CAST128_CBC
encryption_algo_ov
Campaign
stix
ChaCha20
encryption_algo_ov
ChaCha20_Poly1305
encryption_algo_ov
CourseOfAction
stix
campaign
report_label_ov
can_escalate_privs
UserAccount
cc_refs
EmailMessage
characteristics_hex
WindowPEBinExt
checksum_hex
WindowPEOptionalHeaderType
child_refs
Process
class
identity_class_ov
club
attack_resource_level_ov
coercion
attack_motivation_ov
com
root
command_line
Process
comment
ArchiveFileExt
communications
industry_sector_ov
competitor
threat_actor_label_ov
compromised
indicator_label_ov
confidence
AttackPattern
Campaign
CourseOfAction
Identity
Indicator
IntrusionSet
Malware
ObservedData
Relationship
Report
SDO
SRO
Sighting
ThreatActor
Tool
Vulnerability
construction
industry_sector_ov
contact_information
Identity
contains_refs
ArchiveFileExt
Directory
File
content_disposition
EmailMimeType
content_ref
File
content_type
EmailMessage
EmailMimeType
contents
LanguageContent
contest
attack_resource_level_ov
identity_class_ov
count
Sighting
cpe
Software
created
AttackPattern
Campaign
CourseOfAction
Directory
File
Identity
Indicator
IntrusionSet
LanguageContent
Malware
MarkingDefinition
ObservedData
Process
Relationship
Report
SDO
SRO
Sighting
ThreatActor
Tool
Vulnerability
created_by_ref
AttackPattern
Campaign
CourseOfAction
Identity
Indicator
IntrusionSet
LanguageContent
Malware
MarkingDefinition
ObservedData
Relationship
Report
SDO
SRO
Sighting
ThreatActor
Tool
Vulnerability
creator_user_ref
Process
WindowsRegistryKey
credential_exploitation
tool_label_ov
crime_syndicate
threat_actor_label_ov
criminal
threat_actor_label_ov
crl_distribution_points
X509V3ExtenstionsType
cwd
Process