@mitre-attack/attack-data-model

import { z } from 'zod/v4'; declare const stixFileType: z.ZodString; declare const stixArtifactType: z.ZodString; declare const extensibleMalwareSchema: z.ZodObject<{ spec_version: z.ZodEnum<{ "2.0": "2.0"; 2.1: "2.1"; }>; created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">; modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ marking_ref: z.ZodString; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; created_by_ref: z.ZodString; description: z.ZodString; object_marking_refs: z.ZodArray<z.ZodString>; x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED"; "Network Devices": "Network Devices"; "Data Historian": "Data Historian"; "Google Workspace": "Google Workspace"; "Office Suite": "Office Suite"; ESXi: "ESXi"; "Identity Provider": "Identity Provider"; Containers: "Containers"; "Azure AD": "Azure AD"; "Engineering Workstation": "Engineering Workstation"; "Control Server": "Control Server"; "Human-Machine Interface": "Human-Machine Interface"; Windows: "Windows"; Linux: "Linux"; IaaS: "IaaS"; None: "None"; iOS: "iOS"; PRE: "PRE"; SaaS: "SaaS"; "Input/Output Server": "Input/Output Server"; macOS: "macOS"; Android: "Android"; "Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay"; Embedded: "Embedded"; }>>>; x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_aliases: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; aliases: z.ZodOptional<z.ZodArray<z.ZodString>>; id: z.ZodString; type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">; is_family: z.ZodBoolean; malware_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{ unknown: "unknown"; adware: "adware"; backdoor: "backdoor"; bot: "bot"; bootkit: "bootkit"; ddos: "ddos"; downloader: "downloader"; dropper: "dropper"; "exploit-kit": "exploit-kit"; keylogger: "keylogger"; ransomware: "ransomware"; "remote-access-trojan": "remote-access-trojan"; "resource-exploitation": "resource-exploitation"; "rogue-security-software": "rogue-security-software"; rootkit: "rootkit"; "screen-capture": "screen-capture"; spyware: "spyware"; trojan: "trojan"; virus: "virus"; webshell: "webshell"; wiper: "wiper"; worm: "worm"; }>>>; kill_chain_phases: z.ZodOptional<z.ZodArray<z.ZodObject<{ phase_name: z.ZodString; kill_chain_name: z.ZodEnum<{ "mitre-attack": "mitre-attack"; "mitre-mobile-attack": "mitre-mobile-attack"; "mitre-ics-attack": "mitre-ics-attack"; }>; }, z.core.$strict>>>; first_seen: z.ZodOptional<z.ZodISODateTime>; last_seen: z.ZodOptional<z.ZodISODateTime>; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_old_attack_id: z.ZodOptional<z.ZodString>; os_execution_envs: z.ZodOptional<z.ZodArray<z.ZodString>>; architecture_execution_envs: z.ZodOptional<z.ZodArray<z.ZodEnum<{ alpha: "alpha"; arm: "arm"; "ia-64": "ia-64"; mips: "mips"; powerpc: "powerpc"; sparc: "sparc"; x86: "x86"; "x86-64": "x86-64"; }>>>; implementation_languages: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "x86-64": "x86-64"; applescript: "applescript"; bash: "bash"; c: "c"; "c++": "c++"; "c#": "c#"; go: "go"; java: "java"; javascript: "javascript"; lua: "lua"; "objective-c": "objective-c"; perl: "perl"; php: "php"; powershell: "powershell"; python: "python"; ruby: "ruby"; scala: "scala"; swift: "swift"; typescript: "typescript"; "visual-basic": "visual-basic"; "x86-32": "x86-32"; }>>>; capabilities: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "accesses-remote-machines": "accesses-remote-machines"; "anti-debugging": "anti-debugging"; "anti-disassembly": "anti-disassembly"; "anti-emulation": "anti-emulation"; "anti-memory-forensics": "anti-memory-forensics"; "anti-sandbox": "anti-sandbox"; "anti-vm": "anti-vm"; "captures-input-peripherals": "captures-input-peripherals"; "captures-output-peripherals": "captures-output-peripherals"; "captures-system-state-data": "captures-system-state-data"; "cleans-traces-of-infection": "cleans-traces-of-infection"; "commits-fraud": "commits-fraud"; "communicates-with-c2": "communicates-with-c2"; "compromises-data-integrity": "compromises-data-integrity"; "compromises-data-availability": "compromises-data-availability"; "compromises-system-availability": "compromises-system-availability"; "controls-local-machine": "controls-local-machine"; "degrades-security-software": "degrades-security-software"; "degrades-system-updates": "degrades-system-updates"; "determines-c2-server": "determines-c2-server"; "emails-spam": "emails-spam"; "escalates-privileges": "escalates-privileges"; "evades-av": "evades-av"; "exfiltrates-data": "exfiltrates-data"; "fingerprints-host": "fingerprints-host"; "hides-artifacts": "hides-artifacts"; "hides-executing-code": "hides-executing-code"; "infects-files": "infects-files"; "infects-remote-machines": "infects-remote-machines"; "installs-other-components": "installs-other-components"; "persists-after-system-reboot": "persists-after-system-reboot"; "prevents-artifact-access": "prevents-artifact-access"; "prevents-artifact-deletion": "prevents-artifact-deletion"; "probes-network-environment": "probes-network-environment"; "self-modifies": "self-modifies"; "steals-authentication-credentials": "steals-authentication-credentials"; "violates-system-operational-integrity": "violates-system-operational-integrity"; }>>>; sample_refs: z.ZodOptional<z.ZodArray<z.ZodUnion<readonly [z.ZodString, z.ZodString]>>>; }, z.core.$strict>; declare const malwareSchema: z.ZodObject<{ spec_version: z.ZodEnum<{ "2.0": "2.0"; 2.1: "2.1"; }>; created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">; modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ marking_ref: z.ZodString; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; created_by_ref: z.ZodString; description: z.ZodString; object_marking_refs: z.ZodArray<z.ZodString>; x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED"; "Network Devices": "Network Devices"; "Data Historian": "Data Historian"; "Google Workspace": "Google Workspace"; "Office Suite": "Office Suite"; ESXi: "ESXi"; "Identity Provider": "Identity Provider"; Containers: "Containers"; "Azure AD": "Azure AD"; "Engineering Workstation": "Engineering Workstation"; "Control Server": "Control Server"; "Human-Machine Interface": "Human-Machine Interface"; Windows: "Windows"; Linux: "Linux"; IaaS: "IaaS"; None: "None"; iOS: "iOS"; PRE: "PRE"; SaaS: "SaaS"; "Input/Output Server": "Input/Output Server"; macOS: "macOS"; Android: "Android"; "Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay"; Embedded: "Embedded"; }>>>; x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_aliases: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; aliases: z.ZodOptional<z.ZodArray<z.ZodString>>; id: z.ZodString; type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">; is_family: z.ZodBoolean; malware_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{ unknown: "unknown"; adware: "adware"; backdoor: "backdoor"; bot: "bot"; bootkit: "bootkit"; ddos: "ddos"; downloader: "downloader"; dropper: "dropper"; "exploit-kit": "exploit-kit"; keylogger: "keylogger"; ransomware: "ransomware"; "remote-access-trojan": "remote-access-trojan"; "resource-exploitation": "resource-exploitation"; "rogue-security-software": "rogue-security-software"; rootkit: "rootkit"; "screen-capture": "screen-capture"; spyware: "spyware"; trojan: "trojan"; virus: "virus"; webshell: "webshell"; wiper: "wiper"; worm: "worm"; }>>>; kill_chain_phases: z.ZodOptional<z.ZodArray<z.ZodObject<{ phase_name: z.ZodString; kill_chain_name: z.ZodEnum<{ "mitre-attack": "mitre-attack"; "mitre-mobile-attack": "mitre-mobile-attack"; "mitre-ics-attack": "mitre-ics-attack"; }>; }, z.core.$strict>>>; first_seen: z.ZodOptional<z.ZodISODateTime>; last_seen: z.ZodOptional<z.ZodISODateTime>; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_old_attack_id: z.ZodOptional<z.ZodString>; os_execution_envs: z.ZodOptional<z.ZodArray<z.ZodString>>; architecture_execution_envs: z.ZodOptional<z.ZodArray<z.ZodEnum<{ alpha: "alpha"; arm: "arm"; "ia-64": "ia-64"; mips: "mips"; powerpc: "powerpc"; sparc: "sparc"; x86: "x86"; "x86-64": "x86-64"; }>>>; implementation_languages: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "x86-64": "x86-64"; applescript: "applescript"; bash: "bash"; c: "c"; "c++": "c++"; "c#": "c#"; go: "go"; java: "java"; javascript: "javascript"; lua: "lua"; "objective-c": "objective-c"; perl: "perl"; php: "php"; powershell: "powershell"; python: "python"; ruby: "ruby"; scala: "scala"; swift: "swift"; typescript: "typescript"; "visual-basic": "visual-basic"; "x86-32": "x86-32"; }>>>; capabilities: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "accesses-remote-machines": "accesses-remote-machines"; "anti-debugging": "anti-debugging"; "anti-disassembly": "anti-disassembly"; "anti-emulation": "anti-emulation"; "anti-memory-forensics": "anti-memory-forensics"; "anti-sandbox": "anti-sandbox"; "anti-vm": "anti-vm"; "captures-input-peripherals": "captures-input-peripherals"; "captures-output-peripherals": "captures-output-peripherals"; "captures-system-state-data": "captures-system-state-data"; "cleans-traces-of-infection": "cleans-traces-of-infection"; "commits-fraud": "commits-fraud"; "communicates-with-c2": "communicates-with-c2"; "compromises-data-integrity": "compromises-data-integrity"; "compromises-data-availability": "compromises-data-availability"; "compromises-system-availability": "compromises-system-availability"; "controls-local-machine": "controls-local-machine"; "degrades-security-software": "degrades-security-software"; "degrades-system-updates": "degrades-system-updates"; "determines-c2-server": "determines-c2-server"; "emails-spam": "emails-spam"; "escalates-privileges": "escalates-privileges"; "evades-av": "evades-av"; "exfiltrates-data": "exfiltrates-data"; "fingerprints-host": "fingerprints-host"; "hides-artifacts": "hides-artifacts"; "hides-executing-code": "hides-executing-code"; "infects-files": "infects-files"; "infects-remote-machines": "infects-remote-machines"; "installs-other-components": "installs-other-components"; "persists-after-system-reboot": "persists-after-system-reboot"; "prevents-artifact-access": "prevents-artifact-access"; "prevents-artifact-deletion": "prevents-artifact-deletion"; "probes-network-environment": "probes-network-environment"; "self-modifies": "self-modifies"; "steals-authentication-credentials": "steals-authentication-credentials"; "violates-system-operational-integrity": "violates-system-operational-integrity"; }>>>; sample_refs: z.ZodOptional<z.ZodArray<z.ZodUnion<readonly [z.ZodString, z.ZodString]>>>; }, z.core.$strict>; type Malware = z.infer<typeof extensibleMalwareSchema>; export { type Malware, extensibleMalwareSchema, malwareSchema, stixArtifactType, stixFileType };