications.from_obj(bundle_obj.get_AV_Classifications())
bundle_.process_tree = ProcessTree.from_obj(bundle_obj.get_Process_Tree())
if bundle_obj.get_Behaviors() is not None:
bundle_.behaviors = BehaviorList.from_obj(bundle_obj.get_Behaviors())
if bundle_obj.get_Capabilities() is not None:
bundle_.capabilities = CapabilityList.from_obj(bundle_obj.get_Capabilities())
if bundle_obj.get_Actions() is not None:
bundle_.actions = ActionList.from_obj(bundle_obj.get_Actions())
if bundle_obj.get_Objects() is not None:
bundle_.objects = ObjectList.from_obj(bundle_obj.get_Objects())
if bundle_obj.get_Candidate_Indicators() is not None:
bundle_.candidate_indicators = CandidateIndicatorList.from_obj(bundle_obj.get_Candidate_Indicators())
bundle_.collections = Collections.from_obj(bundle_obj.get_Collections())
return bundle_
def from_obj(candidate_indicator_collection_obj):
if not candidate_indicator_collection_obj:
return None
candidate_indicator_collection_ = BaseCollection.from_obj(candidate_indicator_collection_obj, CandidateIndicatorCollection())
candidate_indicator_collection_.id = candidate_indicator_collection_obj.get_id()
candidate_indicator_collection_.candidate_indicator_list = CandidateIndicatorList.from_obj(candidate_indicator_collection_obj.get_Candidate_Indicator_List())
return candidate_indicator_collection_