Heads up! These docs are for STIX 1.1.1, which is not the latest version (1.2). View the latest!

EPJumpCodeTypeFile Object Schema

Specifies an entry-point jump code used by a packer.


Fields

Field Name Type Description
Depth0..1 IntegerObjectPropertyType

The frequency that a jump instruction is found to be immediately followed by another jump instruction within the PE(Portable Executable) entry point.

Opcodes0..1 StringObjectPropertyType

The hex value of the bytes located at the jump location for a relative jump identified in the PE(Portable Executable) entry point up to 10 bytes or the end of the RVA(Relative Virtual Address) section.