Location of the command functionality ['Bundled', 'Module', 'Libraries', 'Unknown']
+diff --git a/objects.html b/objects.html index efcab62..6fde7bd 100755 --- a/objects.html +++ b/objects.html @@ -472,6 +472,8 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
Command functionalities related to specific commands executed by a program, whether it is malicious or not. Command-line are attached to this object for the related commands.
++ + | ++command is a MISP object available in JSON format at this location The JSON format can be freely reused in your application or automatically enabled in MISP. + | +
Object attribute | +MISP attribute type | +Description | +Disable correlation | +Multiple | +
---|---|---|---|---|
location |
+text |
+
+ Location of the command functionality ['Bundled', 'Module', 'Libraries', 'Unknown'] + |
+
+ + |
+
+ + |
+
trigger |
+text |
+
+ How the commands are triggered ['Local', 'Network', 'Unknown'] + |
+
+ + |
+
+ + |
+
description |
+text |
+
+ Description of the command functionalities + |
+
+ + |
+
+ + |
+
Command line and options related to a specific command executed by a program, whether it is malicious or not.
++ + | ++command-line is a MISP object available in JSON format at this location The JSON format can be freely reused in your application or automatically enabled in MISP. + | +
Object attribute | +MISP attribute type | +Description | +Disable correlation | +Multiple | +
---|---|---|---|---|
value |
+text |
+
+ command code + |
+
+ + |
+
+ + |
+
description |
+text |
+
+ description of the command + |
+
+ + |
+
+ + |
+
+
@@ -4930,7 +5079,7 @@ credential is a MISP object available in JSON format at
+
@@ -4943,7 +5092,7 @@ credential is a MISP object available in JSON format at
+
@@ -4956,7 +5105,7 @@ credential is a MISP object available in JSON format at
+
@@ -8693,6 +8842,150 @@ ilr-notification-incident is a MISP object available in JSON format at +
Represent an impersonating account.
++ + | ++impersonation is a MISP object available in JSON format at this location The JSON format can be freely reused in your application or automatically enabled in MISP. + | +
Object attribute | +MISP attribute type | +Description | +Disable correlation | +Multiple | +
---|---|---|---|---|
type-of-account |
+text |
+
+ Type of the impersonated account ['Twitter', 'Facebook', 'LinkedIn', 'Reddit', 'Google+', 'Instagram', 'Forum', 'Other'] + |
+
+ + |
+
+ + |
+
account-url |
+url |
+
+ url of the impersonating account + |
+
+ + |
+
+ + |
+
account-name |
+text |
+
+ Name of the impersonating account + |
+
+ + |
+
+ + |
+
impersonated-account-url |
+link |
+
+ url of the impersonated account + |
+
+ + |
+
+ + |
+
impersonated-account-name |
+text |
+
+ Name of the impersonated account + |
+
+ + |
+
+ + |
+
real-name |
+text |
+
+ Real name of the impersonated person or entity + |
+
+ + |
+
+ + |
+
type |
+text |
+
+ Type of the account ['Person', 'Association', 'Enterprise', 'Other'] + |
+
+ + |
+
+ + |
+
objective |
+text |
+
+ Objective of the impersonation ['Information stealing', 'Disinformation', 'Distrusting', 'Advertising', 'Parody', 'Other'] + |
+
+ + |
+
+ + |
+
url
url
Original URL location of the microblog post
+Original URL location of the microblog post (potentially malicious)
++
+
link
link
Original link into the microblog post (Supposed harmless)
@@ -11329,7 +11635,7 @@ microblog is a MISP object available in JSON format at
link
embedded-link
url
hashtag
text
Hashtag into the microblog post
++
+
guid
-uuid
text
The globally unique identifier of the assigned by the vendor product
parent-guid
-uuid
text
The globally unique idenifier of the parent process assigned by the vendor product
port
-src-port
port
Port(s) owned by the process
timestamp
-timestamp-microsec
text
When the log entry was seen in microseconds since Unix epoch
Used to keep a text and its translation.
++ + | ++translation is a MISP object available in JSON format at this location The JSON format can be freely reused in your application or automatically enabled in MISP. + | +
Object attribute | +MISP attribute type | +Description | +Disable correlation | +Multiple | +
---|---|---|---|---|
original-text |
+text |
+
+ Original text + |
+
+ + |
+
+ + |
+
translated-text |
+text |
+
+ Text after translation + |
+
+ + |
+
+ + |
+
original-language |
+text |
+
+ Language of the original text ['Mandarin (language family)', 'Spanish', 'English', 'Hindi', 'Bengali', 'Portuguese', 'Russian', 'Japanese', 'Western Punjabi', 'Marathi', 'Telugu', 'Wu (language family)', 'Turkish', 'Korean', 'French', 'German', 'Vietnamese', 'Tamil', 'Yue (language family)', 'Urdu', 'Javanese', 'Italian', 'Egyptian Arabic', 'Gujarati', 'Iranian Persian', 'Bhojpuri', 'Min Nan (language family)', 'Hakka', 'Jinyu', 'Hausa', 'Kannada', 'Indonesian (Indonesian Malay)', 'Polish', 'Yoruba', 'Xiang Chinese (language family)', 'Malayalam', 'Odia', 'Maithili', 'Burmese', 'Eastern Punjabi', 'Sunda', 'Sudanese Arabic', 'Algerian Arabic', 'Moroccan Arabic', 'Ukrainian', 'Igbo', 'Northern Uzbek', 'Sindhi', 'North Levantine Arabic', 'Romanian', 'Tagalog', 'Dutch', 'Saʽidi Arabic', 'Gan', 'Amharic', 'Northern Pashto', 'Magahi', 'Thai', 'Saraiki', 'Khmer', 'Chhattisgarhi', 'Somali', 'Malay (Malaysian Malay)', 'Cebuano', 'Nepali', 'Mesopotamian Arabic', 'Assamese', 'Sinhala', 'Northern Kurdish', 'Hejazi Arabic', 'Nigerian Fulfulde', 'South Azerbaijani', 'Greek', 'Chittagonian', 'Kazakh', 'Deccan', 'Hungarian', 'Kinyarwanda', 'Zulu', 'South Levantine Arabic', 'Tunisian Arabic', 'Sanaani Spoken Arabic', 'Min Bei Chinese (language family)', 'Southern Pashto', 'Rundi', 'Czech', 'Taʽizzi-Adeni Arabic', 'Uyghur', 'Min Dong Chinese (language family)', 'Sylheti '] + |
+
+ + |
+
+ + |
+
translation-language |
+text |
+
+ Language of translation ['Mandarin (language family)', 'Spanish', 'English', 'Hindi', 'Bengali', 'Portuguese', 'Russian', 'Japanese', 'Western Punjabi', 'Marathi', 'Telugu', 'Wu (language family)', 'Turkish', 'Korean', 'French', 'German', 'Vietnamese', 'Tamil', 'Yue (language family)', 'Urdu', 'Javanese', 'Italian', 'Egyptian Arabic', 'Gujarati', 'Iranian Persian', 'Bhojpuri', 'Min Nan (language family)', 'Hakka', 'Jinyu', 'Hausa', 'Kannada', 'Indonesian (Indonesian Malay)', 'Polish', 'Yoruba', 'Xiang Chinese (language family)', 'Malayalam', 'Odia', 'Maithili', 'Burmese', 'Eastern Punjabi', 'Sunda', 'Sudanese Arabic', 'Algerian Arabic', 'Moroccan Arabic', 'Ukrainian', 'Igbo', 'Northern Uzbek', 'Sindhi', 'North Levantine Arabic', 'Romanian', 'Tagalog', 'Dutch', 'Saʽidi Arabic', 'Gan', 'Amharic', 'Northern Pashto', 'Magahi', 'Thai', 'Saraiki', 'Khmer', 'Chhattisgarhi', 'Somali', 'Malay (Malaysian Malay)', 'Cebuano', 'Nepali', 'Mesopotamian Arabic', 'Assamese', 'Sinhala', 'Northern Kurdish', 'Hejazi Arabic', 'Nigerian Fulfulde', 'South Azerbaijani', 'Greek', 'Chittagonian', 'Kazakh', 'Deccan', 'Hungarian', 'Kinyarwanda', 'Zulu', 'South Levantine Arabic', 'Tunisian Arabic', 'Sanaani Spoken Arabic', 'Min Bei Chinese (language family)', 'Southern Pashto', 'Rundi', 'Czech', 'Taʽizzi-Adeni Arabic', 'Uyghur', 'Min Dong Chinese (language family)', 'Sylheti '] + |
+
+ + |
+
+ + |
+
translation-service |
+text |
+
+ translation service used for the translation ['Google Translate', 'Microsoft Translator', 'Babelfish', 'Reverso', 'Dict.cc', 'Linguee', 'unknown'] + |
+
+ + |
+
+ + |
+
translation-type |
+text |
+
+ type of translation ['Automated translation', 'Manual translation'] + |
+
+ + |
+
+ + |
+
['misp']
is-author-of
This relationship describes an object being author by someone.
['misp']
located
This relationship describes the location (of any type) of a specific object.
['misp']
['misp']
injects-into
Represents an object injecting something into something
['misp']
injected-into
Represents an object which is injected something into something
['misp']
creates
Represents an object that creates something.
['misp', 'haxpak']