From b6e0c4ce5370ee5d7d1d6f420f1b9f45745cee1d Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Fri, 24 Sep 2021 15:29:23 +0200
Subject: [PATCH] chg: [hashlookup] add new fields such as source, SSDEEP and
 TLSH

---
 misp_modules/modules/expansion/hashlookup.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/misp_modules/modules/expansion/hashlookup.py b/misp_modules/modules/expansion/hashlookup.py
index 7155fb7..984d7b4 100644
--- a/misp_modules/modules/expansion/hashlookup.py
+++ b/misp_modules/modules/expansion/hashlookup.py
@@ -31,8 +31,14 @@ class HashlookupParser():
 
     def parse_hashlookup_information(self):
         hashlookup_object = MISPObject('hashlookup')
+        if 'source' in self.hashlookupresult:
+            hashlookup_object.add_attribute('source', **{'type': 'text', 'value': self.hashlookupresult['source']})
         hashlookup_object.add_attribute('MD5', **{'type': 'md5', 'value': self.hashlookupresult['MD5']})
         hashlookup_object.add_attribute('SHA-1', **{'type': 'sha1', 'value': self.hashlookupresult['SHA-1']})
+        if 'SSDEEP' in self.hashlookupresult:
+            hashlookup_object.add_attribute('SSDEEP', **{'type': 'ssdeep', 'value': self.hashlookupresult['SSDEEP']})
+        if 'TLSH' in self.hashlookupresult:
+            hashlookup_object.add_attribute('TLSH', **{'type': 'tlsh', 'value': self.hashlookupresult['TLSH']})
         if 'FileName' in self.hashlookupresult:
             hashlookup_object.add_attribute('FileName', **{'type': 'filename', 'value': self.hashlookupresult['FileName']})
         if 'FileSize' in self.hashlookupresult: