| Name | Type | Description | Notes |
|---|---|---|---|
| type | TypeEnum | Type of the IOC | |
| value | String | Value of the IOC | |
| description | String | Description of the IOC | |
| source | String | The source address where the IOC can be found in the binary if possible. | [optional] |
| functionId | Integer | Unique identifier of the function containing the IOC | [optional] |
| functionName | String | Name of the function containing the IOC | [optional] |
| Name | Value |
|---|---|
| IP | "ip" |
| DOMAIN | "domain" |
| URL | "url" |
| USERNAMES | "usernames" |
| PASSWORDS | "passwords" |
| FILE_HASH | "file_hash" |
| MUTEX | "mutex" |
| REGISTRY_KEY | "registry_key" |
| FILENAME | "filename" |
| "email" | |
| C2_ENDPOINT | "c2_endpoint" |
| USER_AGENT | "user_agent" |
| PEM_KEY | "pem_key" |
| SSH_KEY | "ssh_key" |
| NETWORK_PORT | "network_port" |
| JA3 | "ja3" |
| SSL_CERT_FINGERPRINT | "ssl_cert_fingerprint" |
| HTTP_HEADER | "http_header" |
| SERVICE | "service" |
| SCHEDULED_TASK | "scheduled_task" |
| PE_HEADER | "pe_header" |
| ENTROPY | "entropy" |
| OTHER | "other" |
| UNKNOWN_DEFAULT_OPEN_API | "unknown_default_open_api" |