1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55
use std::collections::BTreeSet; use chrono::{DateTime, Utc}; use serde::Deserialize; use crate::{ vocab::{ImplementationLanguage, MalwareCapabilities, MalwareType, ProcessorArchitecture}, CommonProperties, Id, KillChainPhase, }; #[derive(Deserialize, stix_derive::TypedObject)] #[typed_object(core)] pub struct Malware { #[serde(flatten)] base: CommonProperties, pub name: String, #[serde(default)] pub description: Option<String>, #[serde(default)] pub malware_types: BTreeSet<MalwareType>, #[serde(default)] pub is_family: Option<bool>, #[serde(default)] pub kill_chain_phases: Vec<KillChainPhase>, #[serde(default)] pub first_seen: Option<DateTime<Utc>>, #[serde(default)] pub last_seen: Option<DateTime<Utc>>, #[serde(default)] pub implementation_languages: BTreeSet<ImplementationLanguage>, #[serde(default)] pub operating_system_refs: BTreeSet<Id>, #[serde(default)] pub architecture_execution_envs: BTreeSet<ProcessorArchitecture>, #[serde(default)] pub capabilities: BTreeSet<MalwareCapabilities>, #[serde(default)] pub sample_refs: BTreeSet<Id>, } impl Malware { pub fn name(&self) -> &str { &self.name } pub fn description(&self) -> Option<&str> { self.description.as_ref().map(|s| s.as_str()) } } impl AsRef<CommonProperties> for Malware { fn as_ref(&self) -> &CommonProperties { &self.base } }