The AnalysisSystemType is intended to characterize any systems on which malware analysis is performed. It imports and extends version 2.0.1 of the CybOX System Object.
Field Name | Type | Description |
---|---|---|
@object_referenceoptional | QName |
The object_reference field specifies a unique ID reference to an Object defined elsewhere. This construct allows for the re-use of the defined Properties of one Object within another, without the need to embed the full Object in the location from which it is being referenced. Thus, this ID reference is intended to resolve to the Properties of the Object that it points to. |
Custom_Properties0..1 | CustomPropertiesType |
The Custom_Properties construct is optional and enables the specification of a set of custom Object Properties that may not be defined in existing Properties schemas. |
Available_Physical_Memory0..1 | UnsignedLongObjectPropertyType |
The Available_Physical_Memory field specifies the amount of physical memory available on the system, in bytes. |
BIOS_Info0..1 | BIOSInfoType |
The BIOS_Info field specifies information about the BIOS on the system. |
Date0..1 | DateObjectPropertyType |
The Date field specifies the current date on the system. |
Hostname0..1 | StringObjectPropertyType |
The Hostname field specifies the hostname of the system. |
Local_Time0..1 | TimeObjectPropertyType |
The Local_Time field specifies the local time on the system. |
Network_Interface_List0..1 | NetworkInterfaceListType |
The Network_Interface_List field specifies the list of network interfaces present on the system. |
OS0..1 | OSType |
The OS field specifies information about the operating system installed on the system. |
Processor0..1 | StringObjectPropertyType |
The Processor field specifies the name of the CPU used by the system. |
Processor_Architecture0..1 | ProcessorArchType |
The Processor_Architecture field specifies the specific architecture (e.g. x86) used by the CPU of the system. |
System_Time0..1 | TimeObjectPropertyType |
The System_Time field specifies the system, or hardware, time on the system. |
Timezone_DST0..1 | StringObjectPropertyType |
The Timezone_DST field specifies the time zone used by the system, taking daylight savings time (DST) into account. |
Timezone_Standard0..1 | StringObjectPropertyType |
The Timezone_Standard field specifies the time zone used by the system, without taking daylight savings time (DST) into account. |
Total_Physical_Memory0..1 | UnsignedLongObjectPropertyType |
The Total_Physical_Memory field specifies the total amount of physical memory present on the system, in bytes. |
Uptime0..1 | DurationObjectPropertyType |
The Uptime field specifies the duration that represents the current amount of time that the system has been up. |
Username0..1 | StringObjectPropertyType |
The Username field specifies the name of the user currently logged into the system. |
Installed_Programs0..1 | InstalledProgramsType |
The Installed_Programs field specifies the programs installed on the OS that was used to perform the analysis. This can be useful for clarifying the nature of the analysis environment, for instance for determining whether an exploited piece of software was present, as well as for specifying any tools that may have been installed. |