Project import generated by Copybara. (#331)

copybara-service[bot] · virustotal-bot · web-flow · commit c81e09b9d1b7 · 2025-03-18T10:34:34.000+01:00
PiperOrigin-RevId: 737920647

Co-authored-by: VirusTotal Bot &lt;virustotal-github-bot@google.com&gt;
diff --git a/lib/src/modules/protos/vt/filetypes.proto b/lib/src/modules/protos/vt/filetypes.proto
@@ -172,6 +172,7 @@ enum FileType {
   ISOIMAGE = 800;
   SQUASHFS = 801;
   VHD = 802;
+  VHDX = 803;
   APPLE = 1000;
   MACINTOSH = 1001;
   APPLESINGLE = 1002;
diff --git a/lib/src/modules/protos/vt/sandbox.proto b/lib/src/modules/protos/vt/sandbox.proto
@@ -218,6 +218,10 @@ message KeyValue {
 }
 
 message HttpConversation {
+  option (yara.message_options) = {
+    name: "Http"
+  };
+
   enum RequestMethod {
     option (yara.enum_options) = {
       name: "Method"
@@ -254,6 +258,10 @@ message DnsLookup {
 }
 
 message IpTraffic {
+  option (yara.message_options) = {
+    name: "Net"
+  };
+
   enum TransportLayerProtocol {
     option (yara.enum_options) = {
       name: "Protocol"
diff --git a/lib/src/modules/protos/vt/titan.proto b/lib/src/modules/protos/vt/titan.proto
@@ -17,6 +17,7 @@ option (yara.module_options) = {
   name: "vt"
   root_message: "vt.titan.LiveHuntData"
   rust_module: "vt"
+  cargo_feature: "vt-module"
 };
 
 message LiveHuntData {
diff --git a/lib/src/modules/protos/vt/vtnet.proto b/lib/src/modules/protos/vt/vtnet.proto
@@ -93,6 +93,10 @@ message PopularityRank {
 }
 
 message EnrichedURL {
+  option (yara.message_options) = {
+    name: "URL"
+  };
+
   int64 port = 3;
   repeated Tracker trackers = 4;
   map<string, string> response_headers = 5;
@@ -130,6 +134,10 @@ message EnrichedURL {
 }
 
 message EnrichedIP {
+  option (yara.message_options) = {
+    name: "IP"
+  };
+
   map<string, string> whois = 3;
   string whois_raw = 22;
   SSLCertificate https_certificate = 4;
@@ -170,6 +178,20 @@ message EnrichedIP {
 }
 
 message EnrichedDomain {
+  option (yara.message_options) = {
+    name: "Domain"
+  };
+
+  enum Permutation {
+    ALL = 0 [(yara.enum_value) = { i64: 65535 }];
+    TYPO = 1 [(yara.enum_value) = { i64: 1 }];
+    HOMOGLYPH = 2 [(yara.enum_value) = { i64: 2 }];
+    HYPHENATION = 3 [(yara.enum_value) = { i64: 4 }];
+    SUBDOMAIN = 4 [(yara.enum_value) = { i64: 8 }];
+    TLD = 5 [(yara.enum_value) = { i64: 16 }];
+    BITSQUATTING = 6 [(yara.enum_value) = { i64: 32 }];
+  }
+
   string raw = 18;
   string root = 27;
   map<string, string> whois = 3;
