misp-objects/objects/shell-commands/definition.json

{
  "attributes": {
    "comment": {
      "description": "Comment associated to the shell commands executed.",
      "misp-attribute": "text",
      "ui-priority": 1
    },
    "language": {
      "description": "Scripting language used for the shell commands executed.",
      "disable_correlation": true,
      "misp-attribute": "text",
      "sane_default": [
        "PowerShell",
        "VBScript",
        "Bash",
        "Lua",
        "JavaScript",
        "AppleScript",
        "AWK",
        "Python",
        "Perl",
        "Ruby",
        "Winbatch",
        "AutoIt",
        "PHP"
      ],
      "ui-priority": 9
    },
    "script": {
      "description": "Free text of the script if available which executed the shell commands.",
      "misp-attribute": "text",
      "ui-priority": 10
    },
    "shell-command": {
      "description": "",
      "misp-attribute": "text",
      "multiple": true,
      "ui-priority": 0
    },
    "state": {
      "description": "Known state of the script.",
      "disable_correlation": true,
      "misp-attribute": "text",
      "multiple": true,
      "ui-priority": 0,
      "values_list": [
        "Malicious",
        "Unknown",
        "Harmless",
        "Trusted"
      ]
    }
  },
  "description": "Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands.",
  "meta-category": "misc",
  "name": "shell-commands",
  "required": [
    "shell-command"
  ],
  "uuid": "fee65efa-eb64-4516-8611-1db76c589f79",
  "version": 2
}
new: [shell-commands] Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands. 2019-06-01 10:04:46 +02:00			`{`
			`"attributes": {`
			`"comment": {`
			`"description": "Comment associated to the shell commands executed.",`
chg: Sort all the entries in the templates by default 2020-04-26 02:10:02 +02:00			`"misp-attribute": "text",`
			`"ui-priority": 1`
new: [shell-commands] Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands. 2019-06-01 10:04:46 +02:00			`},`
			`"language": {`
			`"description": "Scripting language used for the shell commands executed.",`
			`"disable_correlation": true,`
chg: Sort all the entries in the templates by default 2020-04-26 02:10:02 +02:00			`"misp-attribute": "text",`
new: [shell-commands] Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands. 2019-06-01 10:04:46 +02:00			`"sane_default": [`
			`"PowerShell",`
			`"VBScript",`
			`"Bash",`
			`"Lua",`
			`"JavaScript",`
			`"AppleScript",`
			`"AWK",`
			`"Python",`
			`"Perl",`
			`"Ruby",`
			`"Winbatch",`
			`"AutoIt",`
			`"PHP"`
chg: Sort all the entries in the templates by default 2020-04-26 02:10:02 +02:00			`],`
			`"ui-priority": 9`
			`},`
			`"script": {`
			`"description": "Free text of the script if available which executed the shell commands.",`
			`"misp-attribute": "text",`
			`"ui-priority": 10`
new: [shell-commands] Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands. 2019-06-01 10:04:46 +02:00			`},`
			`"shell-command": {`
			`"description": "",`
			`"misp-attribute": "text",`
chg: Sort all the entries in the templates by default 2020-04-26 02:10:02 +02:00			`"multiple": true,`
			`"ui-priority": 0`
new: [shell-commands] Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands. 2019-06-01 10:04:46 +02:00			`},`
			`"state": {`
			`"description": "Known state of the script.",`
			`"disable_correlation": true,`
chg: Sort all the entries in the templates by default 2020-04-26 02:10:02 +02:00			`"misp-attribute": "text",`
			`"multiple": true,`
			`"ui-priority": 0,`
new: [shell-commands] Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands. 2019-06-01 10:04:46 +02:00			`"values_list": [`
			`"Malicious",`
			`"Unknown",`
			`"Harmless",`
			`"Trusted"`
			`]`
			`}`
			`},`
			`"description": "Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands.",`
			`"meta-category": "misc",`
chg: Sort all the entries in the templates by default 2020-04-26 02:10:02 +02:00			`"name": "shell-commands",`
			`"required": [`
			`"shell-command"`
			`],`
new: [shell-commands] Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands. 2019-06-01 10:04:46 +02:00			`"uuid": "fee65efa-eb64-4516-8611-1db76c589f79",`
chg: Sort all the entries in the templates by default 2020-04-26 02:10:02 +02:00			`"version": 2`
			`}`