In addition to the mitre_att metadata field already in this spec, there should also be mitre_mbc. This is a newer and more appropriare classification system for malware samples than ATT&CK framework. The capa project has aligned with MBC over the past year as well.
In addition to the
mitre_attmetadata field already in this spec, there should also bemitre_mbc. This is a newer and more appropriare classification system for malware samples than ATT&CK framework. The capa project has aligned with MBC over the past year as well.https://github.com/MBCProject/mbc-markdown/blob/master/yfaq/README.md