diff --git a/docs/pycti/pycti.rst b/docs/pycti/pycti.rst index a57c1f45..4d7ef636 100644 --- a/docs/pycti/pycti.rst +++ b/docs/pycti/pycti.rst @@ -200,6 +200,9 @@ Classes - :py:class:`CustomObservableFinancialTransaction`: Financial Transaction observable. +- :py:class:`CustomObservableCryptocurrencyWallet`: + Cryptocurrency wallet observable. + - :py:class:`CustomObservableText`: Text observable. @@ -617,6 +620,13 @@ Classes .. inheritance-diagram:: CustomObservableFinancialTransaction :parts: 1 +.. autoclass:: CustomObservableCryptocurrencyWallet + :members: + + .. rubric:: Inheritance + .. inheritance-diagram:: CustomObservableCryptocurrencyWallet + :parts: 1 + .. autoclass:: CustomObservableText :members: diff --git a/examples/create_observable_financial_account.py b/examples/create_observable_financial_account.py index 78bf2186..3c48d441 100644 --- a/examples/create_observable_financial_account.py +++ b/examples/create_observable_financial_account.py @@ -16,7 +16,7 @@ "account_status": "active", "account_type": "credit_credit_card", "x_opencti_score": 90, - "iban_number": "55667", + "iban": "55667", "bic_number": "009998877", "currency_code": "bahraini_dinar_(bhd)", } diff --git a/pycti/__init__.py b/pycti/__init__.py index 925bd67c..bf7dfbaf 100644 --- a/pycti/__init__.py +++ b/pycti/__init__.py @@ -55,6 +55,7 @@ CustomObjectChannel, CustomObjectTask, CustomObservableCredential, + CustomObservableCryptocurrencyWallet, CustomObservableFinancialAccount, CustomObservableFinancialAsset, CustomObservableFinancialTransaction, @@ -140,6 +141,7 @@ "CustomObservableFinancialAccount", "CustomObservableFinancialAsset", "CustomObservableFinancialTransaction", + "CustomObservableCryptocurrencyWallet", "CustomObservableHostname", "CustomObservablePaymentCard", "CustomObservablePhoneNumber", diff --git a/pycti/entities/opencti_stix_core_object.py b/pycti/entities/opencti_stix_core_object.py index 222d2014..c5eb884a 100644 --- a/pycti/entities/opencti_stix_core_object.py +++ b/pycti/entities/opencti_stix_core_object.py @@ -604,6 +604,9 @@ def __init__(self, opencti, file): ... on CryptographicKey { value } + ... on CryptocurrencyWallet { + value + } ... on Hostname { value } @@ -639,7 +642,7 @@ def __init__(self, opencti, file): account_number account_status account_type - iban_number + iban bic_number currency_code } @@ -1279,6 +1282,9 @@ def __init__(self, opencti, file): ... on CryptographicKey { value } + ... on CryptocurrencyWallet { + value + } ... on Hostname { value } @@ -1308,7 +1314,7 @@ def __init__(self, opencti, file): account_number account_status account_type - iban_number + iban bic_number currency_code } diff --git a/pycti/entities/opencti_stix_cyber_observable.py b/pycti/entities/opencti_stix_cyber_observable.py index b0cd4e97..2663e4a6 100644 --- a/pycti/entities/opencti_stix_cyber_observable.py +++ b/pycti/entities/opencti_stix_cyber_observable.py @@ -394,6 +394,7 @@ def create(self, **kwargs): $WindowsRegistryKey: WindowsRegistryKeyAddInput, $WindowsRegistryValueType: WindowsRegistryValueTypeAddInput, $CryptographicKey: CryptographicKeyAddInput, + $CryptocurrencyWallet: CryptocurrencyWalletAddInput, $Hostname: HostnameAddInput $Text: TextAddInput, $UserAgent: UserAgentAddInput @@ -439,6 +440,7 @@ def create(self, **kwargs): WindowsRegistryKey: $WindowsRegistryKey, WindowsRegistryValueType: $WindowsRegistryValueType, CryptographicKey: $CryptographicKey, + CryptocurrencyWallet: $CryptocurrencyWallet, Hostname: $Hostname, Text: $Text, UserAgent: $UserAgent @@ -999,15 +1001,15 @@ def create(self, **kwargs): else None ), } - # elif ( - # type == "Cryptocurrency-Wallet" - # or type.lower() == "x-opencti-cryptocurrency-wallet" - # ): - # input_variables["CryptocurrencyWallet"] = { - # "value": ( - # observable_data["value"] if "value" in observable_data else None - # ), - # } + elif ( + type == "Cryptocurrency-Wallet" + or type.lower() == "x-opencti-cryptocurrency-wallet" + ): + input_variables["CryptocurrencyWallet"] = { + "value": ( + observable_data["value"] if "value" in observable_data else None + ), + } elif type == "Credential" or type.lower() == "x-opencti-credential": input_variables["Credential"] = { "value": ( @@ -1027,7 +1029,7 @@ def create(self, **kwargs): or type.lower() == "x-opencti-financial-account" ): input_variables["FinancialAccount"] = { - "iban_number": observable_data.get("iban_number"), + "iban": observable_data.get("iban"), "bic_number": observable_data.get("bic_number"), "account_number": observable_data.get("account_number"), "account_status": observable_data.get("account_status"), diff --git a/pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_properties.py b/pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_properties.py index c8f39af9..428d6da2 100644 --- a/pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_properties.py +++ b/pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_properties.py @@ -249,6 +249,9 @@ ... on CryptographicKey { value } + ... on CryptocurrencyWallet { + value + } ... on Hostname { value } @@ -284,7 +287,7 @@ account_number account_status account_type - iban_number + iban bic_number currency_code } @@ -560,6 +563,9 @@ ... on CryptographicKey { value } + ... on CryptocurrencyWallet { + value + } ... on Hostname { value } @@ -608,7 +614,7 @@ account_number account_status account_type - iban_number + iban bic_number currency_code } diff --git a/pycti/utils/constants.py b/pycti/utils/constants.py index 502edec0..c6f245b9 100644 --- a/pycti/utils/constants.py +++ b/pycti/utils/constants.py @@ -37,7 +37,7 @@ class StixCyberObservableTypes(Enum): WINDOWS_REGISTRY_VALUE_TYPE = "Windows-Registry-Value-Type" HOSTNAME = "Hostname" CRYPTOGRAPHIC_KEY = "Cryptographic-Key" - # CRYPTOCURRENCY_WALLET = "Cryptocurrency-Wallet" + CRYPTOCURRENCY_WALLET = "Cryptocurrency-Wallet" FINANCIAL_ACCOUNT = "Financial-Account" FINANCIAL_ASSET = "Financial-Asset" FINANCIAL_TRANSACTION = "Financial-Transaction" @@ -354,22 +354,22 @@ class CustomObservableCredential: pass -# @CustomObservable( -# "cryptocurrency-wallet", -# [ -# ("value", StringProperty(required=True)), -# ("spec_version", StringProperty(fixed="2.1")), -# ( -# "object_marking_refs", -# ListProperty( -# ReferenceProperty(valid_types="marking-definition", spec_version="2.1") -# ), -# ), -# ], -# ["value"], -# ) -# class CustomObservableCryptocurrencyWallet: -# """Cryptocurrency wallet observable.""" +@CustomObservable( + "cryptocurrency-wallet", + [ + ("value", StringProperty(required=True)), + ("spec_version", StringProperty(fixed="2.1")), + ( + "object_marking_refs", + ListProperty( + ReferenceProperty(valid_types="marking-definition", spec_version="2.1") + ), + ), + ], + ["value"], +) +class CustomObservableCryptocurrencyWallet: + """Cryptocurrency wallet observable.""" @CustomObservable( @@ -463,7 +463,7 @@ class CustomObservableMediaContent: ("account_number", StringProperty()), ("account_status", StringProperty()), ("account_type", StringProperty()), - ("iban_number", StringProperty()), + ("iban", StringProperty()), ("bic_number", StringProperty()), ("currency_code", StringProperty()), ("spec_version", StringProperty(fixed="2.1")), diff --git a/pycti/utils/opencti_stix2_utils.py b/pycti/utils/opencti_stix2_utils.py index 78a6d21d..63e9f961 100644 --- a/pycti/utils/opencti_stix2_utils.py +++ b/pycti/utils/opencti_stix2_utils.py @@ -25,7 +25,7 @@ "windows-registry-value-type": "Windows-Registry-Value-Type", "hostname": "Hostname", "cryptographic-key": "Cryptographic-Key", - # "cryptocurrency-wallet": "Cryptocurrency-Wallet", + "cryptocurrency-wallet": "Cryptocurrency-Wallet", "text": "Text", "user-agent": "User-Agent", # "bank-account": "Bank-Account",