Merge pull request #39 from CenturyLinkCIRT/master

added av-signature and virustotal-report

objects/av-signature/definition.json

@@ -0,0 +1,47 @@
+{
+    "required": [
+        "software",
+        "signature"
+    ],
+    "attributes": {
+        "software": {
+            "description": "Name of antivirus software",
+            "categories": [
+                "Antivirus detection"
+            ],
+            "ui-priority": 1,
+            "misp-attribute": "text"
+        },
+        "signature": {
+            "description": "Name of detection signature",
+            "categories": [
+                "Antivirus detection"
+            ],
+            "ui-priority": 2,
+            "misp-attribute": "text"
+        },
+        "text": {
+            "description": "Free text value to attach to the file",
+            "disable_correlation": true,
+            "categories": [
+                "Other"
+            ],
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "datetime": {
+            "description": "Datetime",
+            "disable_correlation": true,
+            "categories": [
+                "Other"
+            ],
+            "ui-priority": 0,
+            "misp-attribute": "datetime"
+        }
+    },
+    "version": 1,
+    "description": "Antivirus detection signature",
+    "meta-category": "misc",
+    "uuid": "4dbb56ef-4763-4c97-8696-a2bfc305cf8e",
+    "name": "av-signature"
+}

objects/virustotal-report/definition.json

@@ -0,0 +1,54 @@
+{
+    "required": [
+        "permalink"
+    ],
+    "attributes": {
+        "community-score": {
+            "description": "Community Score",
+            "disable_correlation": true,
+            "categories": [
+                "External analysis"
+            ],
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "detection-ratio": {
+            "description": "Detection Ratio",
+            "disable_correlation": true,
+            "categories": [
+                "External analysis"
+            ],
+            "ui-priority": 1,
+            "misp-attribute": "text"
+        },
+        "first-submission": {
+            "description": "First Submission",
+            "categories": [
+                "Other"
+            ],
+            "ui-priority": 0,
+            "misp-attribute": "datetime"
+        },
+        "last-submission": {
+            "description": "Last Submission",
+            "categories": [
+                "Other"
+            ],
+            "ui-priority": 0,
+            "misp-attribute": "datetime"
+        },
+        "permalink": {
+            "description": "Permalink Reference",
+            "categories": [
+                "External analysis"
+            ],
+            "ui-priority": 2,
+            "misp-attribute": "link"
+        }
+    },
+    "version": 1,
+    "description": "VirusTotal report",
+    "meta-category": "misc",
+    "uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
+    "name": "virustotal-report"
+}