MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

Create definition in groups 

Inspired by threat actor group cards
pull/378/head
th3r3d 2022-12-12 19:02:23 +01:00 committed by GitHub
parent 262e2bee90
commit 5ff1dff7b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 68 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
objects/groups/definition.json Normal file
View File

@ -0,0 +1,68 @@
{
"attributes": {
"names": {
"description": "Names or nicknames for group.",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 0
},
"country": {
"description": "Country of group - group location where it operates from.",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 1
},
"sponsor": {
"description": "Sponsor of group ie. country, state, criminal ring, cartel etc..",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 2
},
"motivation": {
"description": "Motivation behind group ie. espionage, ransomware, other criminal activity, hacktivism . . .",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 3
},
"description": {
"description": "Description of group activities or TTP used for group actions.",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": false,
"ui-priority": 4
},
"observed": {
"description": "What sector is this group active at? Government, telecommunication etc and country of activity.",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 5
},
"tools used": {
"description": "What known tools are used by group.",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 6
},
"more informations": {
"description": "List more informations by url - reports, group links etc..",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 7
}
},
"description": "Adversary group cards inspired by ThaiCERT",
"meta-category": "misc",
"name": "Group Cards",
"required": [
"name"
],
"uuid": "f42db88d-1889-4c2f-a903-971cf8e65174",
"version": 1
}