The MalwareEntityType provides a Capability for characterizing the particular entity that an indicator or signature is written against, whether it is a particular malware instance, family, etc.
| Field Name | Type | Description |
|---|---|---|
| Type0..1 | ControlledVocabularyStringType |
The Type field refers to the specific type of malware entity that the indicator or signature is written against. This field is implemented through the xsi:type controlled vocabulary extension Capability. The default vocabulary type is MalwareEntityTypeVocab-1.0 in the http://maec.mitre.org/default_vocabularies-1 namespace. This type is defined in the maec_default_vocabularies.xsd file or at the URL http://maec.mitre.org/XMLSchema/default_vocabularies/1.0.0/maec_default_vocabularies.xsd. |
| Name0..1 | string |
The Name field refers to the name of the malware instance, malware family, or malware class that the indicator or signature is written against. |
| Description0..1 | string |
The Description field is intended to provide a brief description of the entity that the indicator or signature is written against. |
