Malware Technique relationship is linked to Actors #37

BigLeagueChew · 2020-05-19T10:51:05Z

Hello,

I believe the techniques() method on a AttckMalware class is incorrectly linked to Actor information instead of a Technique. I believe line 112 on malware.py needs to be changed to 'attack-pattern'.
See example below which prints Actor names instead of Technique names.

from pyattck import Attck
attack = Attck()

for mal in attack.enterprise.malwares:
    for technique in mal.techniques:
        print(technique.name)

joshswimlane · 2020-05-19T13:39:17Z

Thanks! You are correct and I will get this updated today (as well as review the other relationships). Much appreciated!

BigLeagueChew · 2020-05-19T17:23:09Z

Thanks Josh.

I might have come across another relationship issue. I'm seeing PreAttckActor class returning what looks like Mitre software "S000" for the IDs. Thoughts?

from pyattck import Attck
attack = Attck()

for actor in attack.preattack.actors:
    print(actor.id, actor.name)

joshswimlane mentioned this issue May 19, 2020

Fixed relationship links in preattack #38

Closed

joshswimlane pushed a commit that referenced this issue May 19, 2020

closing #37 - modified relationship type name in malware.py

054875b

joshswimlane closed this as completed in baddf5b May 20, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Malware Technique relationship is linked to Actors #37

Malware Technique relationship is linked to Actors #37

BigLeagueChew commented May 19, 2020 •

edited

Loading

joshswimlane commented May 19, 2020

BigLeagueChew commented May 19, 2020

Malware Technique relationship is linked to Actors #37

Malware Technique relationship is linked to Actors #37

Comments

BigLeagueChew commented May 19, 2020 • edited Loading

joshswimlane commented May 19, 2020

BigLeagueChew commented May 19, 2020

BigLeagueChew commented May 19, 2020 •

edited

Loading