From ea9107d0c6f37e9cffacb2e5f0b201f9ed65bb1d Mon Sep 17 00:00:00 2001
From: pabloperezj <pablopj@google.com>
Date: Wed, 10 Jul 2024 12:12:00 +0200
Subject: [PATCH] Update all indicators

---
 .../Integrations/VirusTotalV3/VirusTotalV3.py | 33 ++++++++++++++-----
 1 file changed, 24 insertions(+), 9 deletions(-)

diff --git a/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py b/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py
index c176f3db31da..555903fe1d2a 100644
--- a/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py
+++ b/Packs/VirusTotal/Integrations/VirusTotalV3/VirusTotalV3.py
@@ -163,14 +163,19 @@ def to_context(self):
         context = super().to_context()
         file_context = context[super().CONTEXT_PATH]
 
+        file_context['VTVendors'] = {}
+
         if self.count_vt_vendors_which_flagged_malicious is not None:
-            file_context['Count VT Vendors Which Flagged Malicious'] = self.count_vt_vendors_which_flagged_malicious
+            file_context['VTVendors']['EngineDetections'] = self.count_vt_vendors_which_flagged_malicious
 
         if self.vt_vendors_which_flagged_malicious is not None:
-            file_context['VT Vendors Which Flagged Malicious'] = self.vt_vendors_which_flagged_malicious
+            file_context['VTVendors']['EngineVendors'] = self.vt_vendors_which_flagged_malicious
 
         if self.vt_detection_names is not None:
-            file_context['VT Detection Names'] = self.vt_detection_names
+            file_context['VTVendors']['EngineDetectionNames'] = self.vt_detection_names
+
+        if not file_context['VTVendors']:
+            file_context.pop('VTVendors', None)
 
         return context
 
@@ -201,14 +206,19 @@ def to_context(self):
         context = super().to_context()
         file_context = context[super().CONTEXT_PATH]
 
+        file_context['VTVendors'] = {}
+
         if self.count_vt_vendors_which_flagged_malicious is not None:
-            file_context['Count VT Vendors Which Flagged Malicious'] = self.count_vt_vendors_which_flagged_malicious
+            file_context['VTVendors']['EngineDetections'] = self.count_vt_vendors_which_flagged_malicious
 
         if self.vt_vendors_which_flagged_malicious is not None:
-            file_context['VT Vendors Which Flagged Malicious'] = self.vt_vendors_which_flagged_malicious
+            file_context['VTVendors']['EngineVendors'] = self.vt_vendors_which_flagged_malicious
 
         if self.vt_detection_names is not None:
-            file_context['VT Detection Names'] = self.vt_detection_names
+            file_context['VTVendors']['EngineDetectionNames'] = self.vt_detection_names
+
+        if not file_context['VTVendors']:
+            file_context.pop('VTVendors', None)
 
         return context
 
@@ -239,14 +249,19 @@ def to_context(self):
         context = super().to_context()
         file_context = context[super().CONTEXT_PATH]
 
+        file_context['VTVendors'] = {}
+
         if self.count_vt_vendors_which_flagged_malicious is not None:
-            file_context['Count VT Vendors Which Flagged Malicious'] = self.count_vt_vendors_which_flagged_malicious
+            file_context['VTVendors']['EngineDetections'] = self.count_vt_vendors_which_flagged_malicious
 
         if self.vt_vendors_which_flagged_malicious is not None:
-            file_context['VT Vendors Which Flagged Malicious'] = self.vt_vendors_which_flagged_malicious
+            file_context['VTVendors']['EngineVendors'] = self.vt_vendors_which_flagged_malicious
 
         if self.vt_detection_names is not None:
-            file_context['VT Detection Names'] = self.vt_detection_names
+            file_context['VTVendors']['EngineDetectionNames'] = self.vt_detection_names
+
+        if not file_context['VTVendors']:
+            file_context.pop('VTVendors', None)
 
         return context