Skip to content

Commit

Permalink
Merge pull request #357 from chisholm/malware_analysis_result
Browse files Browse the repository at this point in the history
Update malware-analysis SDO's av_result property
  • Loading branch information
clenk authored Mar 11, 2020
2 parents bdf7cab + d2bff4d commit 33fb314
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 3 deletions.
3 changes: 2 additions & 1 deletion stix2/test/v21/test_malware_analysis.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@
"submitted": "2018-11-23T06:45:55.747Z",
"analysis_started": "2018-11-29T07:30:03.895Z",
"analysis_ended": "2018-11-29T08:30:03.895Z",
"av_result": "malicious",
"result_name": "MegaRansom",
"result": "malicious",
"analysis_sco_refs": [
"file--fc27e371-6c88-4c5c-868a-4dda0e60b167",
"url--6f7a74cd-8eb2-4b88-a4da-aa878e50ac2e"
Expand Down
5 changes: 3 additions & 2 deletions stix2/v21/sdo.py
Original file line number Diff line number Diff line change
Expand Up @@ -524,15 +524,16 @@ class MalwareAnalysis(STIXDomainObject):
('submitted', TimestampProperty()),
('analysis_started', TimestampProperty()),
('analysis_ended', TimestampProperty()),
('av_result', StringProperty()),
('result_name', StringProperty()),
('result', StringProperty()),
('analysis_sco_refs', ListProperty(ReferenceProperty(valid_types="SCO", spec_version='2.1'))),
('sample_ref', ReferenceProperty(valid_types="SCO", spec_version="2.1")),
])

def _check_object_constraints(self):
super(MalwareAnalysis, self)._check_object_constraints()

self._check_at_least_one_property(["av_result", "analysis_sco_refs"])
self._check_at_least_one_property(["result", "analysis_sco_refs"])


class Note(STIXDomainObject):
Expand Down

0 comments on commit 33fb314

Please sign in to comment.