2018-09-28 13:13:31 +02:00
|
|
|
{
|
|
|
|
"required": [
|
|
|
|
"key"
|
|
|
|
],
|
|
|
|
"requiredOneOf": [
|
|
|
|
"user-name",
|
|
|
|
"last-login-time",
|
|
|
|
"login-count"
|
|
|
|
],
|
|
|
|
"attributes": {
|
|
|
|
"key": {
|
|
|
|
"description": "Registry key where the information is retrieved from.",
|
|
|
|
"ui-priority": 0,
|
|
|
|
"misp-attribute": "text"
|
|
|
|
},
|
|
|
|
"key-last-write-time": {
|
|
|
|
"description": "Date and time when the key was last updated.",
|
|
|
|
"ui-priority": 0,
|
2018-10-02 11:14:19 +02:00
|
|
|
"misp-attribute": "datetime",
|
|
|
|
"disable_correlation": true
|
2018-09-28 13:13:31 +02:00
|
|
|
},
|
|
|
|
"user-name": {
|
|
|
|
"description": "User name assigned to the user profile.",
|
|
|
|
"ui-priority": 0,
|
|
|
|
"misp-attribute": "text"
|
|
|
|
},
|
|
|
|
"full-user-name": {
|
|
|
|
"description": "Full name assigned to the user profile.",
|
|
|
|
"ui-priority": 0,
|
|
|
|
"misp-attribute": "text"
|
|
|
|
},
|
|
|
|
"last-login-time": {
|
|
|
|
"description": "Date and time when the user last logged onto the system.",
|
|
|
|
"ui-priority": 0,
|
2018-10-02 11:14:19 +02:00
|
|
|
"misp-attribute": "datetime",
|
|
|
|
"disable_correlation": true
|
2018-09-28 13:13:31 +02:00
|
|
|
},
|
|
|
|
"pwd-reset-time": {
|
|
|
|
"description": "Date and time when the password was last reset.",
|
|
|
|
"ui-priority": 0,
|
2018-10-02 11:14:19 +02:00
|
|
|
"misp-attribute": "datetime",
|
|
|
|
"disable_correlation": true
|
2018-09-28 13:13:31 +02:00
|
|
|
},
|
|
|
|
"pwd-fail-date": {
|
|
|
|
"description": "Date and time when a password last failed for this user profile.",
|
|
|
|
"ui-priority": 0,
|
2018-10-02 11:14:19 +02:00
|
|
|
"misp-attribute": "datetime",
|
|
|
|
"disable_correlation": true
|
2018-09-28 13:13:31 +02:00
|
|
|
},
|
|
|
|
"login-count": {
|
|
|
|
"description": "Number of times the user logged-in onto the system.",
|
|
|
|
"ui-priority": 0,
|
2018-10-02 11:14:19 +02:00
|
|
|
"misp-attribute": "counter",
|
|
|
|
"disable_correlation": true
|
|
|
|
},
|
|
|
|
"comments": {
|
|
|
|
"description": "Full name assigned to the user profile.",
|
|
|
|
"ui-priority": 0,
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"disable_correlation": true
|
2018-09-28 13:13:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
},
|
|
|
|
"version": 1,
|
|
|
|
"description": "Regripper Object template designed to present user profile details extracted from the SAM hive.",
|
|
|
|
"meta-category": "misc",
|
|
|
|
"uuid": "4d3fffd2-cd07-4357-96e0-a51c988faaef",
|
|
|
|
"name": "regripper-sam-hive-single-user"
|
|
|
|
}
|
|
|
|
|