mirror of https://github.com/MISP/MISP
add: GENE: Go Evtx sigNature Engine attribute type added
parent
4b722e0b61
commit
65b4375143
|
@ -130,7 +130,8 @@ class Attribute extends AppModel {
|
||||||
'pattern-in-memory' => array('desc' => 'Pattern in memory dump that identifies the malware', 'default_category' => 'Payload installation', 'to_ids' => 1),
|
'pattern-in-memory' => array('desc' => 'Pattern in memory dump that identifies the malware', 'default_category' => 'Payload installation', 'to_ids' => 1),
|
||||||
'yara' => array('desc' => 'Yara signature', 'default_category' => 'Payload installation', 'to_ids' => 1),
|
'yara' => array('desc' => 'Yara signature', 'default_category' => 'Payload installation', 'to_ids' => 1),
|
||||||
'stix2-pattern' => array('desc' => 'STIX 2 pattern', 'default_category' => 'Payload installation', 'to_ids' => 1),
|
'stix2-pattern' => array('desc' => 'STIX 2 pattern', 'default_category' => 'Payload installation', 'to_ids' => 1),
|
||||||
'sigma' => array('desc' => 'Sigma - Generic Signature Format for SIEM Systems', 'default_category' => 'Payload installation', 'to_ids' => 1),
|
'sigma' => array('desc' => 'Sigma - Generic Signature Format for SIEM Systems', 'default_category' => 'Payload installation', 'to_ids' => 1),
|
||||||
|
'gene' => array('desc' => 'GENE - Go Evtx sigNature Engine', 'default_category' => 'Artifacts dropped', 'to_ids' => 0),
|
||||||
'cookie' => array('desc' => 'HTTP cookie as often stored on the user web client. This can include authentication cookie or session cookie.', 'default_category' => 'Network activity', 'to_ids' => 0),
|
'cookie' => array('desc' => 'HTTP cookie as often stored on the user web client. This can include authentication cookie or session cookie.', 'default_category' => 'Network activity', 'to_ids' => 0),
|
||||||
'vulnerability' => array('desc' => 'A reference to the vulnerability used in the exploit', 'default_category' => 'External analysis', 'to_ids' => 0),
|
'vulnerability' => array('desc' => 'A reference to the vulnerability used in the exploit', 'default_category' => 'External analysis', 'to_ids' => 0),
|
||||||
'attachment' => array('desc' => 'Attachment with external information', 'formdesc' => "Please upload files using the <em>Upload Attachment</em> button.", 'default_category' => 'External analysis', 'to_ids' => 0),
|
'attachment' => array('desc' => 'Attachment with external information', 'formdesc' => "Please upload files using the <em>Upload Attachment</em> button.", 'default_category' => 'External analysis', 'to_ids' => 0),
|
||||||
|
@ -1026,7 +1027,8 @@ class Attribute extends AppModel {
|
||||||
case 'pattern-in-memory':
|
case 'pattern-in-memory':
|
||||||
case 'yara':
|
case 'yara':
|
||||||
case 'stix2-pattern':
|
case 'stix2-pattern':
|
||||||
case 'sigma':
|
case 'sigma':
|
||||||
|
case 'gene':
|
||||||
case 'cookie':
|
case 'cookie':
|
||||||
case 'attachment':
|
case 'attachment':
|
||||||
case 'malware-sample':
|
case 'malware-sample':
|
||||||
|
|
Loading…
Reference in New Issue