From ddccac58c82a4f4e57958a146ee50beec45555df Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Fri, 19 Oct 2018 10:18:14 +0200 Subject: [PATCH] chg: categorization of galaxies This allows relationships to be created. --- clusters/android.json | 1 + clusters/backdoor.json | 1 + clusters/banker.json | 1 + clusters/botnet.json | 1 + clusters/exploit-kit.json | 1 + clusters/malpedia.json | 1 + clusters/microsoft-activity-group.json | 1 + clusters/mitre-enterprise-attack-intrusion-set.json | 1 + clusters/mitre-enterprise-attack-malware.json | 1 + clusters/mitre-enterprise-attack-tool.json | 1 + clusters/mitre-intrusion-set.json | 1 + clusters/mitre-malware.json | 1 + clusters/mitre-mobile-attack-intrusion-set.json | 1 + clusters/mitre-mobile-attack-malware.json | 1 + clusters/mitre-mobile-attack-tool.json | 1 + clusters/mitre-pre-attack-intrusion-set.json | 1 + clusters/mitre-tool.json | 1 + clusters/ransomware.json | 1 + clusters/rat.json | 1 + clusters/stealer.json | 1 + clusters/tds.json | 1 + clusters/threat-actor.json | 1 + clusters/tool.json | 1 + schema_clusters.json | 3 +++ 24 files changed, 26 insertions(+) diff --git a/clusters/android.json b/clusters/android.json index c84eeae..cf3d24c 100644 --- a/clusters/android.json +++ b/clusters/android.json @@ -6,6 +6,7 @@ "name": "Android", "source": "Open Sources", "type": "android", + "category": "tool", "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa", "values": [ { diff --git a/clusters/backdoor.json b/clusters/backdoor.json index a50acdd..9ec8af7 100644 --- a/clusters/backdoor.json +++ b/clusters/backdoor.json @@ -6,6 +6,7 @@ "name": "Backdoor", "source": "Open Sources", "type": "backdoor", + "category": "tool", "uuid": "75436e27-cb57-4f32-bf1d-9636dd78a2bf", "values": [ { diff --git a/clusters/banker.json b/clusters/banker.json index 0937e4f..d179bfe 100644 --- a/clusters/banker.json +++ b/clusters/banker.json @@ -7,6 +7,7 @@ "name": "Banker", "source": "Open Sources", "type": "banker", + "category": "tool", "uuid": "59f20cce-5420-4084-afd5-0884c0a83832", "values": [ { diff --git a/clusters/botnet.json b/clusters/botnet.json index e7d9206..bef45cf 100644 --- a/clusters/botnet.json +++ b/clusters/botnet.json @@ -6,6 +6,7 @@ "name": "Botnet", "source": "MISP Project", "type": "botnet", + "category": "tool", "uuid": "a91732f4-164a-11e8-924a-ffd4097eb03f", "values": [ { diff --git a/clusters/exploit-kit.json b/clusters/exploit-kit.json index dc5cd8c..948e801 100644 --- a/clusters/exploit-kit.json +++ b/clusters/exploit-kit.json @@ -8,6 +8,7 @@ "name": "Exploit-Kit", "source": "MISP Project", "type": "exploit-kit", + "category": "tool", "uuid": "454f4e78-bd7c-11e6-a4a6-cec0c932ce01", "values": [ { diff --git a/clusters/malpedia.json b/clusters/malpedia.json index 721cca0..d06dd07 100644 --- a/clusters/malpedia.json +++ b/clusters/malpedia.json @@ -9,6 +9,7 @@ "name": "Malpedia", "source": "Malpedia", "type": "malpedia", + "category": "tool", "uuid": "5fc98d08-90a4-498a-ad2e-0edf50ef374e", "values": [ { diff --git a/clusters/microsoft-activity-group.json b/clusters/microsoft-activity-group.json index e8f7c7f..d4f1d1f 100644 --- a/clusters/microsoft-activity-group.json +++ b/clusters/microsoft-activity-group.json @@ -6,6 +6,7 @@ "name": "Microsoft Activity Group actor", "source": "MISP Project", "type": "microsoft-activity-group", + "category": "actor", "uuid": "28b5e55d-acba-4748-a79d-0afa3512689a", "values": [ { diff --git a/clusters/mitre-enterprise-attack-intrusion-set.json b/clusters/mitre-enterprise-attack-intrusion-set.json index b256c4b..a5b24f0 100644 --- a/clusters/mitre-enterprise-attack-intrusion-set.json +++ b/clusters/mitre-enterprise-attack-intrusion-set.json @@ -6,6 +6,7 @@ "name": "Enterprise Attack -intrusion Set", "source": "https://github.com/mitre/cti", "type": "mitre-enterprise-attack-intrusion-set", + "category": "actor", "uuid": "01f18402-1708-11e8-ac1c-1ffb3c4a7775", "values": [ { diff --git a/clusters/mitre-enterprise-attack-malware.json b/clusters/mitre-enterprise-attack-malware.json index 1306a7d..f79c6b0 100644 --- a/clusters/mitre-enterprise-attack-malware.json +++ b/clusters/mitre-enterprise-attack-malware.json @@ -6,6 +6,7 @@ "name": "Enterprise Attack - Malware", "source": "https://github.com/mitre/cti", "type": "mitre-enterprise-attack-malware", + "category": "tool", "uuid": "fbd79f02-1707-11e8-b1c7-87406102276a", "values": [ { diff --git a/clusters/mitre-enterprise-attack-tool.json b/clusters/mitre-enterprise-attack-tool.json index e14a2d3..3cc3e2c 100644 --- a/clusters/mitre-enterprise-attack-tool.json +++ b/clusters/mitre-enterprise-attack-tool.json @@ -6,6 +6,7 @@ "name": "Enterprise Attack - Tool", "source": "https://github.com/mitre/cti", "type": "mitre-enterprise-attack-tool", + "category": "tool", "uuid": "fc1ea6e0-1707-11e8-ac05-2b70d00c354e", "values": [ { diff --git a/clusters/mitre-intrusion-set.json b/clusters/mitre-intrusion-set.json index c71799d..a768440 100644 --- a/clusters/mitre-intrusion-set.json +++ b/clusters/mitre-intrusion-set.json @@ -6,6 +6,7 @@ "name": "intrusion Set", "source": "https://github.com/mitre/cti", "type": "mitre-intrusion-set", + "category": "actor", "uuid": "10df003c-7831-11e7-bdb9-971cdd1218df", "values": [ { diff --git a/clusters/mitre-malware.json b/clusters/mitre-malware.json index 3a5e96e..10f1bac 100644 --- a/clusters/mitre-malware.json +++ b/clusters/mitre-malware.json @@ -6,6 +6,7 @@ "name": "Malware", "source": "https://github.com/mitre/cti", "type": "mitre-malware", + "category": "tool", "uuid": "d752161c-78f6-11e7-a0ea-bfa79b407ce4", "values": [ { diff --git a/clusters/mitre-mobile-attack-intrusion-set.json b/clusters/mitre-mobile-attack-intrusion-set.json index 2d563f4..5a2dee4 100644 --- a/clusters/mitre-mobile-attack-intrusion-set.json +++ b/clusters/mitre-mobile-attack-intrusion-set.json @@ -6,6 +6,7 @@ "name": "Mobile Attack - intrusion Set", "source": "https://github.com/mitre/cti", "type": "mitre-mobile-attack-intrusion-set", + "category": "actor", "uuid": "02ab4018-1708-11e8-8f9d-e735aabdfa53", "values": [ { diff --git a/clusters/mitre-mobile-attack-malware.json b/clusters/mitre-mobile-attack-malware.json index 11befb3..5b3637d 100644 --- a/clusters/mitre-mobile-attack-malware.json +++ b/clusters/mitre-mobile-attack-malware.json @@ -6,6 +6,7 @@ "name": "Mobile Attack - Malware", "source": "https://github.com/mitre/cti", "type": "mitre-mobile-attack-malware", + "category": "tool", "uuid": "04a165aa-1708-11e8-b2da-c7d7625f4a4f", "values": [ { diff --git a/clusters/mitre-mobile-attack-tool.json b/clusters/mitre-mobile-attack-tool.json index 848eaa4..6ba33c6 100644 --- a/clusters/mitre-mobile-attack-tool.json +++ b/clusters/mitre-mobile-attack-tool.json @@ -6,6 +6,7 @@ "name": "Mobile Attack - Tool", "source": "https://github.com/mitre/cti", "type": "mitre-mobile-attack-tool", + "category": "tool", "uuid": "02cee87e-1708-11e8-8f15-8b33e4d6194b", "values": [ { diff --git a/clusters/mitre-pre-attack-intrusion-set.json b/clusters/mitre-pre-attack-intrusion-set.json index da45a89..897c4bf 100644 --- a/clusters/mitre-pre-attack-intrusion-set.json +++ b/clusters/mitre-pre-attack-intrusion-set.json @@ -6,6 +6,7 @@ "name": "Pre Attack - intrusion Set", "source": "https://github.com/mitre/cti", "type": "mitre-pre-attack-intrusion-set", + "category": "actor", "uuid": "1fdc8fa2-1708-11e8-99a3-67b4efc13c4f", "values": [ { diff --git a/clusters/mitre-tool.json b/clusters/mitre-tool.json index aed7bb1..4213cbf 100644 --- a/clusters/mitre-tool.json +++ b/clusters/mitre-tool.json @@ -6,6 +6,7 @@ "name": "Tool", "source": "https://github.com/mitre/cti", "type": "mitre-tool", + "category": "tool", "uuid": "d700dc5c-78f6-11e7-a476-5f748c8e4fe0", "values": [ { diff --git a/clusters/ransomware.json b/clusters/ransomware.json index e30837d..1ffab00 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -7,6 +7,7 @@ "name": "Ransomware", "source": "Various", "type": "ransomware", + "category": "tool", "uuid": "10cf658b-5d32-4c4b-bb32-61760a640372", "values": [ { diff --git a/clusters/rat.json b/clusters/rat.json index fa74895..8848fe1 100644 --- a/clusters/rat.json +++ b/clusters/rat.json @@ -7,6 +7,7 @@ "name": "RAT", "source": "MISP Project", "type": "rat", + "category": "tool", "uuid": "312f8714-45cb-11e7-b898-135207cdceb9", "values": [ { diff --git a/clusters/stealer.json b/clusters/stealer.json index 7af58a1..95f7394 100644 --- a/clusters/stealer.json +++ b/clusters/stealer.json @@ -6,6 +6,7 @@ "name": "Stealer", "source": "Open Sources", "type": "stealer", + "category": "tool", "uuid": "f2ef4033-9001-4427-a418-df8c48e6d054", "values": [ { diff --git a/clusters/tds.json b/clusters/tds.json index ec09cf0..57f60b8 100644 --- a/clusters/tds.json +++ b/clusters/tds.json @@ -6,6 +6,7 @@ "name": "TDS", "source": "MISP Project", "type": "tds", + "category": "tool", "uuid": "ab5fffaa-c5f6-11e6-9d9d-cec0c932ce01", "values": [ { diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index db1a795..56f3069 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -10,6 +10,7 @@ "name": "Threat actor", "source": "MISP Project", "type": "threat-actor", + "category": "actor", "uuid": "7cdff317-a673-4474-84ec-4f1754947823", "values": [ { diff --git a/clusters/tool.json b/clusters/tool.json index 1465e42..15f20f6 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -11,6 +11,7 @@ "name": "Tool", "source": "MISP Project", "type": "tool", + "category": "tool", "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f", "values": [ { diff --git a/schema_clusters.json b/schema_clusters.json index 1968d6b..36f22c3 100644 --- a/schema_clusters.json +++ b/schema_clusters.json @@ -23,6 +23,9 @@ "source": { "type": "string" }, + "category": { + "type": "string" + }, "values": { "type": "array", "uniqueItems": true,