diff --git a/maec-malware-capabilties/machinetag.json b/maec-malware-capabilties/machinetag.json deleted file mode 100644 index a1b4cd1..0000000 --- a/maec-malware-capabilties/machinetag.json +++ /dev/null @@ -1,298 +0,0 @@ -{ - "namespace": "MAEC Malware Capabilities", - "description": "Malware Capabilities based on MAEC 5.0", - "version": 1, - "predicates": [ - { - "value": "maec-malware-capability", - "expanded": "MAEC Malware capability" - } - ], - "values": [ - { - "predicate": "maec-malware-capability", - "entry": [ - { - "value": "anti-behavioral-analysis", - "expanded": "anti-behavioral-analysis" - }, - { - "value": "anti-code-analysis", - "expanded": "anti-code-analysis" - }, - { - "value": "anti-detection", - "expanded": "anti-detection" - }, - { - "value": "anti-removal", - "expanded": "anti-removal" - }, - { - "value": "availability-violation", - "expanded": "availability-violation" - }, - { - "value": "collection", - "expanded": "collection" - }, - { - "value": "command-and-control", - "expanded": "command-and-control" - }, - { - "value": "data-theft", - "expanded": "data-theft" - }, - { - "value": "destruction", - "expanded": "destruction" - }, - { - "value": "discovery", - "expanded": "discovery" - }, - { - "value": "exfiltration", - "expanded": "exfiltration" - }, - { - "value": "fraud", - "expanded": "fraud" - }, - { - "value": "infection-propagation", - "expanded": "infection-propagation" - }, - { - "value": "integrity-violation", - "expanded": "integrity-violationk" - }, - { - "value": "machine-access-control", - "expanded": "machine-access-control" - }, - { - "value": "persistence", - "expanded": "persistence" - }, - { - "value": "privilege-escalation", - "expanded": "privilege-escalation" - }, - { - "value": "secondary-operation", - "expanded": "secondary-operation" - }, - { - "value": "security-degradation", - "expanded": "security-degradation" - }, - { - "value": "access-control-degradation", - "expanded": "access-control-degradation" - }, - { - "value": "security-degradation", - "expanded": "security-degradation" - }, - { - "value": "anti-debugging", - "expanded": "anti-debugging" - }, - { - "value": "anti-disassembly", - "expanded": "anti-disassembly" - }, - { - "value": "anti-emulation", - "expanded": "anti-emulation" - }, - { - "value": "anti-memory-forensics", - "expanded": "anti-memory-forensics" - }, - { - "value": "anti-sandbox", - "expanded": "anti-sandbox" - }, - { - "value": "anti-virus-evasion", - "expanded": "anti-virus-evasion" - }, - { - "value": "anti-vm", - "expanded": "anti-vm" - }, - { - "value": "authentication-credentials-theft", - "expanded": "authentication-credentials-theft" - }, - { - "value": "clean-traces-of-infection", - "expanded": "clean-traces-of-infection" - }, - { - "value": "communicate-with-c2-server", - "expanded": "communicate-with-c2-servern" - }, - { - "value": "compromise-data-availability", - "expanded": "compromise-data-availability" - }, - { - "value": "compromise-system-availability", - "expanded": "compromise-system-availability" - }, - { - "value": "consume-system-resources", - "expanded": "consume-system-resources" - }, - { - "value": "continuous-execution", - "expanded": "continuous-execution" - }, - { - "value": "data-integrity-violation", - "expanded": "data-integrity-violation" - }, - { - "value": "data-obfuscation", - "expanded": "data-obfuscation" - }, - { - "value": "data-staging", - "expanded": "data-staging" - }, - { - "value": "determine-c2-server", - "expanded": "determine-c2-server" - }, - { - "value": "email-spam", - "expanded": "email-spam" - }, - { - "value": "ensure-compatibility", - "expanded": "ensure-compatibility" - }, - { - "value": "environment-awareness", - "expanded": "environment-awareness" - }, - { - "value": "file-infection", - "expanded": "file-infection" - }, - { - "value": "hide-artifacts", - "expanded": "hide-artifacts" - }, - { - "value": "hide-executing-code", - "expanded": "hide-executing-code" - }, - { - "value": "hide-non-executing-code", - "expanded": "hide-non-executing-code" - }, - { - "value": "host-configuration-probing", - "expanded": "host-configuration-probing" - }, - { - "value": "information-gathering-for-improvement", - "expanded": "information-gathering-for-improvement" - }, - { - "value": "input-peripheral-capture", - "expanded": "input-peripheral-capture" - }, - { - "value": "install-other-components", - "expanded": "install-other-components" - }, - { - "value": "local-machine-control", - "expanded": "local-machine-control" - }, - { - "value": "network-environment-probing", - "expanded": "network-environment-probing" - }, - { - "value": "os-security-feature-degradation", - "expanded": "os-security-feature-degradation" - }, - { - "value": "output-peripheral-capture", - "expanded": "output-peripheral-capture" - }, - { - "value": "physical-entity-destruction", - "expanded": "physical-entity-destruction" - }, - { - "value": "prevent-artifact-access", - "expanded": "prevent-artifact-access" - }, - { - "value": "prevent-artifact-deletion", - "expanded": "prevent-artifact-deletion" - }, - { - "value": "remote-machine-access", - "expanded": "remote-machine-access" - }, - { - "value": "security-software-degradation", - "expanded": "security-software-degradation" - }, - { - "value": "security-software-evasion", - "expanded": "security-software-evasion" - }, - { - "value": "self-modification", - "expanded": "self-modification" - }, - { - "value": "service-provider-security-feature-degradation", - "expanded": "service-provider-security-feature-degradation" - }, - { - "value": "stored-information-theft", - "expanded": "stored-information-theft" - }, - { - "value": "system-interface-data-capture", - "expanded": "system-interface-data-capture" - }, - { - "value": "system-operational-integrity-violation", - "expanded": "system-operational-integrity-violation" - }, - { - "value": "system-re-infection", - "expanded": "system-re-infection" - }, - { - "value": "system-state-data-capture", - "expanded": "system-state-data-capture" - }, - { - "value": "system-update-degradation", - "expanded": "system-update-degradation" - }, - { - "value": "user-data-theft", - "expanded": "user-data-theft" - }, - { - "value": "virtual-entity-destruction", - "expanded": "virtual-entity-destruction" - } - ], - } - ] -}