Commit Graph

47 Commits (b71e7c3458980e830d1ffb7b34fd07ff5279233c)

Author SHA1 Message Date
Beaujeant a65aa06859 chg: can have mutliple text attributes 2020-11-25 16:17:54 +01:00
Alexandre Dulaunoy 5c935172ea
chg: [file] because sorted is always better 2020-10-13 22:47:10 +02:00
Alexandre Dulaunoy 0196285c0f
chg: [file] imphash and telfhash added 2020-10-13 22:46:24 +02:00
rmkml cd49fe8d97 add SHA3 Hash on definition.json 2020-08-23 19:30:17 +02:00
Alexandre Dulaunoy bfec61d8b0
chg: [file] jq 2020-08-18 07:54:42 +02:00
Alexandre Dulaunoy 7fdfbd4110
UUID must be the same 2020-08-18 07:44:12 +02:00
rmkml 5bdc6c6592 add vhash (VirusTotal Hash) on definition.json 2020-08-17 17:35:58 +02:00
Raphaël Vinot d9f1db590a chg: Sort all the entries in the templates by default 2020-04-26 02:13:18 +02:00
Alexandre Dulaunoy 8fa25f4f47
chg: [file] imphash removed as it should be at PE level 2020-02-17 14:29:30 +01:00
StefanKelm 1e096535ef
Update definition.json
Add compilation timestamp (similar to pe object)
2020-01-10 15:00:19 +01:00
Deborah Servili c0877cfd7c
add imphash in file object 2019-12-10 12:19:29 +01:00
mday baae683771 update the definition files of various object types so that the `required` and `requiredOneOf` lists no longer specify attributes that do not exist in the objects. 2019-04-30 12:32:22 -05:00
Raphaël Vinot 371ffe77fb chg: Allow to create a file object with a non-malicious file.
Fix #175 #176
2019-04-18 11:14:22 +02:00
Alexandre Dulaunoy 8a4f2c96b8
chg: [file] preferred charset used by the file (if decoded from mime-type parsing) 2019-02-14 14:16:01 +01:00
Alexandre Dulaunoy 4d6e0d7580
chg: [file] fullpath can be part of a single file object 2018-09-16 17:13:30 +02:00
Alexandre Dulaunoy 767b461429
chg: [file] following some CyBOX import adding a fullpath field which includes filename and path request 2018-09-07 11:26:37 +02:00
Deborah Servili 60010ce556
fix file object version 2018-07-27 15:19:15 +02:00
Deborah Servili 4e23159cb0
fix RequiredOneOf list in fle object 2018-07-27 15:15:47 +02:00
Andras Iklody 5af0d31c49
Allow multiple "pattern-in-file" in file object, fixes #109 2018-07-20 07:03:22 +02:00
Alexandre Dulaunoy bd89d1cd01
fix: file path added in file object 2018-04-09 15:56:39 +02:00
Alexandre Dulaunoy 3d2091b33c
fix: use new attribute type mime-type instead of text 2018-02-09 07:34:58 +01:00
Alexandre Dulaunoy 3aea2f2950
fix: Disable correlation on filename by default 2017-12-24 15:02:47 +01:00
Raphaël Vinot 4a7bb59354 chg: Allow malware-sample as only attribute in file. 2017-12-12 17:16:47 +01:00
Alexandre Dulaunoy c3f88d6901
State of the file is no more correlated - and default state value is Malicious. 2017-12-04 11:01:56 +01:00
Alexandre Dulaunoy a258d79fef
Typo fixed 2017-12-03 11:42:56 +01:00
Alexandre Dulaunoy e11e95415a
add: x509-fingerprint-sha1 added to file object description (e.g signed APK but not PE) 2017-12-03 11:36:22 +01:00
c-goes 39319e1cd6 allow multiple filenames 2017-11-23 09:57:49 +01:00
Alexandre Dulaunoy 9410aa99a5
Fix the file object 2017-10-23 20:35:07 +02:00
Alexandre Dulaunoy 0f3261077b
State added to file like signed, harmless... 2017-10-23 20:28:30 +02:00
Raphaël Vinot 9a3974f383 Update definitions of binaries 2017-08-29 13:25:58 +02:00
Raphaël Vinot 49cd96aa2b Add mimetype to file object template 2017-08-23 11:01:48 +02:00
Alexandre Dulaunoy e8c74fbccc ui-priority 2017-07-03 16:50:13 +02:00
Alexandre Dulaunoy 82bdbbbd4f misp-usage-frequency updated 2017-07-03 12:13:38 +02:00
Raphaël Vinot c0d95f58b5 Remove duplicate entries in file object 2017-03-17 18:00:37 +01:00
Raphaël Vinot 2c5208aab2 Merge branch 'master' of github.com:MISP/misp-objects 2017-03-17 17:32:21 +01:00
Raphaël Vinot 2c2c11c9ca Add and enforce UUID in the object definitions 2017-03-17 17:31:09 +01:00
Alexandre Dulaunoy 6fb4acb9da jq all 2017-03-16 23:06:36 +01:00
Raphaël Vinot c0bd545347 Add malware-sample to file object 2017-03-16 18:18:51 +01:00
Sébastien Larinier 3ec78c72e4 add elf,elf-section and number of sections in a pe, and move pehash in pe 2017-03-13 17:23:42 +01:00
Raphaël Vinot b90fd9ddc1 Update file/PE objects
* Add sane defaults
* Disable correlation when it doesn't make sense
2017-03-13 14:49:25 +01:00
Raphaël Vinot a755d50e92 Update file and pe, add pe-section 2017-03-12 23:06:39 +01:00
Raphaël Vinot a68e678f50 JQ all the things 2017-02-13 11:18:42 +01:00
Raphaël Vinot 72ca71a1cc Update definition.json 2016-12-12 20:10:31 +01:00
Raphaël Vinot a493cc59a3 Fix json files (file and whois) 2016-04-11 13:00:04 +02:00
Alexandre Dulaunoy 10431c3c42 optional text attributes added 2016-02-09 21:46:45 +01:00
Alexandre Dulaunoy 415adea9a7 pattern-in-file added 2016-02-09 21:23:48 +01:00
Alexandre Dulaunoy 8587b1a71b First version of the file object 2016-02-09 21:04:39 +01:00