Block has 35 functions (exceeds 20 allowed). Consider refactoring.

Open

class Block(GeneratedsSuper):
    """Block is a Structured_Text element consisting of one of Text_Title,
    Text, Code_Example_Language, or Code followed by another Block
    element. Structured_Text elements help define whitespace and
    text segments. This attribute identifies the nature of the

BehaviorType has 34 functions (exceeds 20 allowed). Consider refactoring.

Open

class BehaviorType(GeneratedsSuper):
    """BehaviorType is intended to serve as a method for the
    characterization of malicious behaviors found or observed in
    malware. Behaviors can be thought of as representing the purpose
    behind groups of MAEC actions, and are therefore representative

Process_Object_AttributesType has 34 functions (exceeds 20 allowed). Consider refactoring.

Open

class Process_Object_AttributesType(GeneratedsSuper):
    subclass = None
    superclass = None
    def __init__(self, Image_Name=None, Start_Username=None, Current_Directory=None, Command_Line=None, Security_Attributes=None, Process_ID=None, Start_Address=None, Parent_Process=None, Start_DateTime=None, Child_Processes=None, Handles=None):
        self.Image_Name = Image_Name

fieldDataEntry has 34 functions (exceeds 20 allowed). Consider refactoring.

Open

class fieldDataEntry(GeneratedsSuper):
    """Data structure to hold prevalence information. The data includes a
    reference to another object (which is an xpath expression
    pointing to an object inside the 'ref' element), together with a
    time period (startDate -> endDate), an origin - where the object

PESectionHeaderStruct has 34 functions (exceeds 20 allowed). Consider refactoring.

Open

class PESectionHeaderStruct(GeneratedsSuper):
    """PESectionHeaderStruct is intended as container for the attributes
    present in a PE binary's section header structure."""
    subclass = None
    superclass = None

fileObject has 34 functions (exceeds 20 allowed). Consider refactoring.

Open

class fileObject(GeneratedsSuper):
    """Object definition for files. The required attribute is the id, which
    needs to be globally unique. By convention, the value used is a
    hash, the stronger the better. The choice should be: use sha256
    if you have it, if not use sha1, if not use md5. Other hashes

EffectCollectionType has 34 functions (exceeds 20 allowed). Consider refactoring.

Open

class EffectCollectionType(GeneratedsSuper):
    """EffectCollectionType is intended to provide a mechanism for
    characterizing collections of effects. For instance, it can be
    used to group all of the effects that result from the execution
    of a particular malware instance.The name attribute contains the

Function get_resources_strings has a Cognitive Complexity of 29 (exceeds 5 allowed). Consider refactoring.

Open

    def get_resources_strings(self):
        """Returns a list of all the strings found withing the resources (if any).
        
        This method will scan all entries in the resources directory of the PE, if
        there is one, and will return a list() with the strings.

• Read up
  Read up

StructuredTextType has 33 functions (exceeds 20 allowed). Consider refactoring.

Open

class StructuredTextType(GeneratedsSuper):
    subclass = None
    superclass = None
    def __init__(self, Text_Title=None, Text=None, Code_Example_Language=None, Code=None, Images=None, Block=None):
        if Text_Title is None:

File maec11.py has 337 lines of code (exceeds 250 allowed). Consider refactoring.

Open

# Copyright (C) 2010-2012 Cuckoo Sandbox Developers.
# This file is part of Cuckoo Sandbox - http://www.cuckoosandbox.org
# See the file 'docs/LICENSE' for copying permission.

import os

Consider simplifying this complex logical expression.

Open

        if (
            self.Hashes is not None or
            self.signature is not None or
            self.lastsize is not None or
            self.nblocks is not None or

Consider simplifying this complex logical expression.

Open

        if (
            self.Export_Symbols is not None or
            self.Import_Symbols is not None or
            self.Resources is not None or
            self.Exception is not None or

CodeType has 32 functions (exceeds 20 allowed). Consider refactoring.

Open

class CodeType(GeneratedsSuper):
    """CodeType is intended to provide a way of characterizing segments of
    malicious code that is extracted or otherwise retrieved from
    malware.The codetype attribute is intended to provide a way of
    specifying the type of code being characterized. Possible

ObjectCollectionType has 32 functions (exceeds 20 allowed). Consider refactoring.

Open

class ObjectCollectionType(GeneratedsSuper):
    """ObjectCollectionType is intended to provide a mechanism for
    characterizing collections of effects. For instance, it can be
    used to group all of the actions that are associated with a
    specific behavior.The name attribute contains the name of the

PE_Binary_AttributesType has 32 functions (exceeds 20 allowed). Consider refactoring.

Open

class PE_Binary_AttributesType(GeneratedsSuper):
    """The type attribute is used to define the type of PE file being
    characterized. Possible values: EXE, DLL.The dll_count attribute
    is used to define the number of DLLs loaded by a PE file."""
    subclass = None

malwareMetaData has 32 functions (exceeds 20 allowed). Consider refactoring.

Open

class malwareMetaData(GeneratedsSuper):
    """This is the top level element for the xml document. Required
    attribute is version. Open issues: 2. Right way to express
    commonality in field data so that it can be combined properly 3.
    How to handle unicode in urls Change list 11/12/2009 1. adding

Function __init__ has 31 arguments (exceeds 4 allowed). Consider refactoring.

Open

    def __init__(self, Hashes=None, Major_Linker_Version=None, Minor_Linker_Version=None, Size_Of_Code=None, Size_Of_Initialized_Data=None, Size_Of_Uninitialized_Data=None, Address_Of_Entry_Point=None, Base_Of_Code=None, Base_Of_Data=None, Image_Base=None, Section_Alignment=None, File_Alignment=None, Major_OS_Version=None, Minor_OS_Version=None, Major_Image_Version=None, Minor_Image_Version=None, Major_Subsystem_Version=None, Minor_Subsystem_Version=None, Reserved=None, Size_Of_Image=None, Size_Of_Headers=None, Checksum=None, Subsystem=None, DLL_Characteristics=None, Size_Of_Stack_Reserve=None, Size_Of_Stack_Commit=None, Size_Of_Heap_Reserve=None, Size_Of_Heap_Commit=None, Loader_Flags=None, Number_Of_Rva_And_Sizes=None, Data_Directory=None):

Function add has a Cognitive Complexity of 26 (exceeds 5 allowed). Consider refactoring.

Open

    def add(self, rule, method, target, name=None):
        ''' Add a new route or replace the target for an existing route. '''
        if rule in self.rules:
            self.rules[rule][method] = target
            if name: self.builder[name] = self.builder[rule]

• Read up
  Read up

Function parse_import_directory has a Cognitive Complexity of 26 (exceeds 5 allowed). Consider refactoring.

Open

    def parse_import_directory(self, rva, size):
        """Walk and parse the import directory."""
        
        import_descs =  []
        while True:

• Read up
  Read up

Consider simplifying this complex logical expression.

Open

        if (
            self.Object_Size is not None or
            self.Classifications is not None or
            self.Associated_Code is not None or
            self.Related_Objects is not None or