Пример #1
0
    def addMetadata(self):
        """Generates header for MAEC xml and root components."""
        if self.results["target"]["category"] == "file":
            id = "cuckoo:%s" % self.results["target"]["file"]["md5"]
        elif self.results["target"]["category"] == "url":
            id = "cuckoo:%s" % hashlib.md5(self.results["target"]["url"]).hexdigest()
        else:
            raise CuckooReportError("Unknown target type")

        self.m = maec.malwareMetaData(
            version = "1.1",
            id = id,
            author = "Cuckoo Sandbox %s" % self.results["info"]["version"],
            comment = "Report created with Cuckoo Sandbox %s automated and open source malware sandbox: http://www.cuckoosandbox.org" % self.results["info"]["version"],
            timestamp = datetime_to_iso(self.results["info"]["started"])
        )
        # Objects
        self.objects = maec.objectsType()
        self.m.set_objects(self.objects)
        # Object Properties
        self.properties = maec.objectPropertiesType()
        self.m.set_objectProperties(self.properties)
        # Relationships
        self.relationships = maec.relationshipsType()
        self.m.set_relationships(self.relationships)
Пример #2
0
    def addMetadata(self):
        """Generates header for MAEC xml and root components."""
        if self.results["target"]["category"] == "file":
            id = "cuckoo:%s" % self.results["target"]["file"]["md5"]
        elif self.results["target"]["category"] == "url":
            id = "cuckoo:%s" % hashlib.md5(
                self.results["target"]["url"]).hexdigest()
        else:
            raise CuckooReportError("Unknown target type")

        self.m = maec.malwareMetaData(
            version="1.1",
            id=id,
            author="Cuckoo Sandbox %s" % self.results["info"]["version"],
            comment=
            "Report created with Cuckoo Sandbox %s automated and open source malware sandbox: http://www.cuckoosandbox.org"
            % self.results["info"]["version"],
            timestamp=datetime_to_iso(self.results["info"]["started"]))
        # Objects
        self.objects = maec.objectsType()
        self.m.set_objects(self.objects)
        # Object Properties
        self.properties = maec.objectPropertiesType()
        self.m.set_objectProperties(self.properties)
        # Relationships
        self.relationships = maec.relationshipsType()
        self.m.set_relationships(self.relationships)
Пример #3
0
 def addMetadata(self):
     """Generates header for MAEC xml and root components."""
     self.m = maec.malwareMetaData(
         version = "1.1",
         id = "cuckoo:%s" % self.results['file']['md5'],
         author = "Cuckoo Sandbox %s" % self.results["info"]["version"],
         comment = "Report created with Cuckoo Sandbox %s automated and open source malware sandbox: http://www.cuckoosandbox.org" % self.results["info"]["version"],
         timestamp = datetime_to_iso(self.results["info"]["started"])
     )
     # Objects
     self.objects = maec.objectsType()
     self.m.set_objects(self.objects)
     # Object Properties
     self.properties = maec.objectPropertiesType()
     self.m.set_objectProperties(self.properties)
     # Relationships
     self.relationships = maec.relationshipsType()
     self.m.set_relationships(self.relationships)
Пример #4
0
 def addMetadata(self):
     """Generates header for MAEC xml and root components."""
     self.m = maec.malwareMetaData(
         version="1.1",
         id="cuckoo:%s" % self.results['file']['md5'],
         author="Cuckoo Sandbox %s" % self.results["info"]["version"],
         comment=
         "Report created with Cuckoo Sandbox %s automated and open source malware sandbox: http://www.cuckoosandbox.org"
         % self.results["info"]["version"],
         timestamp=datetime_to_iso(self.results["info"]["started"]))
     # Objects
     self.objects = maec.objectsType()
     self.m.set_objects(self.objects)
     # Object Properties
     self.properties = maec.objectPropertiesType()
     self.m.set_objectProperties(self.properties)
     # Relationships
     self.relationships = maec.relationshipsType()
     self.m.set_relationships(self.relationships)