1use std::collections::BTreeSet;
2
3use chrono::{DateTime, Utc};
4use serde::Deserialize;
5
6use crate::{
7 vocab::{ImplementationLanguage, MalwareCapabilities, MalwareType, ProcessorArchitecture},
8 CommonProperties, Id, KillChainPhase,
9};
10
11#[derive(Deserialize, stix_derive::TypedObject)]
12#[typed_object(core)]
13pub struct Malware {
14 #[serde(flatten)]
15 base: CommonProperties,
16 pub name: String,
17 #[serde(default)]
18 pub description: Option<String>,
19 #[serde(default)]
20 pub malware_types: BTreeSet<MalwareType>,
21 #[serde(default)]
22 pub is_family: Option<bool>,
23 #[serde(default)]
24 pub kill_chain_phases: Vec<KillChainPhase>,
25 #[serde(default)]
26 pub first_seen: Option<DateTime<Utc>>,
27 #[serde(default)]
28 pub last_seen: Option<DateTime<Utc>>,
29 #[serde(default)]
30 pub implementation_languages: BTreeSet<ImplementationLanguage>,
31 #[serde(default)]
32 pub operating_system_refs: BTreeSet<Id>,
33 #[serde(default)]
34 pub architecture_execution_envs: BTreeSet<ProcessorArchitecture>,
35 #[serde(default)]
36 pub capabilities: BTreeSet<MalwareCapabilities>,
37 #[serde(default)]
38 pub sample_refs: BTreeSet<Id>,
39}
40
41impl Malware {
42 pub fn name(&self) -> &str {
43 &self.name
44 }
45
46 pub fn description(&self) -> Option<&str> {
47 self.description.as_ref().map(|s| s.as_str())
48 }
49}
50
51impl AsRef<CommonProperties> for Malware {
52 fn as_ref(&self) -> &CommonProperties {
53 &self.base
54 }
55}