Reduce complexity

salt/sensoroni/files/analyzers/malwarebazaar/malwarebazaar.py

@@ -75,29 +75,21 @@ def prepareResults(raw):
         # gauge vendors to determine an approximation of status, normalized to a value out of 100
         # only updates score if it finds a higher indicator value
         score = 0
-        if 'vxCube' in vendor_data:
-            score = int(vendor_data['vxCube']['maliciousness'])
-
-        if 'Triage' in vendor_data:
-            score = int(vendor_data['Triage']['score'])*10 if int(
-                vendor_data['Triage']['score'])*10 > score else score
-
-        if 'DocGuard' in vendor_data:
-            score = int(vendor_data['DocGuard']['alertlevel'])*10 if int(
-                vendor_data['DocGuard']['alertlevel'])*10 > score else score
-
-        if 'YOROI_YOMI' in vendor_data:
-            score = int(float(vendor_data['YOROI_YOMI']['score']))*100 if int(
-                float(vendor_data['YOROI_YOMI']['score']))*100 > score else score
-
-        if 'Inquest' in vendor_data and vendor_data['Inquest']['verdict'] == 'MALICIOUS':
-            score = 100 if 100 > score else score
-
-        if 'ReversingLabs' in vendor_data and vendor_data['ReversingLabs']['status'] == 'MALICIOUS':
-            score = 100 if 100 > score else score
-
-        if 'Spamhaus_HBL' in vendor_data and vendor_data['Spamhaus_HBL'][0]['detection'] == 'MALICIOUS':
-            score = 100 if 100 > score else score
+        vendor_info_list = [
+            ('vxCube', 'maliciousness', int),
+            ('Triage', 'score', lambda x: int(x) * 10),
+            ('DocGuard', 'alertlevel', lambda x: int(x) * 10),
+            ('YOROI_YOMI', 'score', lambda x: int(float(x)) * 100),
+            ('Inquest', 'verdict', lambda x: 100 if x == 'MALICIOUS' else 0),
+            ('ReversingLabs', 'status', lambda x: 100 if x == 'MALICIOUS' else 0),
+            ('Spamhaus_HBL', 'detection', lambda x: 100 if x == 'MALICIOUS' else 0),
+        ]
+        for vendor, key, transform in vendor_info_list:
+            if vendor in vendor_data and key in vendor_data[vendor]:
+                value = vendor_data[vendor][key]
+                score = max(score, transform(value))
+        # Ensure score is at least 0 (or some default value)
+        score = max(score, 0)
 
         # compute status
         if score >= 75 or isInJson(raw, 'MALICIOUS'.lower()):