MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
1,817 Commits
4 Branches
38 Tags
10 MiB
Commit Graph

30 Commits (b10d4680bccdec26a015d358bd2e1c86c36d924d)

Author SHA1 Message Date
Christian Studer 5b95994bdd
fix: [pe] Removing the `disable_correlation` flag for a `size-in-bytes` attribute type 2024-04-03 17:33:30 +02:00
Christian Studer f247f04548
Merge branch 'main' of github.com:MISP/misp-objects 2024-04-03 14:38:38 +02:00
Christian Studer fba223520a
fix: [pe] Sizes in the PE format should be in bytes 2024-04-03 14:37:55 +02:00
Alexandre Dulaunoy d905c08031
fix: [pe] typo fixed 2024-04-03 14:29:36 +02:00
Christian Studer 2afdb6104b
fix: [pe] `counter` makes more sense here 2024-04-03 14:08:17 +02:00
Christian Studer e042ac127a
chg: [pe] Using the new `integer` attribute type 2024-04-03 13:31:32 +02:00
Christian Studer eb1536f505
chg: [pe] Added `characteristics` & `machine-type` enumerations 
- Characteristics are usually in a list, so we
  have now both the list of characteristics with
  their name, and the hex value of the addition
  of all the characteristics numeric values
- We represent the machine type with its name
 2024-04-03 11:19:16 +02:00
Christian Studer ad952beb60
add: [pe] Added some PE fields as available with `lief` API 2024-04-02 21:21:38 +02:00
Raphaël Vinot 1e14201fc0 chg: Update objects to match lief output for authenticode 2021-01-19 15:38:31 +01:00
Alexandre Dulaunoy 842d128ef3
chg: [misp-objects] newline newline newline is the evil 2020-08-20 10:53:06 +02:00
Alexandre Dulaunoy dc70db0204
chg: [pe] multiple is true not 1 ;-) 2020-08-20 10:44:41 +02:00
Alexandre Dulaunoy 0c863f194f
chg: [pe] richpe 2020-08-20 10:39:49 +02:00
Andras Iklody 4a671ca739
chg: [RichPE] added 2020-08-20 10:14:35 +02:00
Raphaël Vinot d9f1db590a chg: Sort all the entries in the templates by default 2020-04-26 02:13:18 +02:00
Alexandre Dulaunoy 36ae20bf02
chg: [pe] imphash and impfuzzy can be as key attribute 2020-02-17 14:27:05 +01:00
m4tze 33a75fe4f2
updated "version" to 4 2019-11-29 09:09:30 +01:00
m4tze cd08dc32a0
added "type" to "requiredOneOf" 2019-11-29 08:56:55 +01:00
Alexandre Dulaunoy 5cd069acdd
fix: disable correlation on all filename-* 2017-12-24 15:05:12 +01:00
Raphaël Vinot 9a3974f383 Update definitions of binaries 2017-08-29 13:25:58 +02:00
Raphaël Vinot ca24684e2f Update required entries for PE objects 2017-07-21 11:33:38 +02:00
Alexandre Dulaunoy a0a922ee61 ui-priority 2017-07-03 16:44:11 +02:00
Alexandre Dulaunoy 405a5451cc misp-usage-frequency updated 2017-07-03 12:17:46 +02:00
Raphaël Vinot 2c2c11c9ca Add and enforce UUID in the object definitions 2017-03-17 17:31:09 +01:00
Sébastien Larinier 140fcbf251 correct travis 2017-03-15 11:30:54 +01:00
Sébastien Larinier 22f2bb8825 add impfuzzy 2017-03-15 11:19:08 +01:00
Raphaël Vinot 15488f0633 Update PE object 2017-03-14 15:57:05 +01:00
Sébastien Larinier 3ec78c72e4 add elf,elf-section and number of sections in a pe, and move pehash in pe 2017-03-13 17:23:42 +01:00
Raphaël Vinot b90fd9ddc1 Update file/PE objects 
* Add sane defaults
* Disable correlation when it doesn't make sense
 2017-03-13 14:49:25 +01:00
Raphaël Vinot a755d50e92 Update file and pe, add pe-section 2017-03-12 23:06:39 +01:00
Raphaël Vinot e931bbbd1c Add PE object 2017-03-09 14:14:36 +01:00