{
  "name": "MalwareClustering_Search",
  "version": "1.0",
  "author": "LDO-CERT",
  "url": "https://github.com/LDO-CERT/Cortex-Analyzers",
  "license": "AGPL-V3",
  "description": "Uses ApiVectors to find similarities between malware samples.",
  "dataTypeList": ["file", "hash"],
  "baseConfig": "MalwareClustering",
  "config": {
    "check_tlp": true,
    "service": "search",
    "max_tlp": 3
  },
  "command": "MalwareClustering/malwareclustering.py",
  "configurationItems": [
    {
      "name": "n4j_host",
      "description": "Neo4j server host",
      "type": "string",
      "multi": false,
      "required": true
    },
    {
      "name": "n4j_port",
      "description": "Neo4j server port",
      "type": "number",
      "multi": false,
      "required": true
    },
    {
      "name": "n4j_user",
      "description": "Neo4j server user",
      "type": "string",
      "multi": false,
      "required": true
    },
    {
      "name": "n4j_pwd",
      "description": "Neo4j server password",
      "type": "string",
      "multi": false,
      "required": true
    },
    {
      "name": "threshold",
      "description": "ApiScout correlation threshold",
      "type": "string",
      "multi": false,
      "required": true
    }
  ],
  "registration_required": false,
  "subscription_required": false,
  "free_subscription": false,
  "service_homepage": "",
  "screenshots": [
    {
      "path": "assets/MalwareCustering_long.png",
      "caption": "MalwareCustering long report sample"
    }
  ]
}