From 0f3b8195f5d483812d28d91f6911428f3fbbb826 Mon Sep 17 00:00:00 2001
From: garanews <puntogtg@tiscali.it>
Date: Tue, 23 Jan 2018 10:12:07 +0100
Subject: [PATCH] sandbox-signature

Added object sb-signature
---
 objects/sb-signature/definition.json | 50 ++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 objects/sb-signature/definition.json

diff --git a/objects/sb-signature/definition.json b/objects/sb-signature/definition.json
new file mode 100644
index 0000000..5d8874c
--- /dev/null
+++ b/objects/sb-signature/definition.json
@@ -0,0 +1,50 @@
+{
+  "required": [
+    "software",
+    "signature"
+  ],
+  "attributes": {
+    "software": {
+      "description": "Name of Sandbox software",
+      "disable_correlation": true,
+      "categories": [
+        "Sandbox detection"
+      ],
+      "ui-priority": 1,
+      "misp-attribute": "text"
+    },
+    "signature": {
+      "description": "Name of detection signature",
+          "comment": "Description of detection signature",
+      "categories": [
+        "Sandbox detection"
+      ],
+      "ui-priority": 2,
+      "misp-attribute": "text",
+      "multiple": true
+    },
+    "text": {
+      "description": "Additional signature description",
+      "disable_correlation": true,
+      "categories": [
+        "Other"
+      ],
+      "ui-priority": 0,
+      "misp-attribute": "text"
+    },
+    "datetime": {
+      "description": "Datetime",
+      "disable_correlation": true,
+      "categories": [
+        "Other"
+      ],
+      "ui-priority": 0,
+      "misp-attribute": "datetime"
+    }
+  },
+  "version": 1,
+  "description": "Sandbox detection signature",
+  "meta-category": "misc",
+  "uuid": "984c5c39-be7f-4e1e-b034-d3213bac51cb",
+  "name": "sb-signature"
+}
\ No newline at end of file