def createfindingbundlesmetaanalysis(self,object_equivalences=None,action_equivalences=None):
     meta_analysis = MetaAnalysis()
     meta_analysis.object_equivalences =ObjectEquivalenceList()
     if object_equivalences is not None:
         for object_equivalence in object_equivalences :
             meta_analysis.object_equivalences.append(object_equivalence)
     meta_analysis.action_equivalences = ActionEquivalenceList()
     if action_equivalences is not None:
         for action_equivalence in action_equivalences:
             meta_analysis.action_equivalences.append(action_equivalence)
     return meta_analysis
Exemplo n.º 2
0
def merge_findings_bundles(findings_bundles_list):
    '''Merge two or more Malware Subject Findings Bundles'''
    # Merge the meta-analysis
    merged_meta_analysis = None
    meta_analysis_list = [
        x.meta_analysis for x in findings_bundles_list if x.meta_analysis
    ]
    if meta_analysis_list:
        merged_meta_analysis = MetaAnalysis.from_dict(
            merge_entities(meta_analysis_list))
    # Merge the list of bundles
    merged_bundles = list(
        itertools.chain(*[x.bundle for x in findings_bundles_list
                          if x.bundle]))
    # Merge the list of external bundle references
    merged_bundle_external_references = list(
        itertools.chain(*[
            x.bundle_external_reference for x in findings_bundles_list
            if x.bundle_external_reference
        ]))

    # Construct the merged Findings Bundle List entity
    merged_findings_bundle_list = FindingsBundleList()
    if merged_meta_analysis:
        merged_findings_bundle_list.meta_analysis = merged_meta_analysis
    if merged_bundles:
        merged_findings_bundle_list.bundle = merged_bundles
    if merged_bundle_external_references:
        merged_findings_bundle_list.bundle_external_reference = merged_bundle_external_references

    return merged_findings_bundle_list
Exemplo n.º 3
0
def merge_findings_bundles(findings_bundles_list):
    '''Merge two or more Malware Subject Findings Bundles'''
    # Merge the meta-analysis
    merged_meta_analysis = None
    meta_analysis_list = [x.meta_analysis for x in findings_bundles_list if x.meta_analysis]
    if meta_analysis_list:
        merged_meta_analysis = MetaAnalysis.from_dict(merge_entities(meta_analysis_list))
    # Merge the list of bundles
    merged_bundles = list(itertools.chain(*[x.bundle for x in findings_bundles_list if x.bundle]))
    # Merge the list of external bundle references
    merged_bundle_external_references = list(itertools.chain(*[x.bundle_external_reference for x in findings_bundles_list if x.bundle_external_reference]))

    # Construct the merged Findings Bundle List entity
    merged_findings_bundle_list = FindingsBundleList()
    if merged_meta_analysis:
        merged_findings_bundle_list.meta_analysis = merged_meta_analysis
    if merged_bundles:
        merged_findings_bundle_list.bundle = merged_bundles
    if merged_bundle_external_references:
        merged_findings_bundle_list.bundle_external_reference = merged_bundle_external_references

    return merged_findings_bundle_list