locsec/ceios
1
Форкнуть 0
зеркало из https://github.com/ceios/ceios.git synced 2025-10-29 20:16:05 +02:00
Код Задачи Пакеты Проекты Релизы Вики Активность
ceios/database/docs/_static/operator.afb
Jim Andrew Morris e255529523 Uploading the Disarm-AttackFlow Builder 
Modified version of the AttackFlow Builder from MITRE. Includes DISARM framework components with full integration of QOL and STIX objects.
2024-09-13 15:20:35 +09:30

5348 строки
192 KiB
Plaintext
Исходник Ответственный История

Этот файл содержит невидимые символы Юникода

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"version": "0.1.0",
"id": "bb7c9b19-0f59-4b67-8858-cf34583d191b",
"schema": {
"page_template": "attack_flow_page",
"templates": [
{
"id": "@__builtin__page",
"type": 7,
"role": 0,
"grid": [
10,
10
],
"properties": {
"name": {
"type": 2,
"value": "Untitled Document",
"is_primary": true
}
},
"style": {
"grid_color": "#1d1d1d",
"background_color": "#141414",
"drop_shadow": {
"color": "rgba(0,0,0,.4)",
"offset": [
3,
3
]
}
}
},
{
"id": "@__builtin__anchor",
"type": 0,
"role": 0,
"radius": 10,
"line_templates": {
"0": "@__builtin__line_horizontal_elbow",
"1": "@__builtin__line_vertical_elbow"
},
"style": {
"color": "rgba(255, 255, 255, 0.25)"
}
},
{
"id": "@__builtin__line_handle",
"type": 4,
"role": 0,
"style": {
"radius": 6,
"fill_color": "#fedb22",
"stroke_color": "#141414",
"stroke_width": 1.5
}
},
{
"id": "@__builtin__line_source",
"type": 3,
"role": 12288,
"style": {
"radius": 6,
"fill_color": "#fedb22",
"stroke_color": "#141414",
"stroke_width": 1.5
}
},
{
"id": "@__builtin__line_target",
"type": 3,
"role": 16384,
"style": {
"radius": 6,
"fill_color": "#fedb22",
"stroke_color": "#141414",
"stroke_width": 1.5
}
},
{
"id": "@__builtin__line_horizontal_elbow",
"namespace": "horizontal_elbow",
"type": 5,
"role": 8192,
"hitbox_width": 20,
"line_handle_template": "@__builtin__line_handle",
"line_ending_template": {
"source": "@__builtin__line_source",
"target": "@__builtin__line_target"
},
"style": {
"width": 5,
"cap_size": 16,
"color": "#646464",
"select_color": "#646464"
}
},
{
"id": "@__builtin__line_vertical_elbow",
"namespace": "vertical_elbow",
"type": 6,
"role": 8192,
"hitbox_width": 20,
"line_handle_template": "@__builtin__line_handle",
"line_ending_template": {
"source": "@__builtin__line_source",
"target": "@__builtin__line_target"
},
"style": {
"width": 5,
"cap_size": 16,
"color": "#646464",
"select_color": "#646464"
}
},
{
"id": "attack_flow_page",
"type": 7,
"role": 0,
"grid": [
10,
10
],
"properties": {
"name": {
"type": 2,
"value": "Untitled Document",
"is_primary": true
},
"description": {
"type": 2
},
"scope": {
"type": 4,
"options": {
"type": 5,
"form": {
"type": 2
},
"value": [
[
"incident",
"Incident"
],
[
"campaign",
"Campaign"
],
[
"threat-actor",
"Threat Actor"
],
[
"malware",
"Malware"
],
[
"other",
"Other"
]
]
},
"value": "incident"
},
"author": {
"type": 6,
"form": {
"name": {
"type": 2,
"is_primary": true
},
"identity_class": {
"type": 4,
"options": {
"type": 5,
"form": {
"type": 2
},
"value": [
[
"individual",
"Individual"
],
[
"group",
"Group"
],
[
"system",
"System"
],
[
"organization",
"Organization"
],
[
"class",
"Class"
],
[
"unknown",
"Unknown"
]
]
}
},
"contact_information": {
"type": 2
}
}
},
"external_references": {
"type": 5,
"form": {
"type": 6,
"form": {
"source_name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"url": {
"type": 2
}
}
}
}
},
"style": {
"grid_color": "#1d1d1d",
"background_color": "#141414",
"drop_shadow": {
"color": "rgba(0,0,0,.4)",
"offset": [
3,
3
]
}
}
},
{
"id": "true_anchor",
"type": 0,
"role": 0,
"radius": 10,
"line_templates": {
"0": "@__builtin__line_horizontal_elbow",
"1": "@__builtin__line_vertical_elbow"
},
"style": {
"color": "rgba(255, 255, 255, 0.25)"
}
},
{
"id": "false_anchor",
"type": 0,
"role": 0,
"radius": 10,
"line_templates": {
"0": "@__builtin__line_horizontal_elbow",
"1": "@__builtin__line_vertical_elbow"
},
"style": {
"color": "rgba(255, 255, 255, 0.25)"
}
},
{
"id": "action",
"namespace": "attack_flow.action",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"tactic_id": {
"type": 2
},
"tactic_ref": {
"type": 2
},
"technique_id": {
"type": 2
},
"technique_ref": {
"type": 2
},
"description": {
"type": 2
},
"confidence": {
"type": 4,
"options": {
"type": 5,
"form": {
"type": 6,
"form": {
"text": {
"type": 2,
"is_primary": true
},
"value": {
"type": 0
}
}
},
"value": [
[
"speculative",
{
"text": "Speculative",
"value": 0
}
],
[
"very-doubtful",
{
"text": "Very Doubtful",
"value": 10
}
],
[
"doubtful",
{
"text": "Doubtful",
"value": 30
}
],
[
"even-odds",
{
"text": "Even Odds",
"value": 50
}
],
[
"probable",
{
"text": "Probable",
"value": 70
}
],
[
"very-probable",
{
"text": "Very Probable",
"value": 90
}
],
[
"certain",
{
"text": "Certain",
"value": 100
}
]
]
},
"value": "probable"
},
"execution_start": {
"type": 3
},
"execution_end": {
"type": 3
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#637bc9",
"stroke_color": "#708ce6",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "asset",
"namespace": "attack_flow.asset",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#c26130",
"stroke_color": "#e57339",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "condition",
"namespace": "attack_flow.condition",
"type": 1,
"role": 4096,
"properties": {
"description": {
"type": 2,
"is_primary": true,
"is_required": true
},
"pattern": {
"type": 2
},
"pattern_type": {
"type": 2
},
"pattern_version": {
"type": 2
}
},
"branches": [
{
"text": "True",
"anchor_template": "true_anchor"
},
{
"text": "False",
"anchor_template": "false_anchor"
}
],
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#2a9642",
"stroke_color": "#32b34e",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"branch": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"vertical_padding": 12,
"horizontal_padding": 30
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "or",
"namespace": "attack_flow.OR_operator",
"type": 8,
"role": 4096,
"properties": {
"text": {
"type": 2,
"value": "OR",
"is_primary": true,
"is_visible": false,
"is_editable": false
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"fill_color": "#c94040",
"stroke_color": "#dd5050",
"text": {
"font": {
"family": "Inter",
"size": "14pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 24
},
"border_radius": 13,
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 19
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"vertical_padding": 18,
"horizontal_padding": 35
}
},
{
"id": "and",
"namespace": "attack_flow.AND_operator",
"type": 8,
"role": 4096,
"properties": {
"text": {
"type": 2,
"value": "AND",
"is_primary": true,
"is_visible": false,
"is_editable": false
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"fill_color": "#c94040",
"stroke_color": "#dd5050",
"text": {
"font": {
"family": "Inter",
"size": "14pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 24
},
"border_radius": 13,
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 19
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"vertical_padding": 18,
"horizontal_padding": 35
}
},
{
"id": "attack-pattern",
"namespace": "stix_object.attack_pattern",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"aliases": {
"type": 5,
"form": {
"type": 2
}
},
"kill_chain_phases": {
"type": 5,
"form": {
"type": 2
}
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "campaign",
"namespace": "stix_object.campaign",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"aliases": {
"type": 5,
"form": {
"type": 2
}
},
"first_seen": {
"type": 3
},
"last_seen": {
"type": 3
},
"objective": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "course-of-action",
"namespace": "stix_object.course_of_action",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"action_type": {
"type": 2
},
"os_execution_envs": {
"type": 5,
"form": {
"type": 2
}
},
"action_bin": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "grouping",
"namespace": "stix_object.grouping",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true
},
"description": {
"type": 2
},
"context": {
"type": 2,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "identity",
"namespace": "stix_object.identity",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_required": true,
"is_primary": true
},
"description": {
"type": 2
},
"roles": {
"type": 5,
"form": {
"type": 2
}
},
"identity_class": {
"type": 2,
"is_required": true
},
"sectors": {
"type": 5,
"form": {
"type": 2
}
},
"contact_information": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "indicator",
"namespace": "stix_object.indicator",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true
},
"description": {
"type": 2
},
"indicator_types": {
"type": 5,
"form": {
"type": 2,
"is_required": true
}
},
"pattern": {
"type": 2,
"is_required": true
},
"pattern_type": {
"type": 2,
"is_required": true
},
"patter_version": {
"type": 2
},
"valid_from": {
"type": 3,
"is_required": true
},
"valid_until": {
"type": 3
},
"kill_chain_phases": {
"type": 5,
"form": {
"type": 2
}
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "infrastructure",
"namespace": "stix_object.infrastructure",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"infrastructure_types": {
"type": 5,
"form": {
"type": 2,
"is_required": true
}
},
"aliases": {
"type": 5,
"form": {
"type": 2
}
},
"kill_chain_phases": {
"type": 5,
"form": {
"type": 2
}
},
"first_seen": {
"type": 3
},
"last_seen": {
"type": 3
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "intrusion-set",
"namespace": "stix_object.intrusion_set",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"aliases": {
"type": 5,
"form": {
"type": 2
},
"is_required": true
},
"first_seen": {
"type": 3
},
"last_seen": {
"type": 3
},
"goals": {
"type": 5,
"form": {
"type": 2
}
},
"resource_level": {
"type": 2
},
"primary_motivation": {
"type": 2
},
"secondary_motivations": {
"type": 5,
"form": {
"type": 2
}
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "location",
"namespace": "stix_object.location",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true
},
"description": {
"type": 2
},
"latitude": {
"type": 1,
"min": -90,
"max": 90
},
"longitude": {
"type": 1,
"min": -180,
"max": 180
},
"precision": {
"type": 1
},
"region": {
"type": 2
},
"country": {
"type": 2
},
"administrative_area": {
"type": 2
},
"city": {
"type": 2
},
"street_address": {
"type": 2
},
"postal_code": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "malware",
"namespace": "stix_object.malware",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true
},
"description": {
"type": 2
},
"malware_types": {
"type": 5,
"form": {
"type": 2
},
"is_required": true
},
"is_family": {
"type": 2,
"is_required": true
},
"aliases": {
"type": 5,
"form": {
"type": 2
}
},
"kill_chain_phases": {
"type": 5,
"form": {
"type": 2
}
},
"first_seen": {
"type": 3
},
"last_seen": {
"type": 3
},
"os_execution_envs": {
"type": 5,
"form": {
"type": 2
}
},
"architecture_execution_envs": {
"type": 5,
"form": {
"type": 2
}
},
"implementation_languages": {
"type": 5,
"form": {
"type": 2
}
},
"capabilities": {
"type": 5,
"form": {
"type": 2
}
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "malware_analysis",
"namespace": "stix_object.malware_analysis",
"type": 2,
"role": 4096,
"properties": {
"product": {
"type": 2,
"is_primary": true,
"is_required": true
},
"version": {
"type": 2
},
"configuration_version": {
"type": 2
},
"modules": {
"type": 5,
"form": {
"type": 2
}
},
"analysis_engine_version": {
"type": 2
},
"analysis_definition_version": {
"type": 2
},
"submitted": {
"type": 3
},
"analysis_started": {
"type": 3
},
"analysis_ended": {
"type": 3
},
"av_result": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "note",
"namespace": "stix_object.note",
"type": 2,
"role": 4096,
"properties": {
"abstract": {
"type": 2,
"is_primary": true
},
"content": {
"type": 2,
"is_required": true
},
"authors": {
"type": 5,
"form": {
"type": 2
}
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "observed-data",
"namespace": "stix_object.observed_data",
"type": 2,
"role": 4096,
"properties": {
"first_observed": {
"type": 3,
"is_required": true
},
"last_observed": {
"type": 3,
"is_required": true
},
"number_observed": {
"type": 0,
"min": 0,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "opinion",
"namespace": "stix_object.opinion",
"type": 2,
"role": 4096,
"properties": {
"explanation": {
"type": 2,
"is_primary": true
},
"authors": {
"type": 5,
"form": {
"type": 2
}
},
"opinion": {
"type": 2,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "report",
"namespace": "stix_object.report",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"report_types": {
"type": 5,
"form": {
"type": 2
},
"is_required": true
},
"published": {
"type": 3,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "threat-actor",
"namespace": "stix_object.threat_actor",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"threat_actor_types": {
"type": 5,
"form": {
"type": 2
},
"is_required": true
},
"aliases": {
"type": 5,
"form": {
"type": 2
}
},
"first_seen": {
"type": 3
},
"last_seen": {
"type": 3
},
"roles": {
"type": 5,
"form": {
"type": 2
}
},
"goals": {
"type": 5,
"form": {
"type": 2
}
},
"sophistication": {
"type": 2
},
"resource_level": {
"type": 2
},
"primary_motivation": {
"type": 2
},
"secondary_motivations": {
"type": 5,
"form": {
"type": 2
}
},
"personal_motivations": {
"type": 5,
"form": {
"type": 2
}
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "tool",
"namespace": "stix_object.tool",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
},
"tool_types": {
"type": 5,
"form": {
"type": 2
},
"is_required": true
},
"aliases": {
"type": 5,
"form": {
"type": 2
}
},
"kill_chain_phases": {
"type": 5,
"form": {
"type": 2
}
},
"tool_version": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "vulnerability",
"namespace": "stix_object.vulnerability",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"description": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "artifact",
"namespace": "stix_observable.artifact",
"type": 2,
"role": 4096,
"properties": {
"mime_type": {
"type": 2
},
"payload_bin": {
"type": 2
},
"url": {
"type": 2
},
"hashes": {
"type": 2
},
"encryption_algorithm": {
"type": 2
},
"decryption_key": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "autonomous-system",
"namespace": "stix_observable.autonomous_system",
"type": 2,
"role": 4096,
"properties": {
"number": {
"type": 2,
"is_primary": true,
"is_required": true
},
"name": {
"type": 2
},
"rir": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "directory",
"namespace": "stix_observable.directory",
"type": 2,
"role": 4096,
"properties": {
"path": {
"type": 2,
"is_primary": true,
"is_required": true
},
"path_enc": {
"type": 2
},
"ctime": {
"type": 3
},
"mtime": {
"type": 3
},
"atime": {
"type": 3
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "domain-name",
"namespace": "stix_observable.domain_name",
"type": 2,
"role": 4096,
"properties": {
"value": {
"type": 2,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "email_address",
"namespace": "stix_observable.email_address",
"type": 2,
"role": 4096,
"properties": {
"value": {
"type": 2,
"is_required": true
},
"display_name": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "email-message",
"namespace": "stix_observable.email_message",
"type": 2,
"role": 4096,
"properties": {
"is_multipart": {
"type": 2,
"is_required": true
},
"date": {
"type": 2
},
"content_type": {
"type": 2
},
"message_id": {
"type": 2
},
"subject": {
"type": 2,
"is_primary": true
},
"received_lines": {
"type": 2
},
"additional_header_fields": {
"type": 2
},
"body": {
"type": 2
},
"body_multipart": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "file",
"namespace": "stix_observable.file",
"type": 2,
"role": 4096,
"properties": {
"hashes": {
"type": 2
},
"size": {
"type": 2
},
"name": {
"type": 2,
"is_primary": true
},
"name_enc": {
"type": 2
},
"magic_number_hex": {
"type": 2
},
"mime_type": {
"type": 2
},
"ctime": {
"type": 3
},
"mtime": {
"type": 3
},
"atime": {
"type": 3
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "ipv4-address",
"namespace": "stix_observable.ipv4_address",
"type": 2,
"role": 4096,
"properties": {
"value": {
"type": 2,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "ipv6-address",
"namespace": "stix_observable.ipv6_address",
"type": 2,
"role": 4096,
"properties": {
"value": {
"type": 2,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "mac-address",
"namespace": "stix_observable.mac_address",
"type": 2,
"role": 4096,
"properties": {
"value": {
"type": 2,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "mutex",
"namespace": "stix_observable.mutex",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "network-traffic",
"namespace": "stix_observable.network_traffic",
"type": 2,
"role": 4096,
"properties": {
"start": {
"type": 3
},
"end": {
"type": 3
},
"is_active": {
"type": 2
},
"src_port": {
"type": 0,
"min": 0,
"max": 65535
},
"dst_port": {
"type": 0,
"min": 0,
"max": 65535
},
"protocols": {
"type": 5,
"form": {
"type": 2
},
"is_required": true
},
"src_byte_count": {
"type": 0,
"min": 0
},
"dst_byte_count": {
"type": 0,
"min": 0
},
"src_packets": {
"type": 0,
"min": 0
},
"dst_packets": {
"type": 0,
"min": 0
},
"ipfix": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "process",
"namespace": "stix_observable.process",
"type": 2,
"role": 4096,
"properties": {
"is_hidden": {
"type": 2
},
"pid": {
"type": 0,
"min": 0
},
"created_time": {
"type": 3
},
"cwd": {
"type": 2
},
"command_line": {
"type": 2,
"is_required": true
},
"environment_variables": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "software",
"namespace": "stix_observable.software",
"type": 2,
"role": 4096,
"properties": {
"name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"cpe": {
"type": 2
},
"languages": {
"type": 5,
"form": {
"type": 2
}
},
"vendor": {
"type": 2
},
"version": {
"type": 2
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "url",
"namespace": "stix_observable.url",
"type": 2,
"role": 4096,
"properties": {
"value": {
"type": 2,
"is_required": true
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "user-account",
"namespace": "stix_observable.user_account",
"type": 2,
"role": 4096,
"properties": {
"user_id": {
"type": 2
},
"credential": {
"type": 2
},
"account_login": {
"type": 2
},
"account_type": {
"type": 2
},
"display_name": {
"type": 2,
"is_primary": true,
"is_required": true
},
"is_service_account": {
"type": 2
},
"is_privileged": {
"type": 2
},
"can_escalate_privs": {
"type": 2
},
"is_disabled": {
"type": 2
},
"account_created": {
"type": 3
},
"account_expires": {
"type": 3
},
"credential_last_changed": {
"type": 3
},
"account_first_login": {
"type": 3
},
"account_last_login": {
"type": 3
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "windows-registry-key",
"namespace": "stix_observable.windows_registry_key",
"type": 2,
"role": 4096,
"properties": {
"key": {
"type": 2,
"is_primary": true
},
"values": {
"type": 5,
"form": {
"type": 2
}
},
"modified_time": {
"type": 3
},
"number_of_subkeys": {
"type": 0,
"min": 0
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
},
{
"id": "x509-certificate",
"namespace": "stix_observable.x509_certificate",
"type": 2,
"role": 4096,
"properties": {
"subject": {
"type": 2,
"is_primary": true,
"is_required": true
},
"is_self_signed": {
"type": 2
},
"hashes": {
"type": 2
},
"version": {
"type": 2
},
"serial_number": {
"type": 2
},
"signature_algorithm": {
"type": 2
},
"issuer": {
"type": 2
},
"validity_not_before": {
"type": 3
},
"validity_not_after": {
"type": 3
},
"subject_public_key_algorithm": {
"type": 2
},
"subject_public_key_modulus": {
"type": 2
},
"subject_public_key_exponent": {
"type": 0,
"min": 0
}
},
"anchor_template": "@__builtin__anchor",
"style": {
"max_width": 320,
"head": {
"fill_color": "#737373",
"stroke_color": "#8c8c8c",
"one_title": {
"title": {
"font": {
"family": "Inter",
"size": "10.5pt",
"weight": 800
},
"color": "#d8d8d8"
}
},
"two_title": {
"title": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#d8d8d8",
"padding": 8
},
"subtitle": {
"font": {
"family": "Inter",
"size": "13pt",
"weight": 800
},
"color": "#d8d8d8",
"line_height": 23
}
},
"vertical_padding": 14
},
"body": {
"fill_color": "#1f1f1f",
"stroke_color": "#383838",
"field_name": {
"font": {
"family": "Inter",
"size": "8pt",
"weight": 600
},
"color": "#b3b3b3",
"padding": 12
},
"field_value": {
"font": {
"family": "Inter",
"size": "10.5pt"
},
"color": "#bfbfbf",
"line_height": 20,
"padding": 22
},
"vertical_padding": 18
},
"select_outline": {
"color": "#e6d845",
"padding": 4,
"border_radius": 9
},
"anchor_markers": {
"color": "#ffffff",
"size": 3
},
"border_radius": 5,
"horizontal_padding": 20
}
}
]
},
"objects": [
{
"id": "bb7c9b19-0f59-4b67-8858-cf34583d191b",
"x": 10,
"y": 15,
"attrs": 0,
"template": "attack_flow_page",
"children": [
"315e0e98-fd72-4ac9-8ad5-1c7ae80d04e8",
"a0dcd029-54c0-451b-8b5e-37419f534d90",
"5f5f1e12-144e-40eb-922d-92f14d3acbf6",
"5f7b8b09-89ec-4227-a671-754cdab49c9e",
"83c3648e-de90-479d-91fc-1abc546e6a46",
"80d54e30-a9c9-4eb0-b6aa-adf79d99478a",
"42dfe252-aa26-4b1b-ac0e-afa7543ab168"
],
"properties": [
[
"name",
"operator"
],
[
"description",
null
],
[
"scope",
"3e072748feb6ecd1b1ba397704e009c0"
],
[
"author",
[
[
"name",
null
],
[
"identity_class",
null
],
[
"contact_information",
null
]
]
],
[
"external_references",
[]
]
]
},
{
"id": "315e0e98-fd72-4ac9-8ad5-1c7ae80d04e8",
"x": -170,
"y": -220,
"attrs": 256,
"template": "action",
"children": [
"da879c69-a465-4b12-a16d-e3849b3c439b",
"3a8129c4-5ef6-4925-aac2-ff81e560b212",
"4378b3da-0ec9-4391-b17e-b5f6ebd33360",
"5925d31d-ec5e-46b3-9b2c-782aac35724b",
"5bdb84d9-5a54-4498-b23c-3603c059985e",
"e298a642-bebc-4286-8724-6ec02306ca0f",
"cb8bb03d-0cab-4c9e-9840-191294b6c90b",
"f505c78a-7663-4202-bffa-4bbc8f674aa1",
"a0ca99e1-d51f-4ed1-b234-dcad1004c3eb",
"b4befc58-7791-4a70-a373-71e0febb28bc",
"cd489d33-6533-486a-8bed-b74c46471b50",
"9d9eeddf-a040-48fb-be4e-08ca21624a8f"
],
"properties": [
[
"name",
"OS Credential Dumping: LSASS Memory"
],
[
"tactic_id",
"T1003.001"
],
[
"tactic_ref",
null
],
[
"technique_id",
null
],
[
"technique_ref",
null
],
[
"description",
"Dump plaintext credentials."
],
[
"confidence",
null
],
[
"execution_start",
null
],
[
"execution_end",
null
]
]
},
{
"id": "a0dcd029-54c0-451b-8b5e-37419f534d90",
"x": 190,
"y": -210,
"attrs": 256,
"template": "action",
"children": [
"2984e8ff-3976-4ac3-a0f1-eb689ee60a32",
"9fe89301-3d1b-4df5-8644-4230cf550641",
"1bb7549e-0bc7-4a0e-8b2f-1f63a7ecf993",
"2cae2b01-9618-4fb6-ac07-1ed7d56b9058",
"dd0694b3-37f8-4e36-b8e7-7291bce25b75",
"dceaacbb-e30c-45bc-aaa8-732ab9701cf2",
"5b7ce37e-b8b1-4602-9b72-463cc424375b",
"15bd352c-7ddc-4ff5-998f-6b9729ee45da",
"ecd9587f-8251-4b8b-8271-bee9da40f973",
"7fe60a67-a5f0-470e-b0fa-cfdf73e01db6",
"adaa7a4a-6cf7-4da4-a44b-3496e84cf4d0",
"1ea67cc7-b785-42f3-856c-655bb9ab778c"
],
"properties": [
[
"name",
"Create Account: Local Account"
],
[
"tactic_id",
"T1136.001"
],
[
"tactic_ref",
null
],
[
"technique_id",
null
],
[
"technique_ref",
null
],
[
"description",
"Creates a local user account."
],
[
"confidence",
null
],
[
"execution_start",
null
],
[
"execution_end",
null
]
]
},
{
"id": "5f5f1e12-144e-40eb-922d-92f14d3acbf6",
"x": 10,
"y": 10,
"attrs": 256,
"template": "or",
"children": [
"d8757537-06c0-4a4f-9438-72f5dbccc2a7",
"2b3df3b6-19de-4d1c-8370-bfc3614e935e",
"ae3c34cb-37ee-4db6-bd3d-c2dd5b371c66",
"e9d9766c-0c02-43a2-b4f8-14bb175bf190",
"ba068418-b2b8-4a82-a509-4249e1c3ceb5",
"d61ce4a1-9a2e-4dd2-8472-fd008bd3f9d5",
"764a31c8-6554-4211-9c84-4f6281ed7425",
"86f9311d-56e2-4ca5-a1c2-f228987613cc",
"6999650f-d868-42de-8a84-22edcce07c31",
"914ec98a-c03a-446e-bd40-6a8e446c079f",
"21bf45fa-abbb-4043-bdf3-de758ab7456a",
"29e2c69c-5861-4778-baf3-016f598ba91e"
],
"properties": [
[
"text",
"OR"
]
]
},
{
"id": "5f7b8b09-89ec-4227-a671-754cdab49c9e",
"x": -95,
"y": -67,
"attrs": 0,
"template": "@__builtin__line_vertical_elbow",
"children": [
"9b1ed6a2-0e14-4289-8509-487698c2df47",
"8603b6a3-06c9-4653-9dcf-2bc67000be6c",
"5000f8f9-042d-418b-8580-a108006050c0"
],
"properties": []
},
{
"id": "83c3648e-de90-479d-91fc-1abc546e6a46",
"x": 75,
"y": -68,
"attrs": 0,
"template": "@__builtin__line_vertical_elbow",
"children": [
"542bdfaa-af0f-45f8-b2d6-7dc9c091e371",
"698e009f-bcb8-4521-9967-098769c49f84",
"a98859ce-3874-42db-bee7-923d66467a3e"
],
"properties": []
},
{
"id": "80d54e30-a9c9-4eb0-b6aa-adf79d99478a",
"x": 10,
"y": 82,
"attrs": 0,
"template": "@__builtin__line_vertical_elbow",
"children": [
"7b964a46-f23b-492c-86c1-d9394ac3dc6f",
"505496b2-ee3e-4a32-a3c5-435980c567d7",
"5f72afca-92ac-4075-8e4e-78591ca4edf1"
],
"properties": []
},
{
"id": "42dfe252-aa26-4b1b-ac0e-afa7543ab168",
"x": 10,
"y": 240,
"attrs": 256,
"template": "action",
"children": [
"9f243eec-4d81-4d3b-84a8-c6c35c20a6f7",
"3477b9dd-85b0-42d1-9e07-a4fccc72e1f6",
"97102e12-d6d4-4825-beb4-acb1b0f2a3a4",
"f24cb641-971c-4f32-9757-9c690a7e6e3b",
"6108b97f-1ff1-4086-83e6-483e63a54d93",
"e2907976-dcd1-4166-bccf-c307b7e50ed4",
"1f4e1c81-3c66-4200-a6a3-fcedf3c150ca",
"763d53a7-da21-44aa-bd34-05acb053d0a3",
"d9afd27e-842a-4c54-a30d-6c70030b036d",
"da049657-d10c-4165-8ace-03b11021f9ba",
"9431a639-189d-4b20-a1c4-619b4b2bf70d",
"e47fabf2-0ad4-4524-803b-1bb4b4abbe37"
],
"properties": [
[
"name",
"Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder"
],
[
"tactic_id",
"T1547.001"
],
[
"tactic_ref",
null
],
[
"technique_id",
null
],
[
"technique_ref",
null
],
[
"description",
"Trigger malicious payload to run automatically at login."
],
[
"confidence",
null
],
[
"execution_start",
null
],
[
"execution_end",
null
]
]
},
{
"id": "da879c69-a465-4b12-a16d-e3849b3c439b",
"x": -247,
"y": -321,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "3a8129c4-5ef6-4925-aac2-ff81e560b212",
"x": -170,
"y": -321,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "4378b3da-0ec9-4391-b17e-b5f6ebd33360",
"x": -93,
"y": -321,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "5925d31d-ec5e-46b3-9b2c-782aac35724b",
"x": -16,
"y": -270.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "5bdb84d9-5a54-4498-b23c-3603c059985e",
"x": -16,
"y": -220,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "e298a642-bebc-4286-8724-6ec02306ca0f",
"x": -16,
"y": -169.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "cb8bb03d-0cab-4c9e-9840-191294b6c90b",
"x": -93,
"y": -118,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "f505c78a-7663-4202-bffa-4bbc8f674aa1",
"x": -170,
"y": -118,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [
"9b1ed6a2-0e14-4289-8509-487698c2df47"
],
"properties": [],
"angle": 1
},
{
"id": "a0ca99e1-d51f-4ed1-b234-dcad1004c3eb",
"x": -247,
"y": -118,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "b4befc58-7791-4a70-a373-71e0febb28bc",
"x": -324,
"y": -169.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "cd489d33-6533-486a-8bed-b74c46471b50",
"x": -324,
"y": -220,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "9d9eeddf-a040-48fb-be4e-08ca21624a8f",
"x": -324,
"y": -270.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "2984e8ff-3976-4ac3-a0f1-eb689ee60a32",
"x": 113,
"y": -299,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "9fe89301-3d1b-4df5-8644-4230cf550641",
"x": 190,
"y": -299,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "1bb7549e-0bc7-4a0e-8b2f-1f63a7ecf993",
"x": 267,
"y": -299,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "2cae2b01-9618-4fb6-ac07-1ed7d56b9058",
"x": 344,
"y": -254.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "dd0694b3-37f8-4e36-b8e7-7291bce25b75",
"x": 344,
"y": -210,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "dceaacbb-e30c-45bc-aaa8-732ab9701cf2",
"x": 344,
"y": -165.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "5b7ce37e-b8b1-4602-9b72-463cc424375b",
"x": 267,
"y": -120,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "15bd352c-7ddc-4ff5-998f-6b9729ee45da",
"x": 190,
"y": -120,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "ecd9587f-8251-4b8b-8271-bee9da40f973",
"x": 113,
"y": -120,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [
"542bdfaa-af0f-45f8-b2d6-7dc9c091e371"
],
"properties": [],
"angle": 1
},
{
"id": "7fe60a67-a5f0-470e-b0fa-cfdf73e01db6",
"x": 36,
"y": -165.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "adaa7a4a-6cf7-4da4-a44b-3496e84cf4d0",
"x": 36,
"y": -210,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "1ea67cc7-b785-42f3-856c-655bb9ab778c",
"x": 36,
"y": -254.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "d8757537-06c0-4a4f-9438-72f5dbccc2a7",
"x": -18.5,
"y": -16,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [
"5000f8f9-042d-418b-8580-a108006050c0"
],
"properties": [],
"angle": 1
},
{
"id": "2b3df3b6-19de-4d1c-8370-bfc3614e935e",
"x": 10,
"y": -16,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "ae3c34cb-37ee-4db6-bd3d-c2dd5b371c66",
"x": 38.5,
"y": -16,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [
"a98859ce-3874-42db-bee7-923d66467a3e"
],
"properties": [],
"angle": 1
},
{
"id": "e9d9766c-0c02-43a2-b4f8-14bb175bf190",
"x": 67,
"y": -3,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "ba068418-b2b8-4a82-a509-4249e1c3ceb5",
"x": 67,
"y": 10,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "d61ce4a1-9a2e-4dd2-8472-fd008bd3f9d5",
"x": 67,
"y": 23,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "764a31c8-6554-4211-9c84-4f6281ed7425",
"x": 38.5,
"y": 36,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "86f9311d-56e2-4ca5-a1c2-f228987613cc",
"x": 10,
"y": 36,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [
"7b964a46-f23b-492c-86c1-d9394ac3dc6f"
],
"properties": [],
"angle": 1
},
{
"id": "6999650f-d868-42de-8a84-22edcce07c31",
"x": -18.5,
"y": 36,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "914ec98a-c03a-446e-bd40-6a8e446c079f",
"x": -47,
"y": 23,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "21bf45fa-abbb-4043-bdf3-de758ab7456a",
"x": -47,
"y": 10,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "29e2c69c-5861-4778-baf3-016f598ba91e",
"x": -47,
"y": -3,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "9b1ed6a2-0e14-4289-8509-487698c2df47",
"x": -170,
"y": -118,
"attrs": 0,
"template": "@__builtin__line_source",
"children": [],
"properties": []
},
{
"id": "8603b6a3-06c9-4653-9dcf-2bc67000be6c",
"x": -94.25,
"y": -67,
"attrs": 0,
"template": "@__builtin__line_handle",
"children": [],
"properties": []
},
{
"id": "5000f8f9-042d-418b-8580-a108006050c0",
"x": -18.5,
"y": -16,
"attrs": 0,
"template": "@__builtin__line_target",
"children": [],
"properties": []
},
{
"id": "542bdfaa-af0f-45f8-b2d6-7dc9c091e371",
"x": 113,
"y": -120,
"attrs": 0,
"template": "@__builtin__line_source",
"children": [],
"properties": []
},
{
"id": "698e009f-bcb8-4521-9967-098769c49f84",
"x": 75.75,
"y": -68,
"attrs": 0,
"template": "@__builtin__line_handle",
"children": [],
"properties": []
},
{
"id": "a98859ce-3874-42db-bee7-923d66467a3e",
"x": 38.5,
"y": -16,
"attrs": 0,
"template": "@__builtin__line_target",
"children": [],
"properties": []
},
{
"id": "7b964a46-f23b-492c-86c1-d9394ac3dc6f",
"x": 10,
"y": 36,
"attrs": 0,
"template": "@__builtin__line_source",
"children": [],
"properties": []
},
{
"id": "505496b2-ee3e-4a32-a3c5-435980c567d7",
"x": 10,
"y": 82.5,
"attrs": 0,
"template": "@__builtin__line_handle",
"children": [],
"properties": []
},
{
"id": "5f72afca-92ac-4075-8e4e-78591ca4edf1",
"x": 10,
"y": 129,
"attrs": 0,
"template": "@__builtin__line_target",
"children": [],
"properties": []
},
{
"id": "9f243eec-4d81-4d3b-84a8-c6c35c20a6f7",
"x": -76.5,
"y": 129,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "3477b9dd-85b0-42d1-9e07-a4fccc72e1f6",
"x": 10,
"y": 129,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [
"5f72afca-92ac-4075-8e4e-78591ca4edf1"
],
"properties": [],
"angle": 1
},
{
"id": "97102e12-d6d4-4825-beb4-acb1b0f2a3a4",
"x": 96.5,
"y": 129,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "f24cb641-971c-4f32-9757-9c690a7e6e3b",
"x": 183,
"y": 184.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "6108b97f-1ff1-4086-83e6-483e63a54d93",
"x": 183,
"y": 240,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "e2907976-dcd1-4166-bccf-c307b7e50ed4",
"x": 183,
"y": 295.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "1f4e1c81-3c66-4200-a6a3-fcedf3c150ca",
"x": 96.5,
"y": 352,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "763d53a7-da21-44aa-bd34-05acb053d0a3",
"x": 10,
"y": 352,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "d9afd27e-842a-4c54-a30d-6c70030b036d",
"x": -76.5,
"y": 352,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 1
},
{
"id": "da049657-d10c-4165-8ace-03b11021f9ba",
"x": -163,
"y": 295.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "9431a639-189d-4b20-a1c4-619b4b2bf70d",
"x": -163,
"y": 240,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
},
{
"id": "e47fabf2-0ad4-4524-803b-1bb4b4abbe37",
"x": -163,
"y": 184.5,
"attrs": 0,
"template": "@__builtin__anchor",
"children": [],
"properties": [],
"angle": 0
}
],
"location": {
"x": 24.44660051024672,
"y": 161.56014250250007,
"k": 0.9408261075137877
}
}
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку