MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch

pull/406/head
Christian Studer 2023-10-31 15:48:46 +01:00
parent 27a568d1ce 5feb052732
commit a800441266
5 changed files with 106 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
objects/coin-address/definition.json
View File

@ -5,6 +5,11 @@
"misp-attribute": "btc",
"ui-priority": 1
},
"address-crypto": {
"description": "Generic cryptocurrency address if the format is not a standard BTC or XMR address",
"misp-attribute": "text",
"ui-priority": 1
},
"address-xmr": {
"description": "Monero address used as a payment destination in a cryptocurrency",
"misp-attribute": "xmr",
@ -103,8 +108,9 @@
"name": "coin-address",
"requiredOneOf": [
"address",
"address-xmr"
"address-xmr",
"address-crypto"
],
"uuid": "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46",
"version": 5
"version": 6
}

84
objects/cryptocurrency-transaction/definition.json Normal file
View File

@ -0,0 +1,84 @@
{
"attributes": {
"address": {
"description": "A cryptocurrency transactional address",
"misp-attribute": "btc",
"ui-priority": 0
},
"symbol": {
"description": "The (uppercase) symbol of the cryptocurrency used. Symbol should be from https://coinmarketcap.com/all/views/all/",
"disable_correlation": true,
"misp-attribute": "text",
"sane_default": [
"BTC",
"ETH",
"BCH",
"XRP",
"MIOTA",
"DASH",
"BTG",
"LTC",
"ADA",
"XMR",
"ETC",
"NEO",
"NEM",
"EOS",
"XLM",
"BCC",
"LSK",
"OMG",
"QTUM",
"ZEC",
"USDT",
"HSR",
"STRAT",
"WAVES",
"PPT",
"ETN"
],
"ui-priority": 1
},
"time": {
"description": "Date and time of transaction",
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
"transaction-number": {
"description": "A transaction number in a sequence of transactions",
"misp-attribute": "text",
"multiple": true,
"ui-priority": 0
},
"value": {
"description": "Value in cryptocurrency at date/time displayed in field 'time'",
"disable_correlation": true,
"misp-attribute": "float",
"ui-priority": 0
},
"value_EUR": {
"description": "Value in EUR with conversion rate as of date/time displayed in field 'time'",
"disable_correlation": true,
"misp-attribute": "float",
"ui-priority": 0
},
"value_USD": {
"description": "Value in USD with conversion rate as of date/time displayed in field 'time'",
"disable_correlation": true,
"misp-attribute": "float",
"ui-priority": 0
}
},
"description": "An object to describe a cryptocurrency transaction.",
"meta-category": "financial",
"name": "cryptocurrency-transaction",
"requiredOneOf": [
"transaction-number",
"time",
"value",
"address"
],
"uuid": "a4aab70f-e43a-48cb-bf82-505de8228dd6",
"version": 1
}

13
objects/cs-beacon-config/definition.json
View File

@ -9,6 +9,12 @@
"multiple": true,
"ui-priority": 1
},
"ip": {
"description": "IP of the C2",
"misp-attribute": "ip-dst",
"multiple": true,
"ui-priority": 1
},
"jar-md5": {
"categories": [
"External analysis"
@ -17,6 +23,11 @@
"misp-attribute": "md5",
"ui-priority": 0
},
"license-id": {
"description": "License ID of the Colbalt Strike",
"misp-attribute": "text",
"ui-priority": 1
},
"md5": {
"categories": [
"Payload delivery"
@ -69,5 +80,5 @@
"watermark"
],
"uuid": "d17355ef-ca1f-4b5a-86cd-65d877991f54",
"version": 1
"version": 2
}

2
objects/ilr-notification-incident/definition.json
View File

@ -24,7 +24,7 @@
"misp-attribute": "text",
"ui-priority": 0,
"values_list": [
"rreur humaine",
"Erreur humaine",
"Defaut systeme 'hardware', 'software', 'procedures'",
"Attaque malveillante",
"Defaut dune partie tierce ou externe",

2
relationships/definition.json
View File

@ -1728,4 +1728,4 @@
}
],
"version": 40
}
}