misp-objects/objects/c2-list/definition.json

{
  "attributes": {
    "c2-ipport": {
      "categories": [
        "Network activity"
      ],
      "description": "IP:Port of C2 server",
      "misp-attribute": "ip-src|port",
      "multiple": true,
      "ui-priority": 1
    },
    "c2-ip": {
      "categories": [
        "Network activity"
      ],
      "description": "IP of C2 server with unknown port",
      "misp-attribute": "ip-src",
      "multiple": true,
      "ui-priority": 1
    },    
    "report-url": {
      "description": "URL of source of information, e.g. blog post, ransomware analysis",
      "disable_correlation": true,
      "misp-attribute": "link",
      "multiple": true,
      "ui-priority": 1
    },
    "threat": {
      "categories": [
        "Attribution",
        "Payload type"
      ],
      "description": "threat actor or malware",
      "misp-attribute": "text",
      "ui-priority": 1
    }
  },
  "description": "List of C2-servers with common ground, e.g. extracted from a blog post or ransomware analysis",
  "meta-category": "network",
  "name": "c2-list",
  "required": [
    "threat"
  ],
  "requiredOneOf": [
    "c2-ipport",
    "c2-ip"
  ],
  "uuid": "12456351-ceb7-4d43-9a7e-d2275d8b5785",
  "version": 20230919
}
add definition.json for c2-list 2023-09-19 16:31:10 +02:00			`{`
			`"attributes": {`
add c2-ip to definition.json 2023-09-19 16:58:06 +02:00			`"c2-ipport": {`
add definition.json for c2-list 2023-09-19 16:31:10 +02:00			`"categories": [`
			`"Network activity"`
			`],`
			`"description": "IP:Port of C2 server",`
			`"misp-attribute": "ip-src\|port",`
			`"multiple": true,`
			`"ui-priority": 1`
			`},`
add c2-ip to definition.json 2023-09-19 16:58:06 +02:00			`"c2-ip": {`
			`"categories": [`
			`"Network activity"`
			`],`
			`"description": "IP of C2 server with unknown port",`
			`"misp-attribute": "ip-src",`
			`"multiple": true,`
			`"ui-priority": 1`
			`},`
add definition.json for c2-list 2023-09-19 16:31:10 +02:00			`"report-url": {`
			`"description": "URL of source of information, e.g. blog post, ransomware analysis",`
			`"disable_correlation": true,`
			`"misp-attribute": "link",`
			`"multiple": true,`
			`"ui-priority": 1`
			`},`
			`"threat": {`
			`"categories": [`
			`"Attribution",`
			`"Payload type"`
			`],`
			`"description": "threat actor or malware",`
			`"misp-attribute": "text",`
			`"ui-priority": 1`
			`}`
			`},`
			`"description": "List of C2-servers with common ground, e.g. extracted from a blog post or ransomware analysis",`
			`"meta-category": "network",`
			`"name": "c2-list",`
			`"required": [`
			`"threat"`
			`],`
			`"requiredOneOf": [`
add c2-ip to definition.json 2023-09-19 16:58:06 +02:00			`"c2-ipport",`
			`"c2-ip"`
add definition.json for c2-list 2023-09-19 16:31:10 +02:00			`],`
			`"uuid": "12456351-ceb7-4d43-9a7e-d2275d8b5785",`
			`"version": 20230919`
			`}`