Class: Falcon::FalconxSandboxReportV1

Inherits:
Object
  • Object
show all
Defined in:
lib/crimson-falcon/models/falconx_sandbox_report_v1.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(attributes = {}) ⇒ FalconxSandboxReportV1

Initializes the object

Parameters:

  • attributes (Hash) (defaults to: {})

    Model attributes in the form of hash



336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 336

def initialize(attributes = {})
  if (!attributes.is_a?(Hash))
    fail ArgumentError, "The input argument (attributes) must be a hash in `Falcon::FalconxSandboxReportV1` initialize method"
  end

  # check to see if the attribute exists and convert string to symbol for hash key
  attributes = attributes.each_with_object({}) { |(k, v), h|
    if (!self.class.attribute_map.key?(k.to_sym))
      fail ArgumentError, "`#{k}` is not a valid attribute in `Falcon::FalconxSandboxReportV1`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect
    end
    h[k.to_sym] = v
  }

  if attributes.key?(:'architecture')
    self.architecture = attributes[:'architecture']
  end

  if attributes.key?(:'certificates')
    if (value = attributes[:'certificates']).is_a?(Array)
      self.certificates = value
    end
  end

  if attributes.key?(:'certificates_validation_message')
    self.certificates_validation_message = attributes[:'certificates_validation_message']
  end

  if attributes.key?(:'classification')
    if (value = attributes[:'classification']).is_a?(Array)
      self.classification = value
    end
  end

  if attributes.key?(:'classification_tags')
    if (value = attributes[:'classification_tags']).is_a?(Array)
      self.classification_tags = value
    end
  end

  if attributes.key?(:'contacted_hosts')
    if (value = attributes[:'contacted_hosts']).is_a?(Array)
      self.contacted_hosts = value
    end
  end

  if attributes.key?(:'dll_characteristics')
    if (value = attributes[:'dll_characteristics']).is_a?(Array)
      self.dll_characteristics = value
    end
  end

  if attributes.key?(:'dns_requests')
    if (value = attributes[:'dns_requests']).is_a?(Array)
      self.dns_requests = value
    end
  end

  if attributes.key?(:'entrypoint')
    self.entrypoint = attributes[:'entrypoint']
  end

  if attributes.key?(:'entrypoint_preview_count')
    self.entrypoint_preview_count = attributes[:'entrypoint_preview_count']
  end

  if attributes.key?(:'entrypoint_preview_instructions')
    if (value = attributes[:'entrypoint_preview_instructions']).is_a?(Array)
      self.entrypoint_preview_instructions = value
    end
  end

  if attributes.key?(:'entrypoint_section')
    self.entrypoint_section = attributes[:'entrypoint_section']
  end

  if attributes.key?(:'environment_description')
    self.environment_description = attributes[:'environment_description']
  end

  if attributes.key?(:'environment_id')
    self.environment_id = attributes[:'environment_id']
  end

  if attributes.key?(:'error_message')
    self.error_message = attributes[:'error_message']
  end

  if attributes.key?(:'error_origin')
    self.error_origin = attributes[:'error_origin']
  end

  if attributes.key?(:'error_type')
    self.error_type = attributes[:'error_type']
  end

  if attributes.key?(:'exact_deep_hash')
    self.exact_deep_hash = attributes[:'exact_deep_hash']
  end

  if attributes.key?(:'extracted_files')
    if (value = attributes[:'extracted_files']).is_a?(Array)
      self.extracted_files = value
    end
  end

  if attributes.key?(:'extracted_interesting_strings')
    if (value = attributes[:'extracted_interesting_strings']).is_a?(Array)
      self.extracted_interesting_strings = value
    end
  end

  if attributes.key?(:'file_data_directories')
    if (value = attributes[:'file_data_directories']).is_a?(Array)
      self.file_data_directories = value
    end
  end

  if attributes.key?(:'file_imports')
    if (value = attributes[:'file_imports']).is_a?(Array)
      self.file_imports = value
    end
  end

  if attributes.key?(:'file_metadata')
    self. = attributes[:'file_metadata']
  end

  if attributes.key?(:'file_resources')
    if (value = attributes[:'file_resources']).is_a?(Array)
      self.file_resources = value
    end
  end

  if attributes.key?(:'file_sections')
    if (value = attributes[:'file_sections']).is_a?(Array)
      self.file_sections = value
    end
  end

  if attributes.key?(:'file_size')
    self.file_size = attributes[:'file_size']
  end

  if attributes.key?(:'file_type')
    self.file_type = attributes[:'file_type']
  end

  if attributes.key?(:'file_type_short')
    if (value = attributes[:'file_type_short']).is_a?(Array)
      self.file_type_short = value
    end
  end

  if attributes.key?(:'http_requests')
    if (value = attributes[:'http_requests']).is_a?(Array)
      self.http_requests = value
    end
  end

  if attributes.key?(:'icon')
    self.icon = attributes[:'icon']
  end

  if attributes.key?(:'image_base')
    self.image_base = attributes[:'image_base']
  end

  if attributes.key?(:'image_file_characteristics')
    if (value = attributes[:'image_file_characteristics']).is_a?(Array)
      self.image_file_characteristics = value
    end
  end

  if attributes.key?(:'incidents')
    if (value = attributes[:'incidents']).is_a?(Array)
      self.incidents = value
    end
  end

  if attributes.key?(:'intelligence_mitre_attacks')
    if (value = attributes[:'intelligence_mitre_attacks']).is_a?(Array)
      self.intelligence_mitre_attacks = value
    end
  end

  if attributes.key?(:'ioc_report_broad_artifact_id')
    self.ioc_report_broad_artifact_id = attributes[:'ioc_report_broad_artifact_id']
  end

  if attributes.key?(:'ioc_report_strict_artifact_id')
    self.ioc_report_strict_artifact_id = attributes[:'ioc_report_strict_artifact_id']
  end

  if attributes.key?(:'is_certificates_valid')
    self.is_certificates_valid = attributes[:'is_certificates_valid']
  end

  if attributes.key?(:'language')
    self.language = attributes[:'language']
  end

  if attributes.key?(:'major_os_version')
    self.major_os_version = attributes[:'major_os_version']
  end

  if attributes.key?(:'memory_dumps')
    if (value = attributes[:'memory_dumps']).is_a?(Array)
      self.memory_dumps = value
    end
  end

  if attributes.key?(:'memory_dumps_artifact_id')
    self.memory_dumps_artifact_id = attributes[:'memory_dumps_artifact_id']
  end

  if attributes.key?(:'memory_forensics')
    if (value = attributes[:'memory_forensics']).is_a?(Array)
      self.memory_forensics = value
    end
  end

  if attributes.key?(:'memory_strings_artifact_id')
    self.memory_strings_artifact_id = attributes[:'memory_strings_artifact_id']
  end

  if attributes.key?(:'minor_os_version')
    self.minor_os_version = attributes[:'minor_os_version']
  end

  if attributes.key?(:'mitre_attacks')
    if (value = attributes[:'mitre_attacks']).is_a?(Array)
      self.mitre_attacks = value
    end
  end

  if attributes.key?(:'network_settings')
    self.network_settings = attributes[:'network_settings']
  end

  if attributes.key?(:'packer')
    self.packer = attributes[:'packer']
  end

  if attributes.key?(:'pcap_report_artifact_id')
    self.pcap_report_artifact_id = attributes[:'pcap_report_artifact_id']
  end

  if attributes.key?(:'processes')
    if (value = attributes[:'processes']).is_a?(Array)
      self.processes = value
    end
  end

  if attributes.key?(:'sample_flags')
    if (value = attributes[:'sample_flags']).is_a?(Array)
      self.sample_flags = value
    end
  end

  if attributes.key?(:'screenshots_artifact_ids')
    if (value = attributes[:'screenshots_artifact_ids']).is_a?(Array)
      self.screenshots_artifact_ids = value
    end
  end

  if attributes.key?(:'sha256')
    self.sha256 = attributes[:'sha256']
  end

  if attributes.key?(:'signatures')
    if (value = attributes[:'signatures']).is_a?(Array)
      self.signatures = value
    end
  end

  if attributes.key?(:'submission_type')
    self.submission_type = attributes[:'submission_type']
  end

  if attributes.key?(:'submit_name')
    self.submit_name = attributes[:'submit_name']
  end

  if attributes.key?(:'submit_url')
    self.submit_url = attributes[:'submit_url']
  end

  if attributes.key?(:'subsystem')
    self.subsystem = attributes[:'subsystem']
  end

  if attributes.key?(:'suricata_alerts')
    if (value = attributes[:'suricata_alerts']).is_a?(Array)
      self.suricata_alerts = value
    end
  end

  if attributes.key?(:'target_url')
    self.target_url = attributes[:'target_url']
  end

  if attributes.key?(:'threat_score')
    self.threat_score = attributes[:'threat_score']
  end

  if attributes.key?(:'urls')
    if (value = attributes[:'urls']).is_a?(Array)
      self.urls = value
    end
  end

  if attributes.key?(:'verdict')
    self.verdict = attributes[:'verdict']
  end

  if attributes.key?(:'version_info')
    if (value = attributes[:'version_info']).is_a?(Array)
      self.version_info = value
    end
  end

  if attributes.key?(:'visualization')
    self.visualization = attributes[:'visualization']
  end

  if attributes.key?(:'windows_version_bitness')
    self.windows_version_bitness = attributes[:'windows_version_bitness']
  end

  if attributes.key?(:'windows_version_edition')
    self.windows_version_edition = attributes[:'windows_version_edition']
  end

  if attributes.key?(:'windows_version_name')
    self.windows_version_name = attributes[:'windows_version_name']
  end

  if attributes.key?(:'windows_version_service_pack')
    self.windows_version_service_pack = attributes[:'windows_version_service_pack']
  end

  if attributes.key?(:'windows_version_version')
    self.windows_version_version = attributes[:'windows_version_version']
  end
end

Instance Attribute Details

#architectureObject

Returns the value of attribute architecture.



35
36
37
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 35

def architecture
  @architecture
end

#certificatesObject

Returns the value of attribute certificates.



37
38
39
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 37

def certificates
  @certificates
end

#certificates_validation_messageObject

Returns the value of attribute certificates_validation_message.



39
40
41
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 39

def certificates_validation_message
  @certificates_validation_message
end

#classificationObject

Returns the value of attribute classification.



41
42
43
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 41

def classification
  @classification
end

#classification_tagsObject

Returns the value of attribute classification_tags.



43
44
45
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 43

def classification_tags
  @classification_tags
end

#contacted_hostsObject

Returns the value of attribute contacted_hosts.



45
46
47
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 45

def contacted_hosts
  @contacted_hosts
end

#dll_characteristicsObject

Returns the value of attribute dll_characteristics.



47
48
49
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 47

def dll_characteristics
  @dll_characteristics
end

#dns_requestsObject

Returns the value of attribute dns_requests.



49
50
51
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 49

def dns_requests
  @dns_requests
end

#entrypointObject

Returns the value of attribute entrypoint.



51
52
53
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 51

def entrypoint
  @entrypoint
end

#entrypoint_preview_countObject

Returns the value of attribute entrypoint_preview_count.



53
54
55
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 53

def entrypoint_preview_count
  @entrypoint_preview_count
end

#entrypoint_preview_instructionsObject

Returns the value of attribute entrypoint_preview_instructions.



55
56
57
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 55

def entrypoint_preview_instructions
  @entrypoint_preview_instructions
end

#entrypoint_sectionObject

Returns the value of attribute entrypoint_section.



57
58
59
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 57

def entrypoint_section
  @entrypoint_section
end

#environment_descriptionObject

Returns the value of attribute environment_description.



59
60
61
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 59

def environment_description
  @environment_description
end

#environment_idObject

Returns the value of attribute environment_id.



61
62
63
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 61

def environment_id
  @environment_id
end

#error_messageObject

Returns the value of attribute error_message.



63
64
65
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 63

def error_message
  @error_message
end

#error_originObject

Returns the value of attribute error_origin.



65
66
67
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 65

def error_origin
  @error_origin
end

#error_typeObject

Returns the value of attribute error_type.



67
68
69
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 67

def error_type
  @error_type
end

#exact_deep_hashObject

Returns the value of attribute exact_deep_hash.



69
70
71
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 69

def exact_deep_hash
  @exact_deep_hash
end

#extracted_filesObject

Returns the value of attribute extracted_files.



71
72
73
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 71

def extracted_files
  @extracted_files
end

#extracted_interesting_stringsObject

Returns the value of attribute extracted_interesting_strings.



73
74
75
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 73

def extracted_interesting_strings
  @extracted_interesting_strings
end

#file_data_directoriesObject

Returns the value of attribute file_data_directories.



75
76
77
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 75

def file_data_directories
  @file_data_directories
end

#file_importsObject

Returns the value of attribute file_imports.



77
78
79
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 77

def file_imports
  @file_imports
end

#file_metadataObject

Returns the value of attribute file_metadata.



79
80
81
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 79

def 
  @file_metadata
end

#file_resourcesObject

Returns the value of attribute file_resources.



81
82
83
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 81

def file_resources
  @file_resources
end

#file_sectionsObject

Returns the value of attribute file_sections.



83
84
85
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 83

def file_sections
  @file_sections
end

#file_sizeObject

Returns the value of attribute file_size.



85
86
87
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 85

def file_size
  @file_size
end

#file_typeObject

Returns the value of attribute file_type.



87
88
89
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 87

def file_type
  @file_type
end

#file_type_shortObject

Returns the value of attribute file_type_short.



89
90
91
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 89

def file_type_short
  @file_type_short
end

#http_requestsObject

Returns the value of attribute http_requests.



91
92
93
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 91

def http_requests
  @http_requests
end

#iconObject

Returns the value of attribute icon.



93
94
95
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 93

def icon
  @icon
end

#image_baseObject

Returns the value of attribute image_base.



95
96
97
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 95

def image_base
  @image_base
end

#image_file_characteristicsObject

Returns the value of attribute image_file_characteristics.



97
98
99
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 97

def image_file_characteristics
  @image_file_characteristics
end

#incidentsObject

Returns the value of attribute incidents.



99
100
101
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 99

def incidents
  @incidents
end

#intelligence_mitre_attacksObject

Returns the value of attribute intelligence_mitre_attacks.



101
102
103
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 101

def intelligence_mitre_attacks
  @intelligence_mitre_attacks
end

#ioc_report_broad_artifact_idObject

Returns the value of attribute ioc_report_broad_artifact_id.



103
104
105
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 103

def ioc_report_broad_artifact_id
  @ioc_report_broad_artifact_id
end

#ioc_report_strict_artifact_idObject

Returns the value of attribute ioc_report_strict_artifact_id.



105
106
107
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 105

def ioc_report_strict_artifact_id
  @ioc_report_strict_artifact_id
end

#is_certificates_validObject

Returns the value of attribute is_certificates_valid.



107
108
109
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 107

def is_certificates_valid
  @is_certificates_valid
end

#languageObject

Returns the value of attribute language.



109
110
111
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 109

def language
  @language
end

#major_os_versionObject

Returns the value of attribute major_os_version.



111
112
113
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 111

def major_os_version
  @major_os_version
end

#memory_dumpsObject

Returns the value of attribute memory_dumps.



113
114
115
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 113

def memory_dumps
  @memory_dumps
end

#memory_dumps_artifact_idObject

Returns the value of attribute memory_dumps_artifact_id.



115
116
117
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 115

def memory_dumps_artifact_id
  @memory_dumps_artifact_id
end

#memory_forensicsObject

Returns the value of attribute memory_forensics.



117
118
119
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 117

def memory_forensics
  @memory_forensics
end

#memory_strings_artifact_idObject

Returns the value of attribute memory_strings_artifact_id.



119
120
121
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 119

def memory_strings_artifact_id
  @memory_strings_artifact_id
end

#minor_os_versionObject

Returns the value of attribute minor_os_version.



121
122
123
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 121

def minor_os_version
  @minor_os_version
end

#mitre_attacksObject

Returns the value of attribute mitre_attacks.



123
124
125
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 123

def mitre_attacks
  @mitre_attacks
end

#network_settingsObject

Returns the value of attribute network_settings.



125
126
127
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 125

def network_settings
  @network_settings
end

#packerObject

Returns the value of attribute packer.



127
128
129
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 127

def packer
  @packer
end

#pcap_report_artifact_idObject

Returns the value of attribute pcap_report_artifact_id.



129
130
131
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 129

def pcap_report_artifact_id
  @pcap_report_artifact_id
end

#processesObject

Returns the value of attribute processes.



131
132
133
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 131

def processes
  @processes
end

#sample_flagsObject

Returns the value of attribute sample_flags.



133
134
135
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 133

def sample_flags
  @sample_flags
end

#screenshots_artifact_idsObject

Returns the value of attribute screenshots_artifact_ids.



135
136
137
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 135

def screenshots_artifact_ids
  @screenshots_artifact_ids
end

#sha256Object

Returns the value of attribute sha256.



137
138
139
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 137

def sha256
  @sha256
end

#signaturesObject

Returns the value of attribute signatures.



139
140
141
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 139

def signatures
  @signatures
end

#submission_typeObject

Returns the value of attribute submission_type.



141
142
143
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 141

def submission_type
  @submission_type
end

#submit_nameObject

Returns the value of attribute submit_name.



143
144
145
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 143

def submit_name
  @submit_name
end

#submit_urlObject

Returns the value of attribute submit_url.



145
146
147
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 145

def submit_url
  @submit_url
end

#subsystemObject

Returns the value of attribute subsystem.



147
148
149
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 147

def subsystem
  @subsystem
end

#suricata_alertsObject

Returns the value of attribute suricata_alerts.



149
150
151
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 149

def suricata_alerts
  @suricata_alerts
end

#target_urlObject

Returns the value of attribute target_url.



151
152
153
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 151

def target_url
  @target_url
end

#threat_scoreObject

Returns the value of attribute threat_score.



153
154
155
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 153

def threat_score
  @threat_score
end

#urlsObject

Returns the value of attribute urls.



155
156
157
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 155

def urls
  @urls
end

#verdictObject

Returns the value of attribute verdict.



157
158
159
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 157

def verdict
  @verdict
end

#version_infoObject

Returns the value of attribute version_info.



159
160
161
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 159

def version_info
  @version_info
end

#visualizationObject

Returns the value of attribute visualization.



161
162
163
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 161

def visualization
  @visualization
end

#windows_version_bitnessObject

Returns the value of attribute windows_version_bitness.



163
164
165
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 163

def windows_version_bitness
  @windows_version_bitness
end

#windows_version_editionObject

Returns the value of attribute windows_version_edition.



165
166
167
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 165

def windows_version_edition
  @windows_version_edition
end

#windows_version_nameObject

Returns the value of attribute windows_version_name.



167
168
169
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 167

def windows_version_name
  @windows_version_name
end

#windows_version_service_packObject

Returns the value of attribute windows_version_service_pack.



169
170
171
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 169

def windows_version_service_pack
  @windows_version_service_pack
end

#windows_version_versionObject

Returns the value of attribute windows_version_version.



171
172
173
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 171

def windows_version_version
  @windows_version_version
end

Class Method Details

.acceptable_attributesObject

Returns all the JSON keys this model knows about



249
250
251
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 249

def self.acceptable_attributes
  attribute_map.values
end

.attribute_mapObject

Attribute mapping from ruby-style variable name to JSON key.



174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 174

def self.attribute_map
  {
    :'architecture' => :'architecture',
    :'certificates' => :'certificates',
    :'certificates_validation_message' => :'certificates_validation_message',
    :'classification' => :'classification',
    :'classification_tags' => :'classification_tags',
    :'contacted_hosts' => :'contacted_hosts',
    :'dll_characteristics' => :'dll_characteristics',
    :'dns_requests' => :'dns_requests',
    :'entrypoint' => :'entrypoint',
    :'entrypoint_preview_count' => :'entrypoint_preview_count',
    :'entrypoint_preview_instructions' => :'entrypoint_preview_instructions',
    :'entrypoint_section' => :'entrypoint_section',
    :'environment_description' => :'environment_description',
    :'environment_id' => :'environment_id',
    :'error_message' => :'error_message',
    :'error_origin' => :'error_origin',
    :'error_type' => :'error_type',
    :'exact_deep_hash' => :'exact_deep_hash',
    :'extracted_files' => :'extracted_files',
    :'extracted_interesting_strings' => :'extracted_interesting_strings',
    :'file_data_directories' => :'file_data_directories',
    :'file_imports' => :'file_imports',
    :'file_metadata' => :'file_metadata',
    :'file_resources' => :'file_resources',
    :'file_sections' => :'file_sections',
    :'file_size' => :'file_size',
    :'file_type' => :'file_type',
    :'file_type_short' => :'file_type_short',
    :'http_requests' => :'http_requests',
    :'icon' => :'icon',
    :'image_base' => :'image_base',
    :'image_file_characteristics' => :'image_file_characteristics',
    :'incidents' => :'incidents',
    :'intelligence_mitre_attacks' => :'intelligence_mitre_attacks',
    :'ioc_report_broad_artifact_id' => :'ioc_report_broad_artifact_id',
    :'ioc_report_strict_artifact_id' => :'ioc_report_strict_artifact_id',
    :'is_certificates_valid' => :'is_certificates_valid',
    :'language' => :'language',
    :'major_os_version' => :'major_os_version',
    :'memory_dumps' => :'memory_dumps',
    :'memory_dumps_artifact_id' => :'memory_dumps_artifact_id',
    :'memory_forensics' => :'memory_forensics',
    :'memory_strings_artifact_id' => :'memory_strings_artifact_id',
    :'minor_os_version' => :'minor_os_version',
    :'mitre_attacks' => :'mitre_attacks',
    :'network_settings' => :'network_settings',
    :'packer' => :'packer',
    :'pcap_report_artifact_id' => :'pcap_report_artifact_id',
    :'processes' => :'processes',
    :'sample_flags' => :'sample_flags',
    :'screenshots_artifact_ids' => :'screenshots_artifact_ids',
    :'sha256' => :'sha256',
    :'signatures' => :'signatures',
    :'submission_type' => :'submission_type',
    :'submit_name' => :'submit_name',
    :'submit_url' => :'submit_url',
    :'subsystem' => :'subsystem',
    :'suricata_alerts' => :'suricata_alerts',
    :'target_url' => :'target_url',
    :'threat_score' => :'threat_score',
    :'urls' => :'urls',
    :'verdict' => :'verdict',
    :'version_info' => :'version_info',
    :'visualization' => :'visualization',
    :'windows_version_bitness' => :'windows_version_bitness',
    :'windows_version_edition' => :'windows_version_edition',
    :'windows_version_name' => :'windows_version_name',
    :'windows_version_service_pack' => :'windows_version_service_pack',
    :'windows_version_version' => :'windows_version_version'
  }
end

.build_from_hash(attributes) ⇒ Object

Builds the object from hash

Parameters:

  • attributes (Hash)

    Model attributes in the form of hash

Returns:

  • (Object)

    Returns the model itself



791
792
793
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 791

def self.build_from_hash(attributes)
  new.build_from_hash(attributes)
end

.openapi_nullableObject

List of attributes with nullable: true



329
330
331
332
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 329

def self.openapi_nullable
  Set.new([
  ])
end

.openapi_typesObject

Attribute type mapping.



254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 254

def self.openapi_types
  {
    :'architecture' => :'String',
    :'certificates' => :'Array<FalconxCertificate>',
    :'certificates_validation_message' => :'String',
    :'classification' => :'Array<String>',
    :'classification_tags' => :'Array<String>',
    :'contacted_hosts' => :'Array<FalconxContactedHost>',
    :'dll_characteristics' => :'Array<String>',
    :'dns_requests' => :'Array<FalconxDNSRequest>',
    :'entrypoint' => :'String',
    :'entrypoint_preview_count' => :'Integer',
    :'entrypoint_preview_instructions' => :'Array<String>',
    :'entrypoint_section' => :'String',
    :'environment_description' => :'String',
    :'environment_id' => :'Integer',
    :'error_message' => :'String',
    :'error_origin' => :'String',
    :'error_type' => :'String',
    :'exact_deep_hash' => :'String',
    :'extracted_files' => :'Array<FalconxExtractedFile>',
    :'extracted_interesting_strings' => :'Array<FalconxExtractedInterestingString>',
    :'file_data_directories' => :'Array<FalconxFileDataDirectory>',
    :'file_imports' => :'Array<FalconxFileImport>',
    :'file_metadata' => :'FalconxFileMetadata',
    :'file_resources' => :'Array<FalconxFileResource>',
    :'file_sections' => :'Array<FalconxFileSection>',
    :'file_size' => :'Integer',
    :'file_type' => :'String',
    :'file_type_short' => :'Array<String>',
    :'http_requests' => :'Array<FalconxHTTPRequest>',
    :'icon' => :'String',
    :'image_base' => :'String',
    :'image_file_characteristics' => :'Array<String>',
    :'incidents' => :'Array<FalconxIncident>',
    :'intelligence_mitre_attacks' => :'Array<FalconxMITREAttack>',
    :'ioc_report_broad_artifact_id' => :'String',
    :'ioc_report_strict_artifact_id' => :'String',
    :'is_certificates_valid' => :'Boolean',
    :'language' => :'String',
    :'major_os_version' => :'Integer',
    :'memory_dumps' => :'Array<FalconxMemoryDumpData>',
    :'memory_dumps_artifact_id' => :'String',
    :'memory_forensics' => :'Array<FalconxMemoryForensic>',
    :'memory_strings_artifact_id' => :'String',
    :'minor_os_version' => :'Integer',
    :'mitre_attacks' => :'Array<FalconxMITREAttack>',
    :'network_settings' => :'String',
    :'packer' => :'String',
    :'pcap_report_artifact_id' => :'String',
    :'processes' => :'Array<FalconxProcess>',
    :'sample_flags' => :'Array<String>',
    :'screenshots_artifact_ids' => :'Array<String>',
    :'sha256' => :'String',
    :'signatures' => :'Array<FalconxSignature>',
    :'submission_type' => :'String',
    :'submit_name' => :'String',
    :'submit_url' => :'String',
    :'subsystem' => :'String',
    :'suricata_alerts' => :'Array<FalconxSuricataAlert>',
    :'target_url' => :'String',
    :'threat_score' => :'Integer',
    :'urls' => :'Array<FalconxUrlData>',
    :'verdict' => :'String',
    :'version_info' => :'Array<FalconxVersionInfo>',
    :'visualization' => :'String',
    :'windows_version_bitness' => :'Integer',
    :'windows_version_edition' => :'String',
    :'windows_version_name' => :'String',
    :'windows_version_service_pack' => :'String',
    :'windows_version_version' => :'String'
  }
end

Instance Method Details

#==(o) ⇒ Object

Checks equality by comparing each attribute.

Parameters:

  • Object (Object)

    to be compared



702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 702

def ==(o)
  return true if self.equal?(o)
  self.class == o.class &&
      architecture == o.architecture &&
      certificates == o.certificates &&
      certificates_validation_message == o.certificates_validation_message &&
      classification == o.classification &&
      classification_tags == o.classification_tags &&
      contacted_hosts == o.contacted_hosts &&
      dll_characteristics == o.dll_characteristics &&
      dns_requests == o.dns_requests &&
      entrypoint == o.entrypoint &&
      entrypoint_preview_count == o.entrypoint_preview_count &&
      entrypoint_preview_instructions == o.entrypoint_preview_instructions &&
      entrypoint_section == o.entrypoint_section &&
      environment_description == o.environment_description &&
      environment_id == o.environment_id &&
      error_message == o.error_message &&
      error_origin == o.error_origin &&
      error_type == o.error_type &&
      exact_deep_hash == o.exact_deep_hash &&
      extracted_files == o.extracted_files &&
      extracted_interesting_strings == o.extracted_interesting_strings &&
      file_data_directories == o.file_data_directories &&
      file_imports == o.file_imports &&
       == o. &&
      file_resources == o.file_resources &&
      file_sections == o.file_sections &&
      file_size == o.file_size &&
      file_type == o.file_type &&
      file_type_short == o.file_type_short &&
      http_requests == o.http_requests &&
      icon == o.icon &&
      image_base == o.image_base &&
      image_file_characteristics == o.image_file_characteristics &&
      incidents == o.incidents &&
      intelligence_mitre_attacks == o.intelligence_mitre_attacks &&
      ioc_report_broad_artifact_id == o.ioc_report_broad_artifact_id &&
      ioc_report_strict_artifact_id == o.ioc_report_strict_artifact_id &&
      is_certificates_valid == o.is_certificates_valid &&
      language == o.language &&
      major_os_version == o.major_os_version &&
      memory_dumps == o.memory_dumps &&
      memory_dumps_artifact_id == o.memory_dumps_artifact_id &&
      memory_forensics == o.memory_forensics &&
      memory_strings_artifact_id == o.memory_strings_artifact_id &&
      minor_os_version == o.minor_os_version &&
      mitre_attacks == o.mitre_attacks &&
      network_settings == o.network_settings &&
      packer == o.packer &&
      pcap_report_artifact_id == o.pcap_report_artifact_id &&
      processes == o.processes &&
      sample_flags == o.sample_flags &&
      screenshots_artifact_ids == o.screenshots_artifact_ids &&
      sha256 == o.sha256 &&
      signatures == o.signatures &&
      submission_type == o.submission_type &&
      submit_name == o.submit_name &&
      submit_url == o.submit_url &&
      subsystem == o.subsystem &&
      suricata_alerts == o.suricata_alerts &&
      target_url == o.target_url &&
      threat_score == o.threat_score &&
      urls == o.urls &&
      verdict == o.verdict &&
      version_info == o.version_info &&
      visualization == o.visualization &&
      windows_version_bitness == o.windows_version_bitness &&
      windows_version_edition == o.windows_version_edition &&
      windows_version_name == o.windows_version_name &&
      windows_version_service_pack == o.windows_version_service_pack &&
      windows_version_version == o.windows_version_version
end

#_deserialize(type, value) ⇒ Object

Deserializes the data based on type

Parameters:

  • string

    type Data type

  • string

    value Value to be deserialized

Returns:

  • (Object)

    Deserialized data



822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 822

def _deserialize(type, value)
  case type.to_sym
  when :Time
    Time.parse(value)
  when :Date
    Date.parse(value)
  when :String
    value.to_s
  when :Integer
    value.to_i
  when :Float
    value.to_f
  when :Boolean
    if value.to_s =~ /\A(true|t|yes|y|1)\z/i
      true
    else
      false
    end
  when :Object
    # generic object (usually a Hash), return directly
    value
  when /\AArray<(?<inner_type>.+)>\z/
    inner_type = Regexp.last_match[:inner_type]
    value.map { |v| _deserialize(inner_type, v) }
  when /\AHash<(?<k_type>.+?), (?<v_type>.+)>\z/
    k_type = Regexp.last_match[:k_type]
    v_type = Regexp.last_match[:v_type]
    {}.tap do |hash|
      value.each do |k, v|
        hash[_deserialize(k_type, k)] = _deserialize(v_type, v)
      end
    end
  else # model
    # models (e.g. Pet) or oneOf
    klass = Falcon.const_get(type)
    klass.respond_to?(:openapi_one_of) ? klass.build(value) : klass.build_from_hash(value)
  end
end

#_to_hash(value) ⇒ Hash

Outputs non-array value in the form of hash For object, use to_hash. Otherwise, just return the value

Parameters:

  • value (Object)

    Any valid value

Returns:

  • (Hash)

    Returns the value in the form of hash



893
894
895
896
897
898
899
900
901
902
903
904
905
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 893

def _to_hash(value)
  if value.is_a?(Array)
    value.compact.map { |v| _to_hash(v) }
  elsif value.is_a?(Hash)
    {}.tap do |hash|
      value.each { |k, v| hash[k] = _to_hash(v) }
    end
  elsif value.respond_to? :to_hash
    value.to_hash
  else
    value
  end
end

#build_from_hash(attributes) ⇒ Object

Builds the object from hash

Parameters:

  • attributes (Hash)

    Model attributes in the form of hash

Returns:

  • (Object)

    Returns the model itself



798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 798

def build_from_hash(attributes)
  return nil unless attributes.is_a?(Hash)
  attributes = attributes.transform_keys(&:to_sym)
  self.class.openapi_types.each_pair do |key, type|
    if attributes[self.class.attribute_map[key]].nil? && self.class.openapi_nullable.include?(key)
      self.send("#{key}=", nil)
    elsif type =~ /\AArray<(.*)>/i
      # check to ensure the input is an array given that the attribute
      # is documented as an array but the input is not
      if attributes[self.class.attribute_map[key]].is_a?(Array)
        self.send("#{key}=", attributes[self.class.attribute_map[key]].map { |v| _deserialize($1, v) })
      end
    elsif !attributes[self.class.attribute_map[key]].nil?
      self.send("#{key}=", _deserialize(type, attributes[self.class.attribute_map[key]]))
    end
  end

  self
end

#eql?(o) ⇒ Boolean

Parameters:

  • Object (Object)

    to be compared

Returns:

  • (Boolean)

See Also:

  • `==` method


778
779
780
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 778

def eql?(o)
  self == o
end

#hashInteger

Calculates hash code according to all attributes.

Returns:

  • (Integer)

    Hash code



784
785
786
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 784

def hash
  [architecture, certificates, certificates_validation_message, classification, classification_tags, contacted_hosts, dll_characteristics, dns_requests, entrypoint, entrypoint_preview_count, entrypoint_preview_instructions, entrypoint_section, environment_description, environment_id, error_message, error_origin, error_type, exact_deep_hash, extracted_files, extracted_interesting_strings, file_data_directories, file_imports, , file_resources, file_sections, file_size, file_type, file_type_short, http_requests, icon, image_base, image_file_characteristics, incidents, intelligence_mitre_attacks, ioc_report_broad_artifact_id, ioc_report_strict_artifact_id, is_certificates_valid, language, major_os_version, memory_dumps, memory_dumps_artifact_id, memory_forensics, memory_strings_artifact_id, minor_os_version, mitre_attacks, network_settings, packer, pcap_report_artifact_id, processes, sample_flags, screenshots_artifact_ids, sha256, signatures, submission_type, submit_name, submit_url, subsystem, suricata_alerts, target_url, threat_score, urls, verdict, version_info, visualization, windows_version_bitness, windows_version_edition, windows_version_name, windows_version_service_pack, windows_version_version].hash
end

#list_invalid_propertiesObject

Show invalid properties with the reasons. Usually used together with valid?

Returns:

  • Array for valid properties with the reasons



684
685
686
687
688
689
690
691
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 684

def list_invalid_properties
  invalid_properties = Array.new
  if @is_certificates_valid.nil?
    invalid_properties.push('invalid value for "is_certificates_valid", is_certificates_valid cannot be nil.')
  end

  invalid_properties
end

#to_bodyHash

to_body is an alias to to_hash (backward compatibility)

Returns:

  • (Hash)

    Returns the object in the form of hash



869
870
871
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 869

def to_body
  to_hash
end

#to_hashHash

Returns the object in the form of hash

Returns:

  • (Hash)

    Returns the object in the form of hash



875
876
877
878
879
880
881
882
883
884
885
886
887
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 875

def to_hash
  hash = {}
  self.class.attribute_map.each_pair do |attr, param|
    value = self.send(attr)
    if value.nil?
      is_nullable = self.class.openapi_nullable.include?(attr)
      next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
    end

    hash[param] = _to_hash(value)
  end
  hash
end

#to_sString

Returns the string representation of the object

Returns:

  • (String)

    String presentation of the object



863
864
865
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 863

def to_s
  to_hash.to_s
end

#valid?Boolean

Check to see if the all the properties in the model are valid

Returns:

  • (Boolean)

    true if the model is valid



695
696
697
698
# File 'lib/crimson-falcon/models/falconx_sandbox_report_v1.rb', line 695

def valid?
  return false if @is_certificates_valid.nil?
  true
end