PyMISP/tests/mispevent_testfiles/malware_exist.json

{"response":[{
      "id": "6719",
      "orgc_id": "1",
      "org_id": "1",
      "date": "2018-01-04",
      "threat_level_id": "1",
      "info": "Test existing malware PyMISP",
      "published": false,
      "uuid": "5a4e4fdd-1eb4-4ff3-9e87-43fa950d210f",
      "attribute_count": "6",
      "analysis": "0",
      "timestamp": "1515081727",
      "distribution": "0",
      "proposal_email_lock": false,
      "locked": false,
      "publish_timestamp": 0,
      "sharing_group_id": "0",
      "disable_correlation": false,
      "event_creator_email": "raphael.vinot@circl.lu",
      "Org": {
          "id": "1",
          "name": "CIRCL",
          "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
      },
      "Orgc": {
          "id": "1",
          "name": "CIRCL",
          "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
      },
      "Attribute": [],
      "ShadowAttribute": [],
      "RelatedEvent": [],
      "Galaxy": [],
      "Object": [
          {
              "id": "2279",
              "name": "file",
              "meta-category": "file",
              "description": "File object describing a file with meta-information",
              "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
              "template_version": "6",
              "event_id": "6719",
              "uuid": "5a4e4ffe-4cb8-48b1-bd5c-48fb950d210f",
              "timestamp": "1515081726",
              "distribution": "5",
              "sharing_group_id": "0",
              "comment": "",
              "deleted": false,
              "ObjectReference": [],
              "Attribute": [
                  {
                      "id": "814967",
                      "type": "malware-sample",
                      "category": "Payload delivery",
                      "to_ids": true,
                      "uuid": "5a4e4fff-407c-40ff-9de5-43dc950d210f",
                      "event_id": "6719",
                      "distribution": "5",
                      "timestamp": "1515081727",
                      "comment": "",
                      "sharing_group_id": "0",
                      "deleted": false,
                      "disable_correlation": false,
                      "object_id": "2279",
                      "object_relation": "malware-sample",
                      "value": "simple.json|7637beddacbeac59d44469b2b120b9e6",
                      "data": "UEsDBAoACQAAAFYGA0/yk6nqEAAAAAQAAAAgABwANWI3NmIwZWVmOWFmOGEyMzAwNjczZTA1NTNmNjA5ZjlVVAkAA0O+RF1DvkRddXgLAAEEIQAAAAQhAAAAKjTWvfZCN4PlYePhL4s52lBLBwjyk6nqEAAAAAQAAABQSwMECgAJAAAAVgYDT4OOVAAXAAAACwAAAC0AHAA1Yjc2YjBlZWY5YWY4YTIzMDA2NzNlMDU1M2Y2MDlmOS5maWxlbmFtZS50eHRVVAkAA0O+RF1DvkRddXgLAAEEIQAAAAQhAAAAGOK3WSE/A/8NRU5Dlo6Z5J+yV17raVlQSwcIg45UABcAAAALAAAAUEsBAh4DCgAJAAAAVgYDT/KTqeoQAAAABAAAACAAGAAAAAAAAQAAAKSBAAAAADViNzZiMGVlZjlhZjhhMjMwMDY3M2UwNTUzZjYwOWY5VVQFAANDvkRddXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAVgYDT4OOVAAXAAAACwAAAC0AGAAAAAAAAQAAAKSBegAAADViNzZiMGVlZjlhZjhhMjMwMDY3M2UwNTUzZjYwOWY5LmZpbGVuYW1lLnR4dFVUBQADQ75EXXV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAAAIAQAAAAA=",
                      "ShadowAttribute": []
                  },
                  {
                      "id": "814968",
                      "type": "filename",
                      "category": "Payload delivery",
                      "to_ids": false,
                      "uuid": "5a4e4fff-9ec0-4822-a405-4e29950d210f",
                      "event_id": "6719",
                      "distribution": "5",
                      "timestamp": "1515081727",
                      "comment": "",
                      "sharing_group_id": "0",
                      "deleted": false,
                      "disable_correlation": false,
                      "object_id": "2279",
                      "object_relation": "filename",
                      "value": "simple.json",
                      "ShadowAttribute": []
                  },
                  {
                      "id": "814969",
                      "type": "md5",
                      "category": "Payload delivery",
                      "to_ids": true,
                      "uuid": "5a4e4fff-8000-49f9-8c3e-4598950d210f",
                      "event_id": "6719",
                      "distribution": "5",
                      "timestamp": "1515081727",
                      "comment": "",
                      "sharing_group_id": "0",
                      "deleted": false,
                      "disable_correlation": false,
                      "object_id": "2279",
                      "object_relation": "md5",
                      "value": "7637beddacbeac59d44469b2b120b9e6",
                      "ShadowAttribute": []
                  },
                  {
                      "id": "814970",
                      "type": "sha1",
                      "category": "Payload delivery",
                      "to_ids": true,
                      "uuid": "5a4e4fff-dae0-4aa4-81ea-4899950d210f",
                      "event_id": "6719",
                      "distribution": "5",
                      "timestamp": "1515081727",
                      "comment": "",
                      "sharing_group_id": "0",
                      "deleted": false,
                      "disable_correlation": false,
                      "object_id": "2279",
                      "object_relation": "sha1",
                      "value": "023853a4331db8d67e44553004cf338ec1b7440e",
                      "ShadowAttribute": []
                  },
                  {
                      "id": "814971",
                      "type": "sha256",
                      "category": "Payload delivery",
                      "to_ids": true,
                      "uuid": "5a4e4fff-03ec-4e88-b5f4-472b950d210f",
                      "event_id": "6719",
                      "distribution": "5",
                      "timestamp": "1515081727",
                      "comment": "",
                      "sharing_group_id": "0",
                      "deleted": false,
                      "disable_correlation": false,
                      "object_id": "2279",
                      "object_relation": "sha256",
                      "value": "6ae8b0f1c7d6f3238d1fc14038018c3b4704c8cc23dac1c2bfd2c81b5a278eef",
                      "ShadowAttribute": []
                  },
                  {
                      "id": "814972",
                      "type": "size-in-bytes",
                      "category": "Other",
                      "to_ids": false,
                      "uuid": "5a4e4fff-b6f4-41ba-a6eb-446c950d210f",
                      "event_id": "6719",
                      "distribution": "5",
                      "timestamp": "1515081727",
                      "comment": "",
                      "sharing_group_id": "0",
                      "deleted": false,
                      "disable_correlation": true,
                      "object_id": "2279",
                      "object_relation": "size-in-bytes",
                      "value": "21",
                      "ShadowAttribute": []
                  }
              ]
          }
      ]
}]}
chg: Add test for loading existing malware sample from MISP 2018-01-04 17:12:15 +01:00			`{"response":[{`
fix: Some test cases need more love. 2019-08-02 18:01:08 +02:00			`"id": "6719",`
			`"orgc_id": "1",`
			`"org_id": "1",`
			`"date": "2018-01-04",`
			`"threat_level_id": "1",`
			`"info": "Test existing malware PyMISP",`
			`"published": false,`
			`"uuid": "5a4e4fdd-1eb4-4ff3-9e87-43fa950d210f",`
			`"attribute_count": "6",`
			`"analysis": "0",`
			`"timestamp": "1515081727",`
			`"distribution": "0",`
			`"proposal_email_lock": false,`
			`"locked": false,`
			`"publish_timestamp": 0,`
			`"sharing_group_id": "0",`
			`"disable_correlation": false,`
			`"event_creator_email": "raphael.vinot@circl.lu",`
			`"Org": {`
			`"id": "1",`
			`"name": "CIRCL",`
			`"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"`
			`},`
			`"Orgc": {`
			`"id": "1",`
			`"name": "CIRCL",`
			`"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"`
			`},`
			`"Attribute": [],`
			`"ShadowAttribute": [],`
			`"RelatedEvent": [],`
			`"Galaxy": [],`
			`"Object": [`
			`{`
			`"id": "2279",`
			`"name": "file",`
			`"meta-category": "file",`
			`"description": "File object describing a file with meta-information",`
			`"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",`
			`"template_version": "6",`
			`"event_id": "6719",`
			`"uuid": "5a4e4ffe-4cb8-48b1-bd5c-48fb950d210f",`
			`"timestamp": "1515081726",`
			`"distribution": "5",`
			`"sharing_group_id": "0",`
			`"comment": "",`
			`"deleted": false,`
			`"ObjectReference": [],`
			`"Attribute": [`
			`{`
			`"id": "814967",`
			`"type": "malware-sample",`
			`"category": "Payload delivery",`
			`"to_ids": true,`
			`"uuid": "5a4e4fff-407c-40ff-9de5-43dc950d210f",`
			`"event_id": "6719",`
			`"distribution": "5",`
			`"timestamp": "1515081727",`
			`"comment": "",`
			`"sharing_group_id": "0",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_id": "2279",`
			`"object_relation": "malware-sample",`
			`"value": "simple.json\|7637beddacbeac59d44469b2b120b9e6",`
fix: Inconsistency in MISPEvent, reenable tests 2019-08-03 00:54:08 +02:00			"data": "UEsDBAoACQAAAFYGA0/yk6nqEAAAAAQAAAAgABwANWI3NmIwZWVmOWFmOGEyMzAwNjczZTA1NTNmNjA5ZjlVVAkAA0O+RF1DvkRddXgLAAEEIQAAAAQhAAAAKjTWvfZCN4PlYePhL4s52lBLBwjyk6nqEAAAAAQAAABQSwMECgAJAAAAVgYDT4OOVAAXAAAACwAAAC0AHAA1Yjc2YjBlZWY5YWY4YTIzMDA2NzNlMDU1M2Y2MDlmOS5maWxlbmFtZS50eHRVVAkAA0O+RF1DvkRddXgLAAEEIQAAAAQhAAAAGOK3WSE/A/8NRU5Dlo6Z5J+yV17raVlQSwcIg45UABcAAAALAAAAUEsBAh4DCgAJAAAAVgYDT/KTqeoQAAAABAAAACAAGAAAAAAAAQAAAKSBAAAAADViNzZiMGVlZjlhZjhhMjMwMDY3M2UwNTUzZjYwOWY5VVQFAANDvkRddXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAVgYDT4OOVAAXAAAACwAAAC0AGAAAAAAAAQAAAKSBegAAADViNzZiMGVlZjlhZjhhMjMwMDY3M2UwNTUzZjYwOWY5LmZpbGVuYW1lLnR4dFVUBQADQ75EXXV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAAAIAQAAAAA=",
fix: Some test cases need more love. 2019-08-02 18:01:08 +02:00			`"ShadowAttribute": []`
			`},`
			`{`
			`"id": "814968",`
			`"type": "filename",`
			`"category": "Payload delivery",`
			`"to_ids": false,`
			`"uuid": "5a4e4fff-9ec0-4822-a405-4e29950d210f",`
			`"event_id": "6719",`
			`"distribution": "5",`
			`"timestamp": "1515081727",`
			`"comment": "",`
			`"sharing_group_id": "0",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_id": "2279",`
			`"object_relation": "filename",`
			`"value": "simple.json",`
			`"ShadowAttribute": []`
			`},`
			`{`
			`"id": "814969",`
			`"type": "md5",`
			`"category": "Payload delivery",`
			`"to_ids": true,`
			`"uuid": "5a4e4fff-8000-49f9-8c3e-4598950d210f",`
			`"event_id": "6719",`
			`"distribution": "5",`
			`"timestamp": "1515081727",`
			`"comment": "",`
			`"sharing_group_id": "0",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_id": "2279",`
			`"object_relation": "md5",`
			`"value": "7637beddacbeac59d44469b2b120b9e6",`
			`"ShadowAttribute": []`
			`},`
			`{`
			`"id": "814970",`
			`"type": "sha1",`
			`"category": "Payload delivery",`
			`"to_ids": true,`
			`"uuid": "5a4e4fff-dae0-4aa4-81ea-4899950d210f",`
			`"event_id": "6719",`
			`"distribution": "5",`
			`"timestamp": "1515081727",`
			`"comment": "",`
			`"sharing_group_id": "0",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_id": "2279",`
			`"object_relation": "sha1",`
			`"value": "023853a4331db8d67e44553004cf338ec1b7440e",`
			`"ShadowAttribute": []`
			`},`
			`{`
			`"id": "814971",`
			`"type": "sha256",`
			`"category": "Payload delivery",`
			`"to_ids": true,`
			`"uuid": "5a4e4fff-03ec-4e88-b5f4-472b950d210f",`
			`"event_id": "6719",`
			`"distribution": "5",`
			`"timestamp": "1515081727",`
			`"comment": "",`
			`"sharing_group_id": "0",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"object_id": "2279",`
			`"object_relation": "sha256",`
			`"value": "6ae8b0f1c7d6f3238d1fc14038018c3b4704c8cc23dac1c2bfd2c81b5a278eef",`
			`"ShadowAttribute": []`
			`},`
			`{`
			`"id": "814972",`
			`"type": "size-in-bytes",`
			`"category": "Other",`
			`"to_ids": false,`
			`"uuid": "5a4e4fff-b6f4-41ba-a6eb-446c950d210f",`
			`"event_id": "6719",`
			`"distribution": "5",`
			`"timestamp": "1515081727",`
			`"comment": "",`
			`"sharing_group_id": "0",`
			`"deleted": false,`
			`"disable_correlation": true,`
			`"object_id": "2279",`
			`"object_relation": "size-in-bytes",`
			`"value": "21",`
			`"ShadowAttribute": []`
			`}`
			`]`
			`}`
			`]`
chg: Add test for loading existing malware sample from MISP 2018-01-04 17:12:15 +01:00			`}]}`