/*
* CrowdStrike API Specification
*
* Use this API specification as a reference for the API endpoints you can use to interact with your Falcon environment. These endpoints support authentication via OAuth2 and interact with detections and network containment. For detailed usage guides and examples, see our [documentation inside the Falcon console](https://falcon.crowdstrike.com/support/documentation). To use the APIs described below, combine the base URL with the path shown for each API endpoint. For commercial cloud customers, your base URL is `https://api.crowdstrike.com`. Each API endpoint requires authorization via an OAuth2 token. Your first API request should retrieve an OAuth2 token using the `oauth2/token` endpoint, such as `https://api.crowdstrike.com/oauth2/token`. For subsequent requests, include the OAuth2 token in an HTTP authorization header. Tokens expire after 30 minutes, after which you should make a new token request to continue making API requests.
*
* The version of the OpenAPI document: rolling
*
* Generated by: https://openapi-generator.tech
*/
use crate::models;
/// DomainMalwareDocument : JSON definition of a Malware, also known as a Threat
#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
pub struct DomainMalwareDocument {
#[serde(rename = "actors_count", skip_serializing_if = "Option::is_none")]
pub actors_count: Option<i64>,
/// All the Systems affected (i.e AWS, Lambda)
#[serde(rename = "all_systems", skip_serializing_if = "Option::is_none")]
pub all_systems: Option<Vec<String>>,
/// All the actors related to this Malware
#[serde(rename = "associated_actors", skip_serializing_if = "Option::is_none")]
pub associated_actors: Option<Vec<models::DomainDenormalizedAdversaryReference>>,
#[serde(rename = "capabilities", skip_serializing_if = "Option::is_none")]
pub capabilities: Option<Vec<String>>,
/// Malware's community identifiers
#[serde(
rename = "community_identifiers",
skip_serializing_if = "Option::is_none"
)]
pub community_identifiers: Option<Vec<String>>,
/// Malware's creation date when it was added to CKB in unix timestamp format
#[serde(rename = "created_timestamp", skip_serializing_if = "Option::is_none")]
pub created_timestamp: Option<String>,
/// Malware's text description
#[serde(rename = "description", skip_serializing_if = "Option::is_none")]
pub description: Option<String>,
#[serde(
rename = "description_text_length",
skip_serializing_if = "Option::is_none"
)]
pub description_text_length: Option<i64>,
/// Actors that developed this Malware
#[serde(rename = "developed_by", skip_serializing_if = "Option::is_none")]
pub developed_by: Option<Vec<models::DomainDenormalizedAdversaryReference>>,
#[serde(rename = "developed_by_count", skip_serializing_if = "Option::is_none")]
pub developed_by_count: Option<i64>,
#[serde(
rename = "distinct_indicator_count",
skip_serializing_if = "Option::is_none"
)]
pub distinct_indicator_count: Option<i64>,
#[serde(
rename = "files_containing_threat_count",
skip_serializing_if = "Option::is_none"
)]
pub files_containing_threat_count: Option<i64>,
/// Alphanumeric ID for the Malware
#[serde(rename = "id")]
pub id: String,
#[serde(rename = "indicator_count", skip_serializing_if = "Option::is_none")]
pub indicator_count: Option<i64>,
#[serde(rename = "kill_chain", skip_serializing_if = "Option::is_none")]
pub kill_chain: Option<Vec<String>>,
/// Malware's last updated date in unix timestamp format
#[serde(rename = "last_updated", skip_serializing_if = "Option::is_none")]
pub last_updated: Option<String>,
/// MITRE used by this Malware
#[serde(rename = "mitre", skip_serializing_if = "Option::is_none")]
pub mitre: Option<Vec<models::DomainDenormalizedThreatUsedMitre>>,
#[serde(rename = "mitre_attack_count", skip_serializing_if = "Option::is_none")]
pub mitre_attack_count: Option<i64>,
#[serde(rename = "mitre_tactic_count", skip_serializing_if = "Option::is_none")]
pub mitre_tactic_count: Option<i64>,
#[serde(
rename = "mitre_technique_count",
skip_serializing_if = "Option::is_none"
)]
pub mitre_technique_count: Option<i64>,
/// Malware's activity motivation, one of: State-Sponsored, Criminal, Hacktivism
#[serde(rename = "motivation", skip_serializing_if = "Option::is_none")]
pub motivation: Option<Vec<String>>,
/// Malware's family name
#[serde(rename = "name")]
pub name: String,
/// The previous stage of this Malware
#[serde(rename = "next_stage_of", skip_serializing_if = "Option::is_none")]
pub next_stage_of: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// The next stages of this Malware
#[serde(rename = "next_stages", skip_serializing_if = "Option::is_none")]
pub next_stages: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// The parent of this Malware
#[serde(rename = "plugin_of", skip_serializing_if = "Option::is_none")]
pub plugin_of: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// The plugins of this Malware
#[serde(rename = "plugins", skip_serializing_if = "Option::is_none")]
pub plugins: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// Actors that purchase this Malware
#[serde(rename = "purchased_by", skip_serializing_if = "Option::is_none")]
pub purchased_by: Option<Vec<models::DomainDenormalizedAdversaryReference>>,
#[serde(rename = "purchased_by_count", skip_serializing_if = "Option::is_none")]
pub purchased_by_count: Option<i64>,
#[serde(rename = "report_count", skip_serializing_if = "Option::is_none")]
pub report_count: Option<i64>,
/// Reports that contain this Malware
#[serde(rename = "reports", skip_serializing_if = "Option::is_none")]
pub reports: Option<Vec<models::DomainDenormalizedReportReference>>,
#[serde(
rename = "seen_in_environment",
skip_serializing_if = "Option::is_none"
)]
pub seen_in_environment: Option<Box<models::DomainMalwareEnvironmentAggregates>>,
/// Name in url friendly format, lowercased and spaces replaced with dash
#[serde(rename = "slug", skip_serializing_if = "Option::is_none")]
pub slug: Option<String>,
/// Actors that sell this Malware
#[serde(rename = "sold_by", skip_serializing_if = "Option::is_none")]
pub sold_by: Option<Vec<models::DomainDenormalizedAdversaryReference>>,
#[serde(rename = "sold_by_count", skip_serializing_if = "Option::is_none")]
pub sold_by_count: Option<i64>,
#[serde(rename = "status", skip_serializing_if = "Option::is_none")]
pub status: Option<String>,
/// The parent botnet of this Malware
#[serde(rename = "sub_botnet_of", skip_serializing_if = "Option::is_none")]
pub sub_botnet_of: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// The sub-botnets of this Malware
#[serde(rename = "sub_botnets", skip_serializing_if = "Option::is_none")]
pub sub_botnets: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// The predecessor of this Malware
#[serde(rename = "successor_of", skip_serializing_if = "Option::is_none")]
pub successor_of: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// The successors of this Malware
#[serde(rename = "successors", skip_serializing_if = "Option::is_none")]
pub successors: Option<Vec<models::DomainDenormalizedThreatReference>>,
#[serde(
rename = "systems_targeted_count",
skip_serializing_if = "Option::is_none"
)]
pub systems_targeted_count: Option<i64>,
/// Target countries of malware's activity and attacks, slug value is a 2 characters code for the country value, some examples: United States,United Kingdom,Germany,India,Japan,France,Australia,Canada,China
#[serde(rename = "target_countries", skip_serializing_if = "Option::is_none")]
pub target_countries: Option<Vec<models::DomainDenormalizedCountry>>,
/// Target economical industries of malware's activity and attacks. List of available values: Government, Financial Services, Technology, Telecommunications, Healthcare, Energy, Academic, Media, Aerospace, NGO, Manufacturing, Industrials and Engineering, Retail, Hospitality, Consulting and Professional Services, Opportunistic, Aviation, Defense, Transportation, Oil and Gas, Legal, Pharmaceutical, Logistics, Military, Automotive, Food and Beverage, Consumer Goods, Real Estate, Insurance, Agriculture, Chemicals, Utilities, Maritime, Extractive, Travel, Dissident, Cryptocurrency, Entertainment, National Government, Law Enforcement, Think Tanks, Local Government, Sports Organizations, Computer Gaming, Biomedical, Nonprofit, Financial Management & Hedge Funds, Political Parties, Architectural and Engineering, Emergency Services, Social Media, International Government, Nuclear, Research Entities, Vocational and Higher-Level Education, eCommerce
#[serde(rename = "target_industries", skip_serializing_if = "Option::is_none")]
pub target_industries: Option<Vec<models::DomainDenormalizedSector>>,
/// Malware's targeting profile
#[serde(rename = "targeting_profile", skip_serializing_if = "Option::is_none")]
pub targeting_profile: Option<Vec<String>>,
/// The System directly targeted by this Malware (i.e Lambda)
#[serde(rename = "targets_systems", skip_serializing_if = "Option::is_none")]
pub targets_systems: Option<Vec<models::DomainDenormalizedCustomerTarget>>,
#[serde(rename = "threat_file_count", skip_serializing_if = "Option::is_none")]
pub threat_file_count: Option<i64>,
/// Malware's properties one of: Commodity, OpenSource, SourceCodeLeaked, Modular, RepurposedLegitimateSoftware
#[serde(rename = "threat_properties", skip_serializing_if = "Option::is_none")]
pub threat_properties: Option<Vec<String>>,
#[serde(
rename = "threat_relations_count",
skip_serializing_if = "Option::is_none"
)]
pub threat_relations_count: Option<i64>,
/// Actors that use this Malware
#[serde(rename = "used_by", skip_serializing_if = "Option::is_none")]
pub used_by: Option<Vec<models::DomainDenormalizedAdversaryReference>>,
#[serde(rename = "used_by_count", skip_serializing_if = "Option::is_none")]
pub used_by_count: Option<i64>,
/// The parent variant of this Malware
#[serde(rename = "variant_of", skip_serializing_if = "Option::is_none")]
pub variant_of: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// The variants of this Malware
#[serde(rename = "variants", skip_serializing_if = "Option::is_none")]
pub variants: Option<Vec<models::DomainDenormalizedThreatReference>>,
/// Vulnerabilities this Malware exploits
#[serde(rename = "vulnerabilities", skip_serializing_if = "Option::is_none")]
pub vulnerabilities: Option<Vec<models::DomainVuln>>,
}
impl DomainMalwareDocument {
/// JSON definition of a Malware, also known as a Threat
pub fn new(id: String, name: String) -> DomainMalwareDocument {
DomainMalwareDocument {
actors_count: None,
all_systems: None,
associated_actors: None,
capabilities: None,
community_identifiers: None,
created_timestamp: None,
description: None,
description_text_length: None,
developed_by: None,
developed_by_count: None,
distinct_indicator_count: None,
files_containing_threat_count: None,
id,
indicator_count: None,
kill_chain: None,
last_updated: None,
mitre: None,
mitre_attack_count: None,
mitre_tactic_count: None,
mitre_technique_count: None,
motivation: None,
name,
next_stage_of: None,
next_stages: None,
plugin_of: None,
plugins: None,
purchased_by: None,
purchased_by_count: None,
report_count: None,
reports: None,
seen_in_environment: None,
slug: None,
sold_by: None,
sold_by_count: None,
status: None,
sub_botnet_of: None,
sub_botnets: None,
successor_of: None,
successors: None,
systems_targeted_count: None,
target_countries: None,
target_industries: None,
targeting_profile: None,
targets_systems: None,
threat_file_count: None,
threat_properties: None,
threat_relations_count: None,
used_by: None,
used_by_count: None,
variant_of: None,
variants: None,
vulnerabilities: None,
}
}
}