Submissions results API - Hard to get a malicious IOC list and the related attribution for each IOC

[GuillaumeCSekoia]

Is your feature request related to a problem? Please describe.
Yes the problem was initially describe on Discord here: https://discord.com/channels/908084610158714900/908717528082173983/1342448181107101757

Basically, it's very hard through the Ontology to retrieve all the "malicious" IOCs (score > 1000) from a submission and link them to different malware families.
There are parts of results in many different places, and not a single one contains all : (IOC, IOC_scoring, IOC_attribution)

Describe the solution you'd like

Not sure what the best place would be to perform that. But I would like to request an endpoint where I can have a result like this :

Here are all your malicious IOCs and their related attributions:
{tags: {network.static.uri: my_malicious_uri, attribution.family: MY_MALWARE_1}, {network.static.ip: my_malicious_ip, attribution.implant: MY_MALWARE_2}}

Hope that makes sense! :)

Describe alternatives you've considered
For the moment I use the record.results.signature combined with the heuristic to double check the IOCs and link them to malware.

Additional context