Closed navtej closed 7 years ago
But if you get a sha256 and a sha-1 of something, which one will you keep?
Thanks for your suggestion. I agree on Aarons doubt from two days ago. In addition I'd like to remind of the discussion we had on the mailing list which provided different possibilities to keep track of the type.
I see currently harmonization provides
Can it be kept generic by providing two fields
where
malware.hash.type
can be one ofmd5, sha1, sha256, ssdeep, imphash
andmalware.hash.value
is astring