misp-taxonomies/maec-malware-obfuscation-me.../machinetag.json

{
  "namespace": "maec-malware-obfuscation-methods",
  "description": "Obfuscation methods used by malware based on MAEC 5.0",
  "version": 1,
  "predicates": [
    {
      "value": "maec-obfuscation-methods",
      "expanded": "MAEC Obfuscation methods"
    }
  ],
  "values": [
    {
      "predicate": "maec-obfuscation-methods",
      "entry": [
        {
          "value": "packing",
          "expanded": "packing"
        },
        {
          "value": "code-encryption",
          "expanded": "code-encryption"
        },
        {
          "value": "dead-code-insertion",
          "expanded": "dead-code-insertion"
        },
        {
          "value": "entry-point-obfuscation",
          "expanded": "entry-point-obfuscation"
        },
        {
          "value": "import-address-table-obfuscation",
          "expanded": "import-address-table-obfuscation"
        },
        {
          "value": "interleaving-code",
          "expanded": "interleaving-code"
        },
        {
          "value": "symbolic-obfuscation",
          "expanded": "symbolic-obfuscation"
        },
        {
          "value": "string-obfuscation",
          "expanded": "string-obfuscation"
        },
        {
          "value": "subroutine-reordering",
          "expanded": "subroutine-reordering"
        },
        {
          "value": "code-transposition",
          "expanded": "code-transposition"
        },
        {
          "value": "instruction-substitution",
          "expanded": "instruction-substitution"
        },
        {
          "value": "register-reassignment",
          "expanded": "register-reassignment"
        }
      ]
    }
  ]
}
MAEC 5.0 Malware obfuscation methods 2018-05-24 15:10:32 +02:00			`{`
fix: make namespace consistent for MAEC 2018-05-25 10:55:40 +02:00			`"namespace": "maec-malware-obfuscation-methods",`
MAEC 5.0 Malware obfuscation methods 2018-05-24 15:10:32 +02:00			`"description": "Obfuscation methods used by malware based on MAEC 5.0",`
			`"version": 1,`
			`"predicates": [`
			`{`
			`"value": "maec-obfuscation-methods",`
			`"expanded": "MAEC Obfuscation methods"`
			`}`
			`],`
			`"values": [`
			`{`
			`"predicate": "maec-obfuscation-methods",`
			`"entry": [`
			`{`
			`"value": "packing",`
			`"expanded": "packing"`
			`},`
			`{`
			`"value": "code-encryption",`
			`"expanded": "code-encryption"`
			`},`
			`{`
			`"value": "dead-code-insertion",`
			`"expanded": "dead-code-insertion"`
			`},`
			`{`
			`"value": "entry-point-obfuscation",`
			`"expanded": "entry-point-obfuscation"`
			`},`
			`{`
			`"value": "import-address-table-obfuscation",`
			`"expanded": "import-address-table-obfuscation"`
			`},`
			`{`
			`"value": "interleaving-code",`
			`"expanded": "interleaving-code"`
			`},`
			`{`
			`"value": "symbolic-obfuscation",`
			`"expanded": "symbolic-obfuscation"`
			`},`
			`{`
			`"value": "string-obfuscation",`
			`"expanded": "string-obfuscation"`
			`},`
			`{`
			`"value": "subroutine-reordering",`
			`"expanded": "subroutine-reordering"`
			`},`
			`{`
			`"value": "code-transposition",`
			`"expanded": "code-transposition"`
			`},`
			`{`
			`"value": "instruction-substitution",`
			`"expanded": "instruction-substitution"`
			`},`
			`{`
			`"value": "register-reassignment",`
			`"expanded": "register-reassignment"`
			`}`
fix: Ensure javascript is valid 2018-05-25 10:48:02 +02:00			`]`
MAEC 5.0 Malware obfuscation methods 2018-05-24 15:10:32 +02:00			`}`
			`]`
			`}`