chg: [pe] Added characteristics & machine-type enumerations

- Characteristics are usually in a list, so we
  have now both the list of characteristics with
  their name, and the hex value of the addition
  of all the characteristics numeric values
- We represent the machine type with its name

Author: chrisr3d

objects/pe/definition.json

@@ -8,6 +8,30 @@
     "characteristics": {
       "description": "The characteristics that indicate the attributes of the file",
       "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "sane_defaults": [
+        "AGGRESSIVE_WS_TRIM",
+        "BYTES_REVERSED_HI",
+        "BYTES_REVERSED_LO",
+        "DEBUG_STRIPPED",
+        "DLL",
+        "EXECUTABLE_IMAGE",
+        "LARGE_ADDRESS_AWARE",
+        "LINE_NUMS_STRIPPED",
+        "LOCAL_SYMS_STRIPPED",
+        "NEED_32BIT_MACHINE",
+        "NET_RUN_FROM_SWAP",
+        "RELOCS_STRIPPED",
+        "REMOVABLE_RUN_FROM_SWAP",
+        "SYSTEM",
+        "UP_SYSTEM_ONLY"
+      ],
+      "ui-priority": 0
+    },
+    "characteristics_hex": {
+      "description": "The characteristics in a single hex value",
+      "disable_correlation": true,
       "misp-attribute": "hex",
       "ui-priority": 0
     },
@@ -77,7 +101,31 @@
     "machine-type": {
       "description": "Type of machine",
       "disable_correlation": true,
-      "misp-attribute": "hex",
+      "misp-attribute": "text",
+      "sane_default": [
+        "AM33",
+        "AMD64",
+        "ARM",
+        "ARM64",
+        "ARMNT",
+        "EBC",
+        "I386",
+        "IA64",
+        "M32R",
+        "MIPS16",
+        "MIPSFPU",
+        "MIPSFPU16",
+        "POWERPC",
+        "POWERPCFP",
+        "R4000",
+        "SH3",
+        "SH3DSP",
+        "SH4",
+        "SH5",
+        "THUMB",
+        "UNKNOWN",
+        "WCEMIPSV2"
+      ],
       "ui-priority": 0
     },
     "number-of-symbols": {