MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-objects/objects/pe-section/definition.json

132 lines
3.3 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

{
"attributes": {
"characteristic": {
"description": "Characteristic of the section",
"misp-attribute": "text",
"sane_default": [
"read",
"write",
"executable"
],
"ui-priority": 0
},
"entropy": {
"description": "Entropy of the whole section",
"disable_correlation": true,
"misp-attribute": "float",
"ui-priority": 0
},
"md5": {
"description": "[Insecure] MD5 hash (128 bits)",
"misp-attribute": "md5",
"recommended": false,
"ui-priority": 1
},
"name": {
"description": "Name of the section",
"disable_correlation": true,
"misp-attribute": "text",
"sane_default": [
".rsrc",
".reloc",
".rdata",
".data",
".text"
],
"ui-priority": 1
},
"offset": {
"description": "Sections offset",
"disable_correlation": true,
"misp-attribute": "hex",
"ui-priority": 1
},
"sha1": {
"description": "[Insecure] Secure Hash Algorithm 1 (160 bits)",
"misp-attribute": "sha1",
"recommended": false,
"ui-priority": 1
},
"sha224": {
"description": "Secure Hash Algorithm 2 (224 bits)",
"misp-attribute": "sha224",
"recommended": false,
"ui-priority": 0
},
"sha256": {
"description": "Secure Hash Algorithm 2 (256 bits)",
"misp-attribute": "sha256",
"ui-priority": 1
},
"sha384": {
"description": "Secure Hash Algorithm 2 (384 bits)",
"misp-attribute": "sha384",
"recommended": false,
"ui-priority": 0
},
"sha512": {
"description": "Secure Hash Algorithm 2 (512 bits)",
"misp-attribute": "sha512",
"ui-priority": 1
},
"sha512/224": {
"description": "Secure Hash Algorithm 2 (224 bits)",
"misp-attribute": "sha512/224",
"recommended": false,
"ui-priority": 0
},
"sha512/256": {
"description": "Secure Hash Algorithm 2 (256 bits)",
"misp-attribute": "sha512/256",
"recommended": false,
"ui-priority": 0
},
"size-in-bytes": {
"description": "Size of the section, in bytes",
"disable_correlation": true,
"misp-attribute": "size-in-bytes",
"ui-priority": 1
},
"ssdeep": {
"description": "Fuzzy hash using context triggered piecewise hashes (CTPH)",
"misp-attribute": "ssdeep",
"ui-priority": 0
},
"text": {
"description": "Free text value to attach to the section",
"disable_correlation": true,
"misp-attribute": "text",
"recommended": false,
"ui-priority": 1
},
"virtual_address": {
"description": "Sections virtual address",
"disable_correlation": true,
"misp-attribute": "hex",
"ui-priority": 1
},
"virtual_size": {
"description": "Sections virtual size",
"disable_correlation": true,
"misp-attribute": "size-in-bytes",
"ui-priority": 1
}
},
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"requiredOneOf": [
"text",
"name",
"md5",
"sha1",
"sha224",
"sha256",
"sha384",
"sha512",
"sha512/224",
"sha512/256"
],
"uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"version": 3
}
Reference in New Issue View Git Blame Copy Permalink