def addMetadata(self):
"""Generates header for MAEC xml and root components."""
if self.results["target"]["category"] == "file":
id = "cuckoo:%s" % self.results["target"]["file"]["md5"]
elif self.results["target"]["category"] == "url":
id = "cuckoo:%s" % hashlib.md5(self.results["target"]["url"]).hexdigest()
else:
raise CuckooReportError("Unknown target type")
self.m = maec.malwareMetaData(
version = "1.1",
id = id,
author = "Cuckoo Sandbox %s" % self.results["info"]["version"],
comment = "Report created with Cuckoo Sandbox %s automated and open source malware sandbox: http://www.cuckoosandbox.org" % self.results["info"]["version"],
timestamp = datetime_to_iso(self.results["info"]["started"])
)
# Objects
self.objects = maec.objectsType()
self.m.set_objects(self.objects)
# Object Properties
self.properties = maec.objectPropertiesType()
self.m.set_objectProperties(self.properties)
# Relationships
self.relationships = maec.relationshipsType()
self.m.set_relationships(self.relationships)
def addAnalysis(self):
"""Adds analysis header."""
analysis = maec.AnalysisType(
id = "%s:ana:1" % self.idMap["prefix"],
analysis_method = "Dynamic",
start_datetime = datetime_to_iso(self.results["info"]["started"]),
complete_datetime = datetime_to_iso(self.results["info"]["ended"]),
lastupdate_datetime = datetime_to_iso(self.results["info"]["ended"])
)
# Add tool
analysis.set_Tools_Used(self.createTools())
# Add subject
if self.results["target"]["category"] == "file":
analysis.add_Subject(self.createSubjectFile(self.results["target"]["file"]))
elif self.results["target"]["category"] == "url":
analysis.add_Subject(self.createSubjectUrl(self.results["target"]["url"]))
self.analyses.add_Analysis(analysis)
def addAnalysis(self):
"""Adds analysis header."""
analysis = maec.AnalysisType(
id="%s:ana:1" % self.idMap["prefix"],
analysis_method="Dynamic",
start_datetime=datetime_to_iso(self.results["info"]["started"]),
complete_datetime=datetime_to_iso(self.results["info"]["ended"]),
lastupdate_datetime=datetime_to_iso(self.results["info"]["ended"]))
# Add tool
analysis.set_Tools_Used(self.createTools())
# Add subject
if self.results["target"]["category"] == "file":
analysis.add_Subject(
self.createSubjectFile(self.results["target"]["file"]))
elif self.results["target"]["category"] == "url":
analysis.add_Subject(
self.createSubjectUrl(self.results["target"]["url"]))
self.analyses.add_Analysis(analysis)
def test_convert_date(self):
assert_equal("2000-01-01T11:43:35", utils.datetime_to_iso("2000-01-01 11:43:35"))
def test_convert_date(self):
assert_equal("2000-01-01T11:43:35",
utils.datetime_to_iso("2000-01-01 11:43:35"))