55 "misp-attribute" : " authentihash"
66 "ui-priority" : 1
77 },
8+ "characteristics" : {
9+ "description" : " The characteristics that indicate the attributes of the file"
10+ "disable_correlation" : true ,
11+ "misp-attribute" : " hex"
12+ "ui-priority" : 0
13+ },
814 "company-name" : {
915 "description" : " CompanyName in the resources"
1016 "disable_correlation" : true ,
6874 "misp-attribute" : " text"
6975 "ui-priority" : 0
7076 },
77+ "machine-type" : {
78+ "description" : " Type of machine"
79+ "disable_correlation" : true ,
80+ "misp-attribute" : " hex"
81+ "ui-priority" : 0
82+ },
83+ "number-of-symbols" : {
84+ "description" : " Number of entries in the symbol table"
85+ "disable_correlation" : true ,
86+ "misp-attribute" : " counter"
87+ "ui-priority" : 0
88+ },
7189 "number-sections" : {
7290 "description" : " Number of sections"
7391 "disable_correlation" : true ,
85103 "misp-attribute" : " pehash"
86104 "ui-priority" : 0
87105 },
106+ "pointer-to-symbol-table" : {
107+ "description" : " The file offset of the COFF symbol table."
108+ "disable_correlation" : true ,
109+ "misp-attribute" : " hex"
110+ "ui-priority" : 0
111+ },
88112 "product-name" : {
89113 "description" : " ProductName in the resources"
90114 "disable_correlation" : true ,
103127 "multiple" : true ,
104128 "ui-priority" : 0
105129 },
130+ "size-of-optional-header" : {
131+ "description" : " Size of the optional header and the data directories which follow this header"
132+ "disable_correlation" : true ,
133+ "misp-attribute" : " float"
134+ "ui-priority" : 0
135+ },
106136 "text" : {
107137 "description" : " Free text value to attach to the PE"
108138 "disable_correlation" : true ,
136166 " impfuzzy"
137167 ],
138168 "uuid" : " cf7adecc-d4f0-4e88-9d90-f978ee151a07"
139- "version" : 7
169+ "version" : 8
140170}
0 commit comments