mirror of https://github.com/MISP/misp-modules
Fixed checking for submission_names in VT JSON
parent
d7b33532eb
commit
20fd05a231
|
@ -101,12 +101,6 @@ def findAll(data, keys):
|
||||||
|
|
||||||
return a
|
return a
|
||||||
|
|
||||||
def isset(d, key):
|
|
||||||
if key in d:
|
|
||||||
if d[key] not in [None, '', ' ']:
|
|
||||||
return True
|
|
||||||
return False
|
|
||||||
|
|
||||||
def getMoreInfo(req, key):
|
def getMoreInfo(req, key):
|
||||||
global limit
|
global limit
|
||||||
r = []
|
r = []
|
||||||
|
@ -136,20 +130,16 @@ def getMoreInfo(req, key):
|
||||||
params = {"hash":hsh, "apikey":key})
|
params = {"hash":hsh, "apikey":key})
|
||||||
|
|
||||||
malsample = sample.content
|
malsample = sample.content
|
||||||
if isset(data, "submission_names"):
|
|
||||||
|
# It is possible for VT to not give us any submission names
|
||||||
|
if "submission_names" in data:
|
||||||
r.append({"types":["malware-sample"],
|
r.append({"types":["malware-sample"],
|
||||||
"categories":["Payload delivery"],
|
"categories":["Payload delivery"],
|
||||||
"values":data["submission_names"],
|
"values":data["submission_names"],
|
||||||
"data": str(base64.b64encode(malsample), 'utf-8')
|
"data": str(base64.b64encode(malsample), 'utf-8')
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
else:
|
|
||||||
r.append({"types":["malware-sample"],
|
|
||||||
"categories":["Payload delivery"],
|
|
||||||
"values":data["submission_names"],
|
|
||||||
"data": str(base64.b64encode(malsample), 'utf-8')
|
|
||||||
}
|
|
||||||
)
|
|
||||||
return r
|
return r
|
||||||
|
|
||||||
def introspection():
|
def introspection():
|
||||||
|
|
Loading…
Reference in New Issue