chg: [datamodels] updated

pull/27/head
Alexandre Dulaunoy 2020-08-24 13:15:22 +02:00
parent 3b08ffa26c
commit 9426ba2fd9
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 40 additions and 0 deletions

View File

@ -71,12 +71,17 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|filename|sha1| | X | | X | | |
|filename|sha224| | X | | | | |
|filename|sha256| | X | | X | | |
|filename|sha3-224| | X | | X | | |
|filename|sha3-256| | X | | X | | |
|filename|sha3-384| | X | | X | | |
|filename|sha3-512| | X | | X | | |
|filename|sha384| | X | | | | |
|filename|sha512| | X | | | | |
|filename|sha512/224| | X | | | | |
|filename|sha512/256| | X | | | | |
|filename|ssdeep| | X | | | | |
|filename|tlsh| | X | | | | |
|filename|vhash| | X | | | | |
|first-name| | | | | | |
|float| | | | | | |
|frequent-flyer-number| | | | | | |
@ -142,6 +147,10 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|sha1| | X | | X | | |
|sha224| | X | | | | |
|sha256| | X | | X | | |
|sha3-224| | X | | X | | |
|sha3-256| | X | | X | | |
|sha3-384| | X | | X | | |
|sha3-512| | X | | X | | |
|sha384| | X | | | | |
|sha512| | X | | | | |
|sha512/224| | X | | | | |
@ -166,6 +175,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|uri| | | | | | |
|url| | | | X | | |
|user-agent| | | | X | | |
|vhash| | X | | | | |
|visa-number| | | | | | |
|vulnerability| | | | X | | |
|weakness| | | | X | | |
@ -239,12 +249,17 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|filename|sha1| | | X | X | | |
|filename|sha224| | | X | X | | |
|filename|sha256| | | X | X | | |
|filename|sha3-224| | | X | X | | |
|filename|sha3-256| | | X | X | | |
|filename|sha3-384| | | X | X | | |
|filename|sha3-512| | | X | X | | |
|filename|sha384| | | X | X | | |
|filename|sha512| | | X | X | | |
|filename|sha512/224| | | X | X | | |
|filename|sha512/256| | | X | X | | |
|filename|ssdeep| | | X | X | | |
|filename|tlsh| | | X | X | | |
|filename|vhash| | | X | X | | |
|first-name| | | | | | |
|float| | X | | | | |
|frequent-flyer-number| | | | | | |
@ -310,6 +325,10 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|sha1| | | X | X | | |
|sha224| | | X | X | | |
|sha256| | | X | X | | |
|sha3-224| | | X | X | | |
|sha3-256| | | X | X | | |
|sha3-384| | | X | X | | |
|sha3-512| | | X | X | | |
|sha384| | | X | X | | |
|sha512| | | X | X | | |
|sha512/224| | | X | X | | |
@ -334,6 +353,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|uri| X | | | | | |
|url| X | | X | | | |
|user-agent| X | | X | | | |
|vhash| | | X | X | | |
|visa-number| | | | | | |
|vulnerability| | | X | X | | |
|weakness| | | X | X | | |
@ -407,12 +427,17 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|filename|sha1| | | | |
|filename|sha224| | | | |
|filename|sha256| | | | |
|filename|sha3-224| | | | |
|filename|sha3-256| | | | |
|filename|sha3-384| | | | |
|filename|sha3-512| | | | |
|filename|sha384| | | | |
|filename|sha512| | | | |
|filename|sha512/224| | | | |
|filename|sha512/256| | | | |
|filename|ssdeep| | | | |
|filename|tlsh| | | | |
|filename|vhash| | | | |
|first-name| X | | | |
|float| | | | |
|frequent-flyer-number| X | | | |
@ -478,6 +503,10 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|sha1| | | | |
|sha224| | | | |
|sha256| | | | |
|sha3-224| | | | |
|sha3-256| | | | |
|sha3-384| | | | |
|sha3-512| | | | |
|sha384| | | | |
|sha512| | | | |
|sha512/224| | | | |
@ -502,6 +531,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|uri| | | | |
|url| | | | |
|user-agent| | | | |
|vhash| | | | |
|visa-number| X | | | |
|vulnerability| | | | |
|weakness| | | | |
@ -595,12 +625,17 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
* **filename|sha1**: A filename and an sha1 hash separated by a |
* **filename|sha224**: A filename and a sha-224 hash separated by a |
* **filename|sha256**: A filename and an sha256 hash separated by a |
* **filename|sha3-224**: A filename and an sha3-224 hash separated by a |
* **filename|sha3-256**: A filename and an sha3-256 hash separated by a |
* **filename|sha3-384**: A filename and an sha3-384 hash separated by a |
* **filename|sha3-512**: A filename and an sha3-512 hash separated by a |
* **filename|sha384**: A filename and a sha-384 hash separated by a |
* **filename|sha512**: A filename and a sha-512 hash separated by a |
* **filename|sha512/224**: A filename and a sha-512/224 hash separated by a |
* **filename|sha512/256**: A filename and a sha-512/256 hash separated by a |
* **filename|ssdeep**: A checksum in ssdeep format
* **filename|tlsh**: A filename and a Trend Micro Locality Sensitive Hash separated by a |
* **filename|vhash**: A filename and a VirusTotal hash separated by a |
* **first-name**: First name of a natural person
* **float**: A floating point value.
* **frequent-flyer-number**: The frequent flyer number of a passenger
@ -666,6 +701,10 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
* **sha1**: A checksum in sha1 format
* **sha224**: A checksum in sha-224 format
* **sha256**: A checksum in sha256 format
* **sha3-224**: A checksum in sha3-224 format
* **sha3-256**: A checksum in sha3-256 format
* **sha3-384**: A checksum in sha3-384 format
* **sha3-512**: A checksum in sha3-512 format
* **sha384**: A checksum in sha-384 format
* **sha512**: A checksum in sha-512 format
* **sha512/224**: A checksum in the sha-512/224 format
@ -690,6 +729,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
* **uri**: Uniform Resource Identifier
* **url**: url
* **user-agent**: The user-agent used by the malware in the HTTP request.
* **vhash**: A VirusTotal checksum
* **visa-number**: Visa number
* **vulnerability**: A reference to the vulnerability used in the exploit
* **weakness**: A reference to the weakness used in the exploit