Giters

malpedia / feedback

Public Issue tracker to gather feedback for and allow discussions around Malpedia

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Malpedia OpenCTI connector fails to import due to missing STIX-Domain-Object

faustus25 opened this issue · comments

commented

Describe the bug
Malpedia connector for OpenCTI not working due to STIX issues

To Reproduce

INFO:root:Creating Identity {Malpedia}. INFO:root:starting Malpedia connector... INFO:root:current Malpedia version: 16218 INFO:root:loaded state: {} INFO:root:running importers INFO:root:running Knowledge importer with state: {} INFO:root:Reading Marking-Definition {marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9}. INFO:root:Reading Marking-Definition {marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da}. INFO:root:Reading Marking-Definition {marking-definition--f88d31f6-486f-44da-b317-01333bde0b82}. INFO:root:Reading Marking-Definition {marking-definition--5e57c739-391a-4eb3-b6be-7d15ca92d5ed}. INFO:root:Processing malware family: aix.fastcash INFO:root:Processing malware family: aix.fastcash INFO:root:Listing Malwares with filters [{"key": "name", "values": ["FastCash"]}]. INFO:root:Listing Malwares with filters [{"key": "aliases", "values": ["FastCash"]}]. INFO:root:Tag 'FastCash' does not reference malware INFO:root:Listing Malwares with filters [{"key": "name", "values": ["aix.fastcash"]}]. INFO:root:Listing Malwares with filters [{"key": "aliases", "values": ["aix.fastcash"]}]. INFO:root:Tag 'aix.fastcash' does not reference malware INFO:root:Reading Marking-Definition {marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9}. INFO:root:Creating Malware {FastCash}. INFO:root:Creating External Reference {Malpedia}. INFO:root:Adding External-Reference {ada1969f-477e-4c47-9b4e-a2e1cbc87c91} to Stix-Domain-Object {d1ca16b4-7653-4f19-b6e8-01ff523df348} ERROR:root:Cannot add the relation, Stix-Domain-Object cannot be found. ERROR:root:{'name': 'FunctionalError', 'message': 'Cannot add the relation, Stix-Domain-Object cannot be found.'}

Expected behavior
The STIX domain object should be available for each entity to be imported into OpenCTI.

Additional context
Running the latest version of OpenCTI.

commented

Hi!

Thanks for the notification about this issue!
We ourselves are not involved with the maintenance of the OpenCTI connector, so it's hard to tell what's going wrong there, especially since we didn't change any formats on our side.

I guess the more appropriate location to track this issue would be over at the OpenCTI connectors issue tracker.