Version 1.01 (Archive)

This page provides information on the current release of the MAEC Language. All information about the current release is included in this centralized location. The major highlights of the release so far are listed below:

  • Initial release.
  • Focused on standardizing results of dynamic malware analysis engines.
  • Although we attempted to incorporate elements relevant to multiple forms of action implementation, in terms of coverage we focused primarily on the types of data that are reported by today’s dynamic malware analysis tools. Note that although much of the high level structure here will remain unchanged, we envision that many structures, especially with regards to object and action attributes will go through much iteration.

All items in this release remain open for discussion and any comments or feedback is greatly appreciated. Please see the schema or schema documentation for more information.

Downloads

Includes downloads for the Version 1.01 Schema, Version 1.01 Example Files, and Version 1.01 Prototypes.

KEY

  • Complete Schema — has all documentation embedded.
  • Documentation html — element dictionaries, which users can elect to view in a browser or save.
  • All files zip — all files zipped together to allow for one simple download.
  • xsd/xml — a user can either right click to download the file or left click to open the file in their default viewer.

MAEC Schema Downloads

File Name Complete Schema Documentation
MAEC Core xsd html

MAEC Example Content Downloads

File Name XML
All Files zip
Email Harvesting Behavior/Actions xml
Service Disabling Behavior/Actions xml
Malicious PDF Analysis (Wepawet) xml
Malicious URL Analysis (Wepawet) xml

MAEC Prototype Downloads

File Name Complete Schema
All Files zip
Back to top

Page Last Updated: April 25, 2013