From 1d8bdc85d4a9d40b110328f8734ba85953a4ebe8 Mon Sep 17 00:00:00 2001 From: Jaume Martin Date: Tue, 6 Feb 2018 08:57:30 +0100 Subject: [PATCH] Index updated --- Antidebug_AntiVM_index.yar | 2 +- CVE_Rules_index.yar | 3 ++- Crypto_index.yar | 2 +- Exploit-Kits_index.yar | 2 +- Malicious_Documents_index.yar | 2 +- Mobile_Malware_index.yar | 3 ++- Packers_index.yar | 2 +- Webshells_index.yar | 2 +- email_index.yar | 2 +- index.yar | 6 +++++- index_w_mobile.yar | 7 ++++++- malware_index.yar | 5 ++++- 12 files changed, 26 insertions(+), 12 deletions(-) diff --git a/Antidebug_AntiVM_index.yar b/Antidebug_AntiVM_index.yar index 9e03edad..06f8e191 100644 --- a/Antidebug_AntiVM_index.yar +++ b/Antidebug_AntiVM_index.yar @@ -1,5 +1,5 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./Antidebug_AntiVM/antidebug_antivm.yar" diff --git a/CVE_Rules_index.yar b/CVE_Rules_index.yar index 34e02d44..082d5266 100644 --- a/CVE_Rules_index.yar +++ b/CVE_Rules_index.yar @@ -1,12 +1,13 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./CVE_Rules/CVE-2010-0887.yar" include "./CVE_Rules/CVE-2015-2426.yar" include "./CVE_Rules/CVE-2013-0074.yar" include "./CVE_Rules/CVE-2015-1701.yar" include "./CVE_Rules/CVE-2010-1297.yar" +include "./CVE_Rules/CVE-2018-4878.yar" include "./CVE_Rules/CVE-2013-0422.yar" include "./CVE_Rules/CVE-2017-11882.yar" include "./CVE_Rules/CVE-2015-5119.yar" diff --git a/Crypto_index.yar b/Crypto_index.yar index 2ae6d8a8..bc34ceea 100644 --- a/Crypto_index.yar +++ b/Crypto_index.yar @@ -1,5 +1,5 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./Crypto/crypto_signatures.yar" diff --git a/Exploit-Kits_index.yar b/Exploit-Kits_index.yar index 2f75e08c..aad1d623 100644 --- a/Exploit-Kits_index.yar +++ b/Exploit-Kits_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./Exploit-Kits/EK_Blackhole.yar" include "./Exploit-Kits/EK_ZeroAcces.yar" diff --git a/Malicious_Documents_index.yar b/Malicious_Documents_index.yar index e655b853..58f08fb2 100644 --- a/Malicious_Documents_index.yar +++ b/Malicious_Documents_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./Malicious_Documents/Maldoc_Dridex.yar" include "./Malicious_Documents/Maldoc_UserForm.yar" diff --git a/Mobile_Malware_index.yar b/Mobile_Malware_index.yar index 2fe90e8b..c96a8aff 100644 --- a/Mobile_Malware_index.yar +++ b/Mobile_Malware_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./Mobile_Malware/Android_Switcher.yar" include "./Mobile_Malware/Android_Dendroid_RAT.yar" @@ -9,6 +9,7 @@ include "./Mobile_Malware/Android_Malware_Towelroot.yar" include "./Mobile_Malware/Android_pornClicker.yar" include "./Mobile_Malware/Android_Banker_Acecard.yar" include "./Mobile_Malware/Android_mapin.yar" +include "./Mobile_Malware/Android_Polish_Bankbot.yar" include "./Mobile_Malware/Android_SlemBunk.yar" include "./Mobile_Malware/Android_FakeBank_Fanta.yar" include "./Mobile_Malware/Android_Marcher_2.yar" diff --git a/Packers_index.yar b/Packers_index.yar index 61e7520f..ae68014f 100644 --- a/Packers_index.yar +++ b/Packers_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./Packers/JJencode.yar" include "./Packers/packer.yar" diff --git a/Webshells_index.yar b/Webshells_index.yar index 7e25a48b..e089dbc8 100644 --- a/Webshells_index.yar +++ b/Webshells_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./Webshells/WShell_PHP_Anuna.yar" include "./Webshells/Wshell_ChineseSpam.yar" diff --git a/email_index.yar b/email_index.yar index a309b94c..8c9d567e 100644 --- a/email_index.yar +++ b/email_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./email/EMAIL_Cryptowall.yar" include "./email/image.yar" diff --git a/index.yar b/index.yar index f9009fe0..ab4fcd0b 100644 --- a/index.yar +++ b/index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./email/EMAIL_Cryptowall.yar" include "./email/image.yar" @@ -70,6 +70,7 @@ include "./malware/RAT_Cerberus.yar" include "./malware/APT_Grasshopper.yar" include "./malware/MALW_LostDoor.yar" include "./malware/APT_OpDustStorm.yar" +include "./malware/RAT_CrossRAT.yar" include "./malware/MALW_XOR_DDos.yar" include "./malware/RAT_xRAT.yar" include "./malware/APT_Ke3Chang_TidePool.yar" @@ -94,6 +95,7 @@ include "./malware/APT_LotusBlossom.yar" include "./malware/APT_APT1.yar" include "./malware/APT_Irontiger.yar" include "./malware/RANSOM_Comodosec.yar" +include "./malware/MALW_Monero_Miner_installer.yar" include "./malware/RAT_Nanocore.yar" include "./malware/TOOLKIT_PassTheHash.yar" include "./malware/MALW_LURK0.yar" @@ -136,6 +138,7 @@ include "./malware/APT_Sphinx_Moth.yar" include "./malware/MALW_IotReaper.yar" include "./malware/APT_Bluetermite_Emdivi.yar" include "./malware/APT_TradeSecret.yar" +include "./malware/APT_Turla_Neuron.yar" include "./malware/MALW_Hsdfihdf_banking.yar" include "./malware/MALW_LinuxHelios.yar" include "./malware/MALW_CAP_Win32Inet.yara" @@ -367,6 +370,7 @@ include "./CVE_Rules/CVE-2015-2426.yar" include "./CVE_Rules/CVE-2013-0074.yar" include "./CVE_Rules/CVE-2015-1701.yar" include "./CVE_Rules/CVE-2010-1297.yar" +include "./CVE_Rules/CVE-2018-4878.yar" include "./CVE_Rules/CVE-2013-0422.yar" include "./CVE_Rules/CVE-2017-11882.yar" include "./CVE_Rules/CVE-2015-5119.yar" diff --git a/index_w_mobile.yar b/index_w_mobile.yar index c06b2e11..b5a41b22 100644 --- a/index_w_mobile.yar +++ b/index_w_mobile.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./email/EMAIL_Cryptowall.yar" include "./email/image.yar" @@ -70,6 +70,7 @@ include "./malware/RAT_Cerberus.yar" include "./malware/APT_Grasshopper.yar" include "./malware/MALW_LostDoor.yar" include "./malware/APT_OpDustStorm.yar" +include "./malware/RAT_CrossRAT.yar" include "./malware/MALW_XOR_DDos.yar" include "./malware/RAT_xRAT.yar" include "./malware/APT_Ke3Chang_TidePool.yar" @@ -94,6 +95,7 @@ include "./malware/APT_LotusBlossom.yar" include "./malware/APT_APT1.yar" include "./malware/APT_Irontiger.yar" include "./malware/RANSOM_Comodosec.yar" +include "./malware/MALW_Monero_Miner_installer.yar" include "./malware/RAT_Nanocore.yar" include "./malware/TOOLKIT_PassTheHash.yar" include "./malware/MALW_LURK0.yar" @@ -136,6 +138,7 @@ include "./malware/APT_Sphinx_Moth.yar" include "./malware/MALW_IotReaper.yar" include "./malware/APT_Bluetermite_Emdivi.yar" include "./malware/APT_TradeSecret.yar" +include "./malware/APT_Turla_Neuron.yar" include "./malware/MALW_Hsdfihdf_banking.yar" include "./malware/MALW_LinuxHelios.yar" include "./malware/MALW_CAP_Win32Inet.yara" @@ -369,6 +372,7 @@ include "./Mobile_Malware/Android_Malware_Towelroot.yar" include "./Mobile_Malware/Android_pornClicker.yar" include "./Mobile_Malware/Android_Banker_Acecard.yar" include "./Mobile_Malware/Android_mapin.yar" +include "./Mobile_Malware/Android_Polish_Bankbot.yar" include "./Mobile_Malware/Android_SlemBunk.yar" include "./Mobile_Malware/Android_FakeBank_Fanta.yar" include "./Mobile_Malware/Android_Marcher_2.yar" @@ -428,6 +432,7 @@ include "./CVE_Rules/CVE-2015-2426.yar" include "./CVE_Rules/CVE-2013-0074.yar" include "./CVE_Rules/CVE-2015-1701.yar" include "./CVE_Rules/CVE-2010-1297.yar" +include "./CVE_Rules/CVE-2018-4878.yar" include "./CVE_Rules/CVE-2013-0422.yar" include "./CVE_Rules/CVE-2017-11882.yar" include "./CVE_Rules/CVE-2015-5119.yar" diff --git a/malware_index.yar b/malware_index.yar index d5b6ad0a..c70dec38 100644 --- a/malware_index.yar +++ b/malware_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 24-01-2018 +On 06-02-2018 */ include "./malware/MALW_Intel_Virtualization.yar" include "./malware/RANSOM_Alpha.yar" @@ -63,6 +63,7 @@ include "./malware/RAT_Cerberus.yar" include "./malware/APT_Grasshopper.yar" include "./malware/MALW_LostDoor.yar" include "./malware/APT_OpDustStorm.yar" +include "./malware/RAT_CrossRAT.yar" include "./malware/MALW_XOR_DDos.yar" include "./malware/RAT_xRAT.yar" include "./malware/APT_Ke3Chang_TidePool.yar" @@ -87,6 +88,7 @@ include "./malware/APT_LotusBlossom.yar" include "./malware/APT_APT1.yar" include "./malware/APT_Irontiger.yar" include "./malware/RANSOM_Comodosec.yar" +include "./malware/MALW_Monero_Miner_installer.yar" include "./malware/RAT_Nanocore.yar" include "./malware/TOOLKIT_PassTheHash.yar" include "./malware/MALW_LURK0.yar" @@ -129,6 +131,7 @@ include "./malware/APT_Sphinx_Moth.yar" include "./malware/MALW_IotReaper.yar" include "./malware/APT_Bluetermite_Emdivi.yar" include "./malware/APT_TradeSecret.yar" +include "./malware/APT_Turla_Neuron.yar" include "./malware/MALW_Hsdfihdf_banking.yar" include "./malware/MALW_LinuxHelios.yar" include "./malware/MALW_CAP_Win32Inet.yara"