def test_dbot_score():
"""
Given:
- response from MalwareBazaar on hash file
When:
- Running a file command
Then:
- Make sure a CommandResult containing DbotScore with a BAD score and a relationship is returned.
"""
mock_response = util_load_json('test_data/response_data_dbot_score.json')
result = MalwareBazaar.file_process(
"094fd325049b8a9cf6d3e5ef2a6d4cc6a567d7d49c35f8bb8dd9e3c6acf3d78d",
DBotScoreReliability.A, {}, mock_response)
indicator: Common.File = result.indicator
assert indicator.dbot_score.score == 3
assert indicator.relationships[0]._name == 'indicator-of'
assert indicator.relationships[
0]._entity_a == '094fd325049b8a9cf6d3e5ef2a6d4cc6a567d7d49c35f8bb8dd9e3c6acf3d78d'
assert indicator.relationships[
0]._entity_b_type == FeedIndicatorType.indicator_type_by_server_version(
"STIX "
"Malware")
def test_ip_to_indicator(ip, indicator_type):
assert FeedIndicatorType.ip_to_indicator_type(ip) is indicator_type