Skip to content

Commit

Permalink
Merge pull request #2864 from eugene7646/tsk_malware_artifact_2471
Browse files Browse the repository at this point in the history 
Added TSK_MALWARE to standard TSK artifacts (AUT-2471)
  • Loading branch information
@bcarrier
bcarrier committed Aug 29, 2023
2 parents 74b9fd5 + 1a03134 commit b42c1cf
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 2 deletions.
15 changes: 13 additions & 2 deletions bindings/java/src/org/sleuthkit/datamodel/BlackboardArtifact.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1396,6 +1396,11 @@ public static final class Type implements Serializable {
* interesting.
*/
public static final Type TSK_INTERESTING_ITEM = new BlackboardArtifact.Type(72, "TSK_INTERESTING_ITEM", bundle.getString("BlackboardArtifact.tskInterestingItem.text"), Category.ANALYSIS_RESULT);

/**
* Malware artifact.
*/
public static final Type TSK_MALWARE = new BlackboardArtifact.Type(73, "TSK_MALWARE", bundle.getString("BlackboardArtifact.tskMalware.text"), Category.ANALYSIS_RESULT);
/*
* IMPORTANT!
*
Expand Down Expand Up @@ -1475,7 +1480,8 @@ public static final class Type implements Serializable {
TSK_PREVIOUSLY_SEEN,
TSK_PREVIOUSLY_UNSEEN,
TSK_PREVIOUSLY_NOTABLE,
TSK_INTERESTING_ITEM
TSK_INTERESTING_ITEM,
TSK_MALWARE
).collect(Collectors.toMap(type -> type.getTypeID(), type -> type)));

private final String typeName;
Expand Down Expand Up @@ -2001,7 +2007,12 @@ public enum ARTIFACT_TYPE implements SleuthkitVisitableItem {
* interesting.
*/
TSK_INTERESTING_ITEM(72, "TSK_INTERESTING_ITEM", //NON-NLS
bundle.getString("BlackboardArtifact.tskInterestingItem.text"), Category.ANALYSIS_RESULT);
bundle.getString("BlackboardArtifact.tskInterestingItem.text"), Category.ANALYSIS_RESULT),
/**
* Malware artifact.
*/
TSK_MALWARE(73, "TSK_MALWARE", //NON-NLS
bundle.getString("BlackboardArtifact.tskMalware.text"), Category.ANALYSIS_RESULT);
/*
* IMPORTANT!
*
Expand Down
1 change: 1 addition & 0 deletions bindings/java/src/org/sleuthkit/datamodel/Bundle.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ BlackboardArtifact.tskPreviouslySeen.text=Previously Seen
BlackboardArtifact.tskPreviouslyUnseen.text=Previously Unseen
BlackboardArtifact.tskPreviouslyNotable.text=Previously Notable
BlackboardArtifact.tskInterestingItem.text=Interesting Items
BlackboardArtifact.tskMalware.text=Malware
BlackboardArtifact.tskYaraHit.text=YARA Hit
BlackboardArtifact.tskGPSArea.text=GPS Area
BlackboardAttribute.tskAccountType.text=Account Type
Expand Down
5 changes: 5 additions & 0 deletions bindings/java/src/org/sleuthkit/datamodel/Bundle.properties-MERGED
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ BlackboardArtifact.tskPreviouslySeen.text=Previously Seen
BlackboardArtifact.tskPreviouslyUnseen.text=Previously Unseen
BlackboardArtifact.tskPreviouslyNotable.text=Previously Notable
BlackboardArtifact.tskInterestingItem.text=Interesting Items
BlackboardArtifact.tskMalware.text=Malware
BlackboardArtifact.tskYaraHit.text=YARA Hit
BlackboardArtifact.tskGPSArea.text=GPS Area
BlackboardAttribute.tskAccountType.text=Account Type
Expand Down Expand Up @@ -250,8 +251,10 @@ SleuthkitCase.addLocalFile.exception.msg1.text=Error adding local file\: {0}, pa
SleuthkitCase.addLocalFile.exception.msg2.text=Error creating a local file, cannot get new id of the object, file name\: {0}
SleuthkitCase.addLocalFile.exception.msg3.text=Error creating a derived file, file name\: {0}
SleuthkitCase.getLastObjectId.exception.msg.text=Error closing result set after getting last object id.
TskData.tskFsNameFlagEnum.unknown=Unknown
TskData.tskFsNameFlagEnum.allocated=Allocated
TskData.tskFsNameFlagEnum.unallocated=Unallocated
TskData.tskFsMetaFlagEnum.unknown=Unknown
TskData.tskFsMetaFlagEnum.allocated=Allocated
TskData.tskFsMetaFlagEnum.unallocated=Unallocated
TskData.tskFsMetaFlagEnum.used=Used
Expand Down Expand Up @@ -282,6 +285,7 @@ TskData.fileKnown.known=known
TskData.fileKnown.knownBad=notable
TskData.fileKnown.exception.msg1.text=No FileKnown of value\: {0}
TskData.encodingType.exception.msg1.text=No EncodingType of value\: {0}
TskData.collectedStatus.exception.msg1.text=No CollectedStatus of value\: {0}
TskData.keywordSearchQueryType.exception.msg1.text=No KeywordSearchQueryType of value\: {0}
TskData.tskDbFilesTypeEnum.exception.msg1.text=No TSK_FILE_TYPE_ENUM of value\: {0}
TskData.objectTypeEnum.exception.msg1.text=No ObjectType of value\: {0}
Expand Down Expand Up @@ -394,6 +398,7 @@ OsAccountStatus.Unknown.text=Unknown
OsAccountStatus.Active.text=Active
OsAccountStatus.Disabled.text=Disabled
OsAccountStatus.Deleted.text=Deleted
OsAccountStatus.NonExistent.text=Non Existent
OsAccountType.Unknown.text=Unknown
OsAccountType.Service.text=Service
OsAccountType.Interactive.text=Interactive
Expand Down

0 comments on commit b42c1cf

Please sign in to comment.