Christian Studer
d062743502
chg: [pe] Updated `pe` object template
...
- Added object relation for machine type hex value
- Harmonised object relations
2024-07-24 12:13:50 +02:00
Christian Studer
5b95994bdd
fix: [pe] Removing the `disable_correlation` flag for a `size-in-bytes` attribute type
2024-04-03 17:33:30 +02:00
Christian Studer
f247f04548
Merge branch 'main' of github.com:MISP/misp-objects
2024-04-03 14:38:38 +02:00
Christian Studer
fba223520a
fix: [pe] Sizes in the PE format should be in bytes
2024-04-03 14:37:55 +02:00
Alexandre Dulaunoy
d905c08031
fix: [pe] typo fixed
2024-04-03 14:29:36 +02:00
Christian Studer
2afdb6104b
fix: [pe] `counter` makes more sense here
2024-04-03 14:08:17 +02:00
Christian Studer
e042ac127a
chg: [pe] Using the new `integer` attribute type
2024-04-03 13:31:32 +02:00
Christian Studer
eb1536f505
chg: [pe] Added `characteristics` & `machine-type` enumerations
...
- Characteristics are usually in a list, so we
have now both the list of characteristics with
their name, and the hex value of the addition
of all the characteristics numeric values
- We represent the machine type with its name
2024-04-03 11:19:16 +02:00
Christian Studer
ad952beb60
add: [pe] Added some PE fields as available with `lief` API
2024-04-02 21:21:38 +02:00
Raphaël Vinot
1e14201fc0
chg: Update objects to match lief output for authenticode
2021-01-19 15:38:31 +01:00
Alexandre Dulaunoy
842d128ef3
chg: [misp-objects] newline newline newline is the evil
2020-08-20 10:53:06 +02:00
Alexandre Dulaunoy
dc70db0204
chg: [pe] multiple is true not 1 ;-)
2020-08-20 10:44:41 +02:00
Alexandre Dulaunoy
0c863f194f
chg: [pe] richpe
2020-08-20 10:39:49 +02:00
Andras Iklody
4a671ca739
chg: [RichPE] added
2020-08-20 10:14:35 +02:00
Raphaël Vinot
d9f1db590a
chg: Sort all the entries in the templates by default
2020-04-26 02:13:18 +02:00
Alexandre Dulaunoy
36ae20bf02
chg: [pe] imphash and impfuzzy can be as key attribute
2020-02-17 14:27:05 +01:00
m4tze
33a75fe4f2
updated "version" to 4
2019-11-29 09:09:30 +01:00
m4tze
cd08dc32a0
added "type" to "requiredOneOf"
2019-11-29 08:56:55 +01:00
Alexandre Dulaunoy
5cd069acdd
fix: disable correlation on all filename-*
2017-12-24 15:05:12 +01:00
Raphaël Vinot
9a3974f383
Update definitions of binaries
2017-08-29 13:25:58 +02:00
Raphaël Vinot
ca24684e2f
Update required entries for PE objects
2017-07-21 11:33:38 +02:00
Alexandre Dulaunoy
a0a922ee61
ui-priority
2017-07-03 16:44:11 +02:00
Alexandre Dulaunoy
405a5451cc
misp-usage-frequency updated
2017-07-03 12:17:46 +02:00
Raphaël Vinot
2c2c11c9ca
Add and enforce UUID in the object definitions
2017-03-17 17:31:09 +01:00
Sébastien Larinier
140fcbf251
correct travis
2017-03-15 11:30:54 +01:00
Sébastien Larinier
22f2bb8825
add impfuzzy
2017-03-15 11:19:08 +01:00
Raphaël Vinot
15488f0633
Update PE object
2017-03-14 15:57:05 +01:00
Sébastien Larinier
3ec78c72e4
add elf,elf-section and number of sections in a pe, and move pehash in pe
2017-03-13 17:23:42 +01:00
Raphaël Vinot
b90fd9ddc1
Update file/PE objects
...
* Add sane defaults
* Disable correlation when it doesn't make sense
2017-03-13 14:49:25 +01:00
Raphaël Vinot
a755d50e92
Update file and pe, add pe-section
2017-03-12 23:06:39 +01:00
Raphaël Vinot
e931bbbd1c
Add PE object
2017-03-09 14:14:36 +01:00