117 lines
2.7 KiB
JSON
117 lines
2.7 KiB
JSON
{
|
|
"namespace": "ThreatMatch",
|
|
"expanded": "Malware Types for Sharing into ThreatMatch and MISP",
|
|
"version": 1,
|
|
"description": "The ThreatMatch Malware types are applicable for any ThreatMatch instances and should be used for all CIISI and TIBER Projects.",
|
|
"refs": [
|
|
"https://www.secalliance.com/platform/",
|
|
"https://www.ecb.europa.eu/press/pr/date/2020/html/ecb.pr200227_1~062992656b.en.html"
|
|
],
|
|
"predicates":[
|
|
{
|
|
"value": "malware_type",
|
|
"expanded": "Malware type"
|
|
}
|
|
],
|
|
"values": [
|
|
{
|
|
"predicate": "malware_type",
|
|
"entry": [
|
|
{
|
|
"value": "Adware",
|
|
"expanded": "Adware"
|
|
},
|
|
{
|
|
"value": "Backdoor",
|
|
"expanded": "Backdoor"
|
|
},
|
|
{
|
|
"value": "Banking Trojan",
|
|
"expanded": "Banking Trojan"
|
|
},
|
|
{
|
|
"value": "Botnet",
|
|
"expanded": "Botnet"
|
|
},
|
|
{
|
|
"value": "Destructive",
|
|
"expanded": "Destructive"
|
|
},
|
|
{
|
|
"value": "Downloader",
|
|
"expanded": "Downloader"
|
|
},
|
|
{
|
|
"value": "Exploit Kit",
|
|
"expanded": "Exploit Kit"
|
|
},
|
|
{
|
|
"value": "Fileless Malware",
|
|
"expanded": "Fileless Malware"
|
|
},
|
|
{
|
|
"value": "Keylogger",
|
|
"expanded": "Keylogger"
|
|
},
|
|
{
|
|
"value": "Legitimate Tool",
|
|
"expanded": "Legitimate Tool"
|
|
},
|
|
{
|
|
"value": "Mobile Application",
|
|
"expanded": "Mobile Application"
|
|
},
|
|
{
|
|
"value": "Mobile Malware",
|
|
"expanded": "Mobile Malware"
|
|
},
|
|
{
|
|
"value": "Point-of-Sale (PoS)",
|
|
"expanded": "Point-of-Sale (PoS)"
|
|
},
|
|
{
|
|
"value": "Remote Access Trojan",
|
|
"expanded": "Remote Access Trojan"
|
|
},
|
|
{
|
|
"value": "Rootkit",
|
|
"expanded": "Rootkit"
|
|
},
|
|
{
|
|
"value": "Skimmer",
|
|
"expanded": "Skimmer"
|
|
},
|
|
{
|
|
"value": "Spyware",
|
|
"expanded": "Spyware"
|
|
},
|
|
{
|
|
"value": "Surveillance Tool",
|
|
"expanded": "Surveillance Tool"
|
|
},
|
|
{
|
|
"value": "Trojan",
|
|
"expanded": "Trojan"
|
|
},
|
|
{
|
|
"value": "Virus",
|
|
"expanded": "Virus "
|
|
},
|
|
{
|
|
"value": "Worm",
|
|
"expanded": "Worm"
|
|
},
|
|
{
|
|
"value": "Zero-day",
|
|
"expanded": "Zero-day"
|
|
},
|
|
{
|
|
"value": "Unknown",
|
|
"expanded": "Unknown"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
|
|
}
|