diff --git a/objects/registry-hive/definition.json b/objects/registry-hive/definition.json deleted file mode 100644 index 45ada47..0000000 --- a/objects/registry-hive/definition.json +++ /dev/null @@ -1,77 +0,0 @@ -{ - "requiredOneOf": [ - "text", - "key", - "value", - "data" - ], - "attributes": { - "key": { - "description": "Key of the registry hive", - "misp-attribute": "text", - "ui-priority": 0 - }, - "value": { - "description": "Value of the registry hive", - "misp-attribute": "text", - "ui-priority": 0 - }, - "data-type": { - "sane_default": [ - "REG_NONE", - "REG_SZ", - "REG_EXPAND_SZ", - "REG_BINARY", - "REG_DWORD", - "REG_DWORD_BIG_ENDIAN", - "REG_LINK", - "REG_MULTI_SZ", - "REG_RESOURCE_LIST", - "REG_FULL_RESOURCE_DESCRIPTOR", - "REG_RESOURCE_REQUIREMENTS_LIST", - "REG_QWORD" - ], - "description": "Type of the data in the registry hive", - "misp-attribute": "text", - "ui-priority": 0 - }, - "data": { - "ui-priority": 0, - "description": "Data in the registry hive", - "misp-attribute": "text" - }, - "root-keys": { - "description": "Root key of the Windows registry (extracted from the key)", - "sane_default": [ - "HKCC", - "HKCR", - "HKCU", - "HKDD", - "HKEY_CLASSES_ROOT", - "HKEY_CURRENT_CONFIG", - "HKEY_CURRENT_USER", - "HKEY_DYN_DATA", - "HKEY_LOCAL_MACHINE", - "HKEY_PERFORMANCE_DATA", - "HKEY_USERS", - "HKLM", - "HKPD", - "HKU" - ], - "ui-priority": 0, - "misp-attribute": "text", - "disable_correlation": true - }, - "text": { - "description": "Free text value to attach to the registry hive", - "disable_correlation": true, - "ui-priority": 1, - "misp-attribute": "text" - } - }, - "version": 1, - "description": "Object describing a Windows registry hive including key, subkey and value (and associated data if any)", - "meta-category": "file", - "uuid": "9640285f-f9b9-4bab-92d0-353f97543655", - "name": "registry-hive" -}