MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

First version of the file object

pull/2/head
Alexandre Dulaunoy 2016-02-09 21:04:39 +01:00
parent b96a895f2b
commit 8587b1a71b
1 changed files with 72 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
objects/file/definition.json Normal file
View File

@ -0,0 +1,72 @@
{
"name": "file",
"meta-category": "file",
"description": "File object describing a file with meta-information",
"version": 1,
"attributes" :
{
"filename": {
"misp-attribute": "filename",
"misp-usage-frequency": 1,
"categories": ["Payload delivery","Artifacts dropped","Payload installation","External analysis"]
},
"size-in-bytes": {
"misp-attribute": "size-in-bytes",
"misp-usage-frequency": 0
},
"authentihash": {
"misp-attribute": "authentihash",
"misp-usage-frequency": 0
},
"ssdeep": {
"misp-attribute": "ssdeep",
"misp-usage-frequency": 0
},
"imphash": {
"misp-attribute": "imphash",
"misp-usage-frequency": 0
},
"pehash": {
"misp-attribute": "pehash",
"misp-usage-frequency": 0
},
"sha-224": {
"misp-attribute": "sha-224",
"misp-usage-frequency": 0
},
"sha-384": {
"misp-attribute": "sha-384",
"misp-usage-frequency": 0
},
"sha-512": {
"misp-attribute": "sha-512",
"misp-usage-frequency": 0
},
"sha-512/224": {
"misp-attribute": "sha-512/224",
"misp-usage-frequency": 0
},
"sha-512/256": {
"misp-attribute": "sha-512/256",
"misp-usage-frequency": 0
},
"tlsh": {
"misp-attribute": "tlsh",
"misp-usage-frequency": 0
},
"md5": {
"misp-attribute": "md5",
"misp-usage-frequency": 1
},
"sha1": {
"misp-attribute": "sha1",
"misp-usage-frequency": 1
},
"sha256": {
"misp-attribute": "sha256",
"misp-usage-frequency": 1
}
},
"requiredOneOf": ["filename", "size-in-bytes", "authentihash", "ssdeep", "imphash", "pehash", "sha-224", "sha-384", "sha-512", "sha-512/224", "sha-512/256", "tlsh", "md5", "sha1", "sha256"]
}