MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

Update types

pull/74/head v2.4.71
Raphaël Vinot 2017-04-11 15:55:49 +02:00
parent 6d76141c35
commit bd7d782716
1 changed files with 45 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
pymisp/data/describeTypes.json
View File

@ -117,6 +117,10 @@
"default_category": "Payload installation", "default_category": "Payload installation",
"to_ids": 1 "to_ids": 1
}, },
"sigma": {
"default_category": "Payload installation",
"to_ids": 1
},
"vulnerability": { "vulnerability": {
"default_category": "External analysis", "default_category": "External analysis",
"to_ids": 0 "to_ids": 0
@ -141,6 +145,10 @@
"default_category": "Other", "default_category": "Other",
"to_ids": 0 "to_ids": 0
}, },
"hex": {
"default_category": "Other",
"to_ids": 0
},
"other": { "other": {
"default_category": "Other", "default_category": "Other",
"to_ids": 0 "to_ids": 0
@ -245,6 +253,10 @@
"default_category": "Payload delivery", "default_category": "Payload delivery",
"to_ids": 1 "to_ids": 1
}, },
"impfuzzy": {
"default_category": "Payload delivery",
"to_ids": 1
},
"sha224": { "sha224": {
"default_category": "Payload delivery", "default_category": "Payload delivery",
"to_ids": 1 "to_ids": 1
@ -281,6 +293,10 @@
"default_category": "Payload delivery", "default_category": "Payload delivery",
"to_ids": 1 "to_ids": 1
}, },
"filename|impfuzzy": {
"default_category": "Payload delivery",
"to_ids": 1
},
"filename|pehash": { "filename|pehash": {
"default_category": "Payload delivery", "default_category": "Payload delivery",
"to_ids": 1 "to_ids": 1
@ -560,12 +576,14 @@
"pattern-in-traffic", "pattern-in-traffic",
"pattern-in-memory", "pattern-in-memory",
"yara", "yara",
"sigma",
"vulnerability", "vulnerability",
"attachment", "attachment",
"malware-sample", "malware-sample",
"link", "link",
"comment", "comment",
"text", "text",
"hex",
"other", "other",
"named pipe", "named pipe",
"mutex", "mutex",
@ -592,6 +610,7 @@
"ssdeep", "ssdeep",
"imphash", "imphash",
"pehash", "pehash",
"impfuzzy",
"sha224", "sha224",
"sha384", "sha384",
"sha512", "sha512",
@ -601,6 +620,7 @@
"filename|authentihash", "filename|authentihash",
"filename|ssdeep", "filename|ssdeep",
"filename|imphash", "filename|imphash",
"filename|impfuzzy",
"filename|pehash", "filename|pehash",
"filename|sha224", "filename|sha224",
"filename|sha384", "filename|sha384",
@ -687,7 +707,8 @@
"text", "text",
"link", "link",
"comment", "comment",
"other" "other",
"hex"
], ],
"Targeting data": [ "Targeting data": [
"target-user", "target-user",
@ -702,6 +723,7 @@
"link", "link",
"comment", "comment",
"text", "text",
"hex",
"attachment", "attachment",
"other" "other"
], ],
@ -716,6 +738,7 @@
"sha512/256", "sha512/256",
"ssdeep", "ssdeep",
"imphash", "imphash",
"impfuzzy",
"authentihash", "authentihash",
"pehash", "pehash",
"tlsh", "tlsh",
@ -732,6 +755,7 @@
"filename|ssdeep", "filename|ssdeep",
"filename|tlsh", "filename|tlsh",
"filename|imphash", "filename|imphash",
"filename|impfuzzy",
"filename|pehash", "filename|pehash",
"ip-src", "ip-src",
"ip-dst", "ip-dst",
@ -749,12 +773,14 @@
"pattern-in-file", "pattern-in-file",
"pattern-in-traffic", "pattern-in-traffic",
"yara", "yara",
"sigma",
"attachment", "attachment",
"malware-sample", "malware-sample",
"link", "link",
"malware-type", "malware-type",
"comment", "comment",
"text", "text",
"hex",
"vulnerability", "vulnerability",
"x509-fingerprint-sha1", "x509-fingerprint-sha1",
"other", "other",
@ -782,6 +808,7 @@
"sha512/256", "sha512/256",
"ssdeep", "ssdeep",
"imphash", "imphash",
"impfuzzy",
"authentihash", "authentihash",
"filename", "filename",
"filename|md5", "filename|md5",
@ -796,6 +823,7 @@
"filename|ssdeep", "filename|ssdeep",
"filename|tlsh", "filename|tlsh",
"filename|imphash", "filename|imphash",
"filename|impfuzzy",
"filename|pehash", "filename|pehash",
"regkey", "regkey",
"regkey|value", "regkey|value",
@ -803,6 +831,7 @@
"pattern-in-memory", "pattern-in-memory",
"pdb", "pdb",
"yara", "yara",
"sigma",
"attachment", "attachment",
"malware-sample", "malware-sample",
"named pipe", "named pipe",
@ -812,6 +841,7 @@
"windows-service-displayname", "windows-service-displayname",
"comment", "comment",
"text", "text",
"hex",
"x509-fingerprint-sha1", "x509-fingerprint-sha1",
"other" "other"
], ],
@ -826,6 +856,7 @@
"sha512/256", "sha512/256",
"ssdeep", "ssdeep",
"imphash", "imphash",
"impfuzzy",
"authentihash", "authentihash",
"pehash", "pehash",
"tlsh", "tlsh",
@ -842,17 +873,20 @@
"filename|ssdeep", "filename|ssdeep",
"filename|tlsh", "filename|tlsh",
"filename|imphash", "filename|imphash",
"filename|impfuzzy",
"filename|pehash", "filename|pehash",
"pattern-in-file", "pattern-in-file",
"pattern-in-traffic", "pattern-in-traffic",
"pattern-in-memory", "pattern-in-memory",
"yara", "yara",
"sigma",
"vulnerability", "vulnerability",
"attachment", "attachment",
"malware-sample", "malware-sample",
"malware-type", "malware-type",
"comment", "comment",
"text", "text",
"hex",
"x509-fingerprint-sha1", "x509-fingerprint-sha1",
"mobile-application-id", "mobile-application-id",
"other" "other"
@ -863,7 +897,8 @@
"regkey|value", "regkey|value",
"comment", "comment",
"text", "text",
"other" "other",
"hex"
], ],
"Network activity": [ "Network activity": [
"ip-src", "ip-src",
@ -886,7 +921,8 @@
"comment", "comment",
"text", "text",
"x509-fingerprint-sha1", "x509-fingerprint-sha1",
"other" "other",
"hex"
], ],
"Payload type": [ "Payload type": [
"comment", "comment",
@ -952,7 +988,8 @@
"prtn", "prtn",
"comment", "comment",
"text", "text",
"other" "other",
"hex"
], ],
"Support Tool": [ "Support Tool": [
"link", "link",
@ -960,7 +997,8 @@
"attachment", "attachment",
"comment", "comment",
"text", "text",
"other" "other",
"hex"
], ],
"Social network": [ "Social network": [
"github-username", "github-username",
@ -1011,7 +1049,8 @@
"datetime", "datetime",
"cpe", "cpe",
"port", "port",
"float" "float",
"hex"
] ]
} }
} }