Reorder rules to keep Cuckoo rules together

1 files changed, 17 insertions, 17 deletions

diff --git a/peekaboo/ruleset/rules.py b/peekaboo/ruleset/rules.py
index 48851cb..e204a9d 100644
--- a/peekaboo/ruleset/rules.py
+++ b/peekaboo/ruleset/rules.py
@@ -155,6 +155,23 @@ class FileTypeOnGreylistRule(Rule):
                            False)
 
 
+class OfficeMacroRule(Rule):
+    """ A rule checking the sample for Office macros. """
+    rule_name = 'office_macro'
+
+    def evaluate(self, sample):
+        """ Report the sample as bad if it contains a macro. """
+        if sample.office_macros:
+            return self.result(Result.bad,
+                               "Die Datei beinhaltet ein Office-Makro",
+                               False)
+
+        return self.result(Result.unknown,
+                           "Die Datei beinhaltet kein erkennbares "
+                           "Office-Makro",
+                           True)
+
+
 class CuckooRule(Rule):
     """ A common base class for rules that evaluate the Cuckoo report. """
     def evaluate(self, sample):
@@ -262,23 +279,6 @@ class CuckooScoreRule(CuckooRule):
                            True)
 
 
-class OfficeMacroRule(Rule):
-    """ A rule checking the sample for Office macros. """
-    rule_name = 'office_macro'
-
-    def evaluate(self, sample):
-        """ Report the sample as bad if it contains a macro. """
-        if sample.office_macros:
-            return self.result(Result.bad,
-                               "Die Datei beinhaltet ein Office-Makro",
-                               False)
-
-        return self.result(Result.unknown,
-                           "Die Datei beinhaltet kein erkennbares "
-                           "Office-Makro",
-                           True)
-
-
 class RequestsEvilDomainRule(CuckooRule):
     """ A rule checking the domains reported as requested by the sample by
     Cuckoo against a blacklist. """