# Adding a New Sample to the Library

This option allows the user to add a new artifact to the Platform. To add a new sample to the library, follow the steps below: 

1. In the Threat Library tab select the "New Artifact" button at the top right.  
2. A form will open. Fill in all the fields with the information related to the sample. 

* <mark style="color:purple;">Platform:</mark> Here the user select the type of operating system for which the sample is intended (Windows or Linux). &#x20;

<mark style="color:purple;">Ext. Allowed</mark>&#x20;

When selecting this option, there is a "choose file" section where the user will have to choose which artifact to add to the Platform.&#x20;

<mark style="color:purple;">Artifact Report</mark>&#x20;

If the user have any document with more extensive or specific information about the artifact, it will be added at this point, in PDF format.&#x20;

<mark style="color:purple;">Severity</mark>&#x20;

Here the user select the threat level of the artifact to be added (Critical, High, Low, Midd, None, Zero-Day).&#x20;

<mark style="color:purple;">MITRE ATT\&CK Tactics</mark>&#x20;

Mitre's tactics and techniques, used in the specific artifact, are selected, which are a set of techniques used by the adversaries to achieve a specific aim. For more information see <https://attack.mitre.org/>.&#x20;

<mark style="color:purple;">Description</mark>&#x20;

Here the description of the artifact is assigned, i.e., what type of malware it is, what its malicious, suspicious, and informative behaviors are. &#x20;

<mark style="color:purple;">Show Options</mark> &#x20;

Selecting this function will enable more advanced options for the sample.&#x20;

* ATT\&CK Navigator URL: Here we can attach the MITRE link of the artifact.&#x20;
* Callback: This option is selected if the artifact or sample can send the callback to the remote server attack.&#x20;
* Force Network Cybersecurity: In this option the "manifests" of the encrypted artifacts are added.&#x20;

<mark style="color:purple;">Show Resolution Actions</mark>&#x20;

By selecting this function, we can add more artifact information, the network, Endpoint, and Callback resolution actions are added, which for artifacts loaded by EVE includes information such as their hashes or flags, string-based YARA Rule, and MITRE-based mitigations. Note that the user can add the own resolution actions to the samples the user load.&#x20;

3. Click on to save and load the sample to the library. The sample is now available for testing and/or emulation.&#x20;

&#x20;