2021-08-25 11:55:57 +02:00
|
|
|
{
|
|
|
|
"attributes": {
|
|
|
|
"FileName": {
|
|
|
|
"description": "Complete path of the filename including the filename",
|
|
|
|
"disable_correlation": true,
|
2021-08-26 15:13:14 +02:00
|
|
|
"misp-attribute": "filename",
|
2021-08-25 11:55:57 +02:00
|
|
|
"ui-priority": 0
|
|
|
|
},
|
|
|
|
"FileSize": {
|
|
|
|
"description": "Size of the file, in bytes",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"misp-attribute": "size-in-bytes",
|
|
|
|
"ui-priority": 0
|
|
|
|
},
|
2021-09-24 15:33:53 +02:00
|
|
|
"KnownMalicious": {
|
|
|
|
"description": "Source of the hashlookup record if it's a known malicious file",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"ui-priority": 0
|
|
|
|
},
|
2021-08-25 11:55:57 +02:00
|
|
|
"MD5": {
|
|
|
|
"description": "MD5 hash (128 bits) in hex representation",
|
|
|
|
"misp-attribute": "md5",
|
|
|
|
"recommended": false,
|
|
|
|
"ui-priority": 1
|
|
|
|
},
|
|
|
|
"PackageArch": {
|
|
|
|
"description": "Package architecture",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"ui-priority": 0
|
|
|
|
},
|
|
|
|
"PackageDescription": {
|
|
|
|
"description": "Package description and information",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"ui-priority": 0
|
|
|
|
},
|
|
|
|
"PackageMaintainer": {
|
|
|
|
"description": "Package Maintainer(s)",
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"ui-priority": 0
|
|
|
|
},
|
|
|
|
"PackageName": {
|
|
|
|
"description": "Package Name",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"ui-priority": 0
|
|
|
|
},
|
|
|
|
"PackageRelease": {
|
|
|
|
"description": "Package Release",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"ui-priority": 0
|
|
|
|
},
|
|
|
|
"PackageVersion": {
|
|
|
|
"description": "Package Version",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"ui-priority": 0
|
|
|
|
},
|
|
|
|
"SHA-1": {
|
|
|
|
"description": "Secure Hash Algorithm 1 (160 bits) in hex representation",
|
|
|
|
"misp-attribute": "sha1",
|
|
|
|
"recommended": false,
|
|
|
|
"ui-priority": 1
|
|
|
|
},
|
|
|
|
"SHA-256": {
|
|
|
|
"description": "Secure Hash Algorithm 2 (256 bits) in hex representation",
|
|
|
|
"misp-attribute": "sha256",
|
|
|
|
"ui-priority": 1
|
2021-09-24 15:23:04 +02:00
|
|
|
},
|
|
|
|
"SSDEEP": {
|
|
|
|
"description": "SSDEEP - Fuzzy hashing",
|
|
|
|
"misp-attribute": "ssdeep",
|
|
|
|
"ui-priority": 1
|
|
|
|
},
|
|
|
|
"TLSH": {
|
|
|
|
"description": "TLSH - Trend Micro Locality Sensitive Hash",
|
|
|
|
"misp-attribute": "tlsh",
|
|
|
|
"ui-priority": 1
|
|
|
|
},
|
|
|
|
"source": {
|
|
|
|
"description": "Source of the hashlookup record",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"misp-attribute": "text",
|
|
|
|
"ui-priority": 0
|
2021-08-25 11:55:57 +02:00
|
|
|
}
|
|
|
|
},
|
|
|
|
"description": "hashlookup object as described on hashlookup services from circl.lu - https://www.circl.lu/services/hashlookup",
|
|
|
|
"meta-category": "file",
|
2021-08-25 12:00:11 +02:00
|
|
|
"name": "hashlookup",
|
2021-08-25 11:55:57 +02:00
|
|
|
"requiredOneOf": [
|
|
|
|
"FileName",
|
|
|
|
"FileSize",
|
|
|
|
"MD5",
|
|
|
|
"SHA-1",
|
2021-09-24 15:23:04 +02:00
|
|
|
"SHA-256",
|
|
|
|
"TLSH",
|
|
|
|
"SSDEEP"
|
2021-08-25 11:55:57 +02:00
|
|
|
],
|
|
|
|
"uuid": "18671816-2524-452e-b031-5fc0fe2ab774",
|
2021-09-24 15:33:53 +02:00
|
|
|
"version": 3
|
2021-08-25 12:02:17 +02:00
|
|
|
}
|