From ddccac58c82a4f4e57958a146ee50beec45555df Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Fri, 19 Oct 2018 10:18:14 +0200 Subject: [PATCH] chg: categorization of galaxies This allows relationships to be created. --- clusters/android.json | 1 + clusters/backdoor.json | 1 + clusters/banker.json | 1 + clusters/botnet.json | 1 + clusters/exploit-kit.json | 1 + clusters/malpedia.json | 1 + clusters/microsoft-activity-group.json | 1 + clusters/mitre-enterprise-attack-intrusion-set.json | 1 + clusters/mitre-enterprise-attack-malware.json | 1 + clusters/mitre-enterprise-attack-tool.json | 1 + clusters/mitre-intrusion-set.json | 1 + clusters/mitre-malware.json | 1 + clusters/mitre-mobile-attack-intrusion-set.json | 1 + clusters/mitre-mobile-attack-malware.json | 1 + clusters/mitre-mobile-attack-tool.json | 1 + clusters/mitre-pre-attack-intrusion-set.json | 1 + clusters/mitre-tool.json | 1 + clusters/ransomware.json | 1 + clusters/rat.json | 1 + clusters/stealer.json | 1 + clusters/tds.json | 1 + clusters/threat-actor.json | 1 + clusters/tool.json | 1 + schema_clusters.json | 3 +++ 24 files changed, 26 insertions(+) diff --git a/clusters/android.json b/clusters/android.json index c84eeae2..cf3d24c3 100644 --- a/clusters/android.json +++ b/clusters/android.json @@ -6,6 +6,7 @@ "name": "Android", "source": "Open Sources", "type": "android", + "category": "tool", "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa", "values": [ { diff --git a/clusters/backdoor.json b/clusters/backdoor.json index a50acdd2..9ec8af71 100644 --- a/clusters/backdoor.json +++ b/clusters/backdoor.json @@ -6,6 +6,7 @@ "name": "Backdoor", "source": "Open Sources", "type": "backdoor", + "category": "tool", "uuid": "75436e27-cb57-4f32-bf1d-9636dd78a2bf", "values": [ { diff --git a/clusters/banker.json b/clusters/banker.json index 0937e4f3..d179bfe7 100644 --- a/clusters/banker.json +++ b/clusters/banker.json @@ -7,6 +7,7 @@ "name": "Banker", "source": "Open Sources", "type": "banker", + "category": "tool", "uuid": "59f20cce-5420-4084-afd5-0884c0a83832", "values": [ { diff --git a/clusters/botnet.json b/clusters/botnet.json index e7d92061..bef45cf1 100644 --- a/clusters/botnet.json +++ b/clusters/botnet.json @@ -6,6 +6,7 @@ "name": "Botnet", "source": "MISP Project", "type": "botnet", + "category": "tool", "uuid": "a91732f4-164a-11e8-924a-ffd4097eb03f", "values": [ { diff --git a/clusters/exploit-kit.json b/clusters/exploit-kit.json index dc5cd8c1..948e8016 100644 --- a/clusters/exploit-kit.json +++ b/clusters/exploit-kit.json @@ -8,6 +8,7 @@ "name": "Exploit-Kit", "source": "MISP Project", "type": "exploit-kit", + "category": "tool", "uuid": "454f4e78-bd7c-11e6-a4a6-cec0c932ce01", "values": [ { diff --git a/clusters/malpedia.json b/clusters/malpedia.json index 721cca06..d06dd07c 100644 --- a/clusters/malpedia.json +++ b/clusters/malpedia.json @@ -9,6 +9,7 @@ "name": "Malpedia", "source": "Malpedia", "type": "malpedia", + "category": "tool", "uuid": "5fc98d08-90a4-498a-ad2e-0edf50ef374e", "values": [ { diff --git a/clusters/microsoft-activity-group.json b/clusters/microsoft-activity-group.json index e8f7c7fb..d4f1d1f4 100644 --- a/clusters/microsoft-activity-group.json +++ b/clusters/microsoft-activity-group.json @@ -6,6 +6,7 @@ "name": "Microsoft Activity Group actor", "source": "MISP Project", "type": "microsoft-activity-group", + "category": "actor", "uuid": "28b5e55d-acba-4748-a79d-0afa3512689a", "values": [ { diff --git a/clusters/mitre-enterprise-attack-intrusion-set.json b/clusters/mitre-enterprise-attack-intrusion-set.json index b256c4b6..a5b24f0a 100644 --- a/clusters/mitre-enterprise-attack-intrusion-set.json +++ b/clusters/mitre-enterprise-attack-intrusion-set.json @@ -6,6 +6,7 @@ "name": "Enterprise Attack -intrusion Set", "source": "https://github.com/mitre/cti", "type": "mitre-enterprise-attack-intrusion-set", + "category": "actor", "uuid": "01f18402-1708-11e8-ac1c-1ffb3c4a7775", "values": [ { diff --git a/clusters/mitre-enterprise-attack-malware.json b/clusters/mitre-enterprise-attack-malware.json index 1306a7d7..f79c6b04 100644 --- a/clusters/mitre-enterprise-attack-malware.json +++ b/clusters/mitre-enterprise-attack-malware.json @@ -6,6 +6,7 @@ "name": "Enterprise Attack - Malware", "source": "https://github.com/mitre/cti", "type": "mitre-enterprise-attack-malware", + "category": "tool", "uuid": "fbd79f02-1707-11e8-b1c7-87406102276a", "values": [ { diff --git a/clusters/mitre-enterprise-attack-tool.json b/clusters/mitre-enterprise-attack-tool.json index e14a2d30..3cc3e2c9 100644 --- a/clusters/mitre-enterprise-attack-tool.json +++ b/clusters/mitre-enterprise-attack-tool.json @@ -6,6 +6,7 @@ "name": "Enterprise Attack - Tool", "source": "https://github.com/mitre/cti", "type": "mitre-enterprise-attack-tool", + "category": "tool", "uuid": "fc1ea6e0-1707-11e8-ac05-2b70d00c354e", "values": [ { diff --git a/clusters/mitre-intrusion-set.json b/clusters/mitre-intrusion-set.json index c71799df..a768440e 100644 --- a/clusters/mitre-intrusion-set.json +++ b/clusters/mitre-intrusion-set.json @@ -6,6 +6,7 @@ "name": "intrusion Set", "source": "https://github.com/mitre/cti", "type": "mitre-intrusion-set", + "category": "actor", "uuid": "10df003c-7831-11e7-bdb9-971cdd1218df", "values": [ { diff --git a/clusters/mitre-malware.json b/clusters/mitre-malware.json index 3a5e96e3..10f1bac5 100644 --- a/clusters/mitre-malware.json +++ b/clusters/mitre-malware.json @@ -6,6 +6,7 @@ "name": "Malware", "source": "https://github.com/mitre/cti", "type": "mitre-malware", + "category": "tool", "uuid": "d752161c-78f6-11e7-a0ea-bfa79b407ce4", "values": [ { diff --git a/clusters/mitre-mobile-attack-intrusion-set.json b/clusters/mitre-mobile-attack-intrusion-set.json index 2d563f4d..5a2dee49 100644 --- a/clusters/mitre-mobile-attack-intrusion-set.json +++ b/clusters/mitre-mobile-attack-intrusion-set.json @@ -6,6 +6,7 @@ "name": "Mobile Attack - intrusion Set", "source": "https://github.com/mitre/cti", "type": "mitre-mobile-attack-intrusion-set", + "category": "actor", "uuid": "02ab4018-1708-11e8-8f9d-e735aabdfa53", "values": [ { diff --git a/clusters/mitre-mobile-attack-malware.json b/clusters/mitre-mobile-attack-malware.json index 11befb31..5b3637d8 100644 --- a/clusters/mitre-mobile-attack-malware.json +++ b/clusters/mitre-mobile-attack-malware.json @@ -6,6 +6,7 @@ "name": "Mobile Attack - Malware", "source": "https://github.com/mitre/cti", "type": "mitre-mobile-attack-malware", + "category": "tool", "uuid": "04a165aa-1708-11e8-b2da-c7d7625f4a4f", "values": [ { diff --git a/clusters/mitre-mobile-attack-tool.json b/clusters/mitre-mobile-attack-tool.json index 848eaa45..6ba33c65 100644 --- a/clusters/mitre-mobile-attack-tool.json +++ b/clusters/mitre-mobile-attack-tool.json @@ -6,6 +6,7 @@ "name": "Mobile Attack - Tool", "source": "https://github.com/mitre/cti", "type": "mitre-mobile-attack-tool", + "category": "tool", "uuid": "02cee87e-1708-11e8-8f15-8b33e4d6194b", "values": [ { diff --git a/clusters/mitre-pre-attack-intrusion-set.json b/clusters/mitre-pre-attack-intrusion-set.json index da45a89d..897c4bf6 100644 --- a/clusters/mitre-pre-attack-intrusion-set.json +++ b/clusters/mitre-pre-attack-intrusion-set.json @@ -6,6 +6,7 @@ "name": "Pre Attack - intrusion Set", "source": "https://github.com/mitre/cti", "type": "mitre-pre-attack-intrusion-set", + "category": "actor", "uuid": "1fdc8fa2-1708-11e8-99a3-67b4efc13c4f", "values": [ { diff --git a/clusters/mitre-tool.json b/clusters/mitre-tool.json index aed7bb1d..4213cbf1 100644 --- a/clusters/mitre-tool.json +++ b/clusters/mitre-tool.json @@ -6,6 +6,7 @@ "name": "Tool", "source": "https://github.com/mitre/cti", "type": "mitre-tool", + "category": "tool", "uuid": "d700dc5c-78f6-11e7-a476-5f748c8e4fe0", "values": [ { diff --git a/clusters/ransomware.json b/clusters/ransomware.json index e30837d3..1ffab003 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -7,6 +7,7 @@ "name": "Ransomware", "source": "Various", "type": "ransomware", + "category": "tool", "uuid": "10cf658b-5d32-4c4b-bb32-61760a640372", "values": [ { diff --git a/clusters/rat.json b/clusters/rat.json index fa74895c..8848fe1c 100644 --- a/clusters/rat.json +++ b/clusters/rat.json @@ -7,6 +7,7 @@ "name": "RAT", "source": "MISP Project", "type": "rat", + "category": "tool", "uuid": "312f8714-45cb-11e7-b898-135207cdceb9", "values": [ { diff --git a/clusters/stealer.json b/clusters/stealer.json index 7af58a1c..95f7394f 100644 --- a/clusters/stealer.json +++ b/clusters/stealer.json @@ -6,6 +6,7 @@ "name": "Stealer", "source": "Open Sources", "type": "stealer", + "category": "tool", "uuid": "f2ef4033-9001-4427-a418-df8c48e6d054", "values": [ { diff --git a/clusters/tds.json b/clusters/tds.json index ec09cf0b..57f60b82 100644 --- a/clusters/tds.json +++ b/clusters/tds.json @@ -6,6 +6,7 @@ "name": "TDS", "source": "MISP Project", "type": "tds", + "category": "tool", "uuid": "ab5fffaa-c5f6-11e6-9d9d-cec0c932ce01", "values": [ { diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index db1a7957..56f30698 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -10,6 +10,7 @@ "name": "Threat actor", "source": "MISP Project", "type": "threat-actor", + "category": "actor", "uuid": "7cdff317-a673-4474-84ec-4f1754947823", "values": [ { diff --git a/clusters/tool.json b/clusters/tool.json index 1465e423..15f20f6e 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -11,6 +11,7 @@ "name": "Tool", "source": "MISP Project", "type": "tool", + "category": "tool", "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f", "values": [ { diff --git a/schema_clusters.json b/schema_clusters.json index 1968d6ba..36f22c32 100644 --- a/schema_clusters.json +++ b/schema_clusters.json @@ -23,6 +23,9 @@ "source": { "type": "string" }, + "category": { + "type": "string" + }, "values": { "type": "array", "uniqueItems": true,