Open karenyousefi opened 3 months ago
Thanks for the contribution, maybe extending the existing object https://github.com/MISP/misp-objects/tree/main/objects/android-app would do the job?
after carefully reviewing both the existing android-app object and the object I have designed, I believe that the additional attributes and features provided by my object offer enhanced capabilities for malware analysis. my object includes a wider range of hashes (such as SHA-224, SHA-384), fuzzy hashes (ssdeep and tlsh), and other metadata crucial for comprehensive analysis. by incorporating these additional attributes, my object can provide a more detailed and comprehensive description of Android applications, particularly for malware analysis purposes. therefore, I believe that approving the proposed changes to extend the android-app object would be beneficial for enriching the capabilities of MISP in handling Android malware-related data.
@gallypette if you have feedback or idea to merge the two objects, let me know.
Apk object describing a file with meta-information