RFE: add "Potential Threat Name" and "Popular Threat Name" info to VTfile report

[mjbroekman]

Description: The VirusTotal JSON output includes suggested_threat_label and popular_threat_name. Please include them in the VTfile output.

Example JSON (VT sample: 7f055dc25a72381ef7b03cc8563c4b3e411e622eb089285eaa639a3a2b6d3c5f):

            "popular_threat_classification": {
                "suggested_threat_label": "trojan.msil/msilzilla",
                "popular_threat_category": [
                    {
                        "count": 25,
                        "value": "trojan"
                    },
                    {
                        "count": 3,
                        "value": "dropper"
                    }
                ],
                "popular_threat_name": [
                    {
                        "count": 9,
                        "value": "msil"
                    },
                    {
                        "count": 6,
                        "value": "msilzilla"
                    },
                    {
                        "count": 2,
                        "value": "fareit"
                    }
                ]
            },

I chose "Potential Threat Label" in the output rather than "Suggested". Example output:

[*] Potential Threat Label: trojan.msil/msilzilla
+-------------------+-------+
| Threat Categories | Count |
+-------------------+-------+
|       trojan      |   25  |
|      dropper      |   3   |
+-------------------+-------+
+--------------+-------+
| Threat Names | Count |
+--------------+-------+
|     msil     |   9   |
|  msilzilla   |   6   |
|    fareit    |   2   |
+--------------+-------+

Diff to implement

-        # Threat Categories
-        threatTable = PrettyTable()
-        threatTable.field_names = [f"{green}Threat Categories{white}"]
         if "data" in parser.keys():
             if "popular_threat_classification" in parser["data"]["attributes"].keys():
-                for th in range(0, len(parser["data"]["attributes"]["popular_threat_classification"]["popular_threat_category"])):
-                    threatTable.add_row([f'{red}{parser["data"]["attributes"]["popular_threat_classification"]["popular_threat_category"][th][0]}{white}'])
+                if "suggested_threat_label" in parser["data"]["attributes"]["popular_threat_classification"].keys():
+                    print(f"\n{infoS} Potential Threat Label: " + f'{red}{parser["data"]["attributes"]["popular_threat_classification"]["suggested_threat_label"]}{white}')
+
+                # Threat Categories
+                threatTable = PrettyTable()
+                threatTable.field_names = [f"{green}Threat Categories{white}",f"{green}Count{white}"]
+                if "popular_threat_category" in parser["data"]["attributes"]["popular_threat_classification"].keys():
+                    for th in range(0, len(parser["data"]["attributes"]["popular_threat_classification"]["popular_threat_category"])):
+                        threatTable.add_row([f'{red}{parser["data"]["attributes"]["popular_threat_classification"]["popular_threat_category"][th]["value"]}{white}',f'{red}{parser["data"]["attributes"]["popular_threat_classification"]["popular_threat_category"][th]["count"]}{white}'])
                 print(threatTable)

+                # Threat Names
+                nameTable = PrettyTable()
+                nameTable.field_names = [f"{green}Threat Names{white}",f"{green}Count{white}"]
+                if "popular_threat_name" in parser["data"]["attributes"]["popular_threat_classification"].keys():
+                    for th in range(0, len(parser["data"]["attributes"]["popular_threat_classification"]["popular_threat_name"])):
+                        nameTable.add_row([f'{red}{parser["data"]["attributes"]["popular_threat_classification"]["popular_threat_name"][th]["value"]}{white}',f'{red}{parser["data"]["attributes"]["popular_threat_classification"]["popular_threat_name"][th]["count"]}{white}'])
+                print(nameTable)
+

[CYB3RMX]

I added all of these solutions to new update. Thank you so much :)