MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [new object templates] various updates

pull/204/head
Alexandre Dulaunoy 2019-09-11 09:11:28 +02:00
parent ebcb886037
commit 951abf10fe
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
3 changed files with 38 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
objects/command-line/definition.json
View File

@ -1,7 +1,7 @@
{ {
"attributes": { "attributes": {
"value": { "value": {
"description": "", "description": "command code",
"ui-priority": 1, "ui-priority": 1,
"misp-attribute": "text", "misp-attribute": "text",
"multiple": true "multiple": true
@ -13,7 +13,7 @@
} }
}, },
"version": 1, "version": 1,
"description": "", "description": "Command line and option related to a software malicious or not to execute specific commands.",
"meta-category": "misc", "meta-category": "misc",
"uuid": "88ebe222-d3cc-11e9-875d-7f13f460adaf", "uuid": "88ebe222-d3cc-11e9-875d-7f13f460adaf",
"name": "command-line" "name": "command-line"

30
objects/command/definition.json
View File

@ -1,18 +1,36 @@
{ {
"attributes": { "attributes": {
"command-name": { "location": {
"description": "Text used to call the command", "description": "Location of the command functionality",
"ui-priority": 1, "ui-priority": 1,
"misp-attribute": "text" "misp-attribute": "text",
"disable_correlation": true,
"sane_default": [
"Bundled",
"Module",
"Libraries",
"Unknown"
]
}, },
"functionality": { "trigger": {
"description": "Functionality of the command", "description": "How the commands are triggered",
"ui-priority": 1,
"misp-attribute": "text",
"disable_correlation": true,
"sane_default": [
"Local",
"Network",
"Unknown"
]
},
"description": {
"description": "Description of the command functionalities",
"ui-priority": 1, "ui-priority": 1,
"misp-attribute": "text" "misp-attribute": "text"
} }
}, },
"version": 1, "version": 1,
"description": "Command", "description": "Command functionalities related to a software malicious or not to execute specific commands. Command-line are attached to this object for the related commands.",
"meta-category": "misc", "meta-category": "misc",
"uuid": "21ad70d8-d397-11e9-9ea7-43b2d5f6a6e3", "uuid": "21ad70d8-d397-11e9-9ea7-43b2d5f6a6e3",
"name": "command" "name": "command"

8
objects/impersonation/definition.json
View File

@ -42,7 +42,7 @@
"misp-attribute": "text" "misp-attribute": "text"
}, },
"type": { "type": {
"description": "", "description": "Type of the account",
"ui-priority": 1, "ui-priority": 1,
"misp-attribute": "text", "misp-attribute": "text",
"disable_correlation": true, "disable_correlation": true,
@ -60,7 +60,11 @@
"disable_correlation": true, "disable_correlation": true,
"multiple": true, "multiple": true,
"sane_default": [ "sane_default": [
"Infomation stealing", "Information stealing",
"Disinformation",
"Distrusting",
"Advertising",
"Parody",
"Other" "Other"
] ]
} }