From 53b8efd9e44f8ed5966d9725a078f86434db3737 Mon Sep 17 00:00:00 2001 From: Jaume Martin Date: Tue, 10 Oct 2017 23:18:18 +0200 Subject: [PATCH] Index regenerated --- Antidebug_AntiVM_index.yar | 2 +- CVE_Rules_index.yar | 2 +- Crypto_index.yar | 2 +- Exploit-Kits_index.yar | 2 +- Malicious_Documents_index.yar | 3 ++- Mobile_Malware_index.yar | 2 +- Packers_index.yar | 2 +- Webshells_index.yar | 2 +- email_index.yar | 2 +- index.yar | 7 +++++-- index_w_mobile.yar | 7 +++++-- malware_index.yar | 6 ++++-- 12 files changed, 24 insertions(+), 15 deletions(-) diff --git a/Antidebug_AntiVM_index.yar b/Antidebug_AntiVM_index.yar index a4f884b0..1cb52a1f 100644 --- a/Antidebug_AntiVM_index.yar +++ b/Antidebug_AntiVM_index.yar @@ -1,5 +1,5 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Antidebug_AntiVM/antidebug_antivm.yar" diff --git a/CVE_Rules_index.yar b/CVE_Rules_index.yar index 8fcab78a..2d88df54 100644 --- a/CVE_Rules_index.yar +++ b/CVE_Rules_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./CVE_Rules/CVE-2010-0805.yar" include "./CVE_Rules/CVE-2010-0887.yar" diff --git a/Crypto_index.yar b/Crypto_index.yar index ea4e3197..853cd4e0 100644 --- a/Crypto_index.yar +++ b/Crypto_index.yar @@ -1,5 +1,5 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Crypto/crypto_signatures.yar" diff --git a/Exploit-Kits_index.yar b/Exploit-Kits_index.yar index 19c9ea3e..0dfb8631 100644 --- a/Exploit-Kits_index.yar +++ b/Exploit-Kits_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Exploit-Kits/EK_Angler.yar" include "./Exploit-Kits/EK_Blackhole.yar" diff --git a/Malicious_Documents_index.yar b/Malicious_Documents_index.yar index 89a5cd01..3eca0734 100644 --- a/Malicious_Documents_index.yar +++ b/Malicious_Documents_index.yar @@ -1,10 +1,11 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar" include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar" include "./Malicious_Documents/Maldoc_CVE-2017-0199.yar" +include "./Malicious_Documents/Maldoc_CVE_2017_8759.yar" include "./Malicious_Documents/Maldoc_Dridex.yar" include "./Malicious_Documents/Maldoc_Hidden_PE_file.yar" include "./Malicious_Documents/Maldoc_malrtf_ole2link.yar" diff --git a/Mobile_Malware_index.yar b/Mobile_Malware_index.yar index cc7494e6..0876fe60 100644 --- a/Mobile_Malware_index.yar +++ b/Mobile_Malware_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Mobile_Malware/Android_adware.yar" include "./Mobile_Malware/Android_AliPay_smsStealer.yar" diff --git a/Packers_index.yar b/Packers_index.yar index f5a372dd..5beb2247 100644 --- a/Packers_index.yar +++ b/Packers_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Packers/Javascript_exploit_and_obfuscation.yar" include "./Packers/JJencode.yar" diff --git a/Webshells_index.yar b/Webshells_index.yar index 5ae076fb..36bcfec5 100644 --- a/Webshells_index.yar +++ b/Webshells_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Webshells/WShell_APT_Laudanum.yar" include "./Webshells/Wshell_ChineseSpam.yar" diff --git a/email_index.yar b/email_index.yar index 28a8530b..5a5b8207 100644 --- a/email_index.yar +++ b/email_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./email/attachment.yar" include "./email/bank_rule.yar" diff --git a/index.yar b/index.yar index 2a37c2ba..14f164c4 100644 --- a/index.yar +++ b/index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Antidebug_AntiVM/antidebug_antivm.yar" include "./Crypto/crypto_signatures.yar" @@ -36,6 +36,7 @@ include "./Exploit-Kits/EK_Zeus.yar" include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar" include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar" include "./Malicious_Documents/Maldoc_CVE-2017-0199.yar" +include "./Malicious_Documents/Maldoc_CVE_2017_8759.yar" include "./Malicious_Documents/Maldoc_Dridex.yar" include "./Malicious_Documents/Maldoc_Hidden_PE_file.yar" include "./Malicious_Documents/Maldoc_malrtf_ole2link.yar" @@ -74,6 +75,7 @@ include "./malware/APT_Equation.yar" include "./malware/APT_EQUATIONGRP.yar" include "./malware/APT_fancybear_dnc.yar" include "./malware/APT_fancybear_downdelph.yar" +include "./malware/APT_FIN7.yar" include "./malware/APT_FiveEyes.yar" include "./malware/APT_furtim.yar" include "./malware/APT_FVEY_ShadowBrokers_Jan17_Screen_Strings.yar" @@ -130,12 +132,12 @@ include "./malware/APT_Winnti.yar" include "./malware/APT_WoolenGoldfish.yar" include "./malware/EXPERIMENTAL_Beef.yar" include "./malware/GEN_PowerShell.yar" -include "./malware/MALW_AdGholas.yar" include "./malware/MALW_adwind_RAT.yar" include "./malware/MALW_Alina.yar" include "./malware/MALW_Andromeda.yar" include "./malware/MALW_Athena.yar" include "./malware/MALW_Atmos.yar" +include "./malware/MALW_AZORult.yar" include "./malware/MALW_BackdoorSSH.yar" include "./malware/MALW_Backoff.yar" include "./malware/MALW_Bangat.yar" @@ -221,6 +223,7 @@ include "./malware/MALW_Ponmocup.yar" include "./malware/MALW_Pony.yar" include "./malware/MALW_PubSab.yar" include "./malware/MALW_Pyinstaller.yar" +include "./malware/MALW_PyPI.yar" include "./malware/MALW_Quarian.yar" include "./malware/MALW_Regsubdat.yar" include "./malware/MALW_Retefe.yar" diff --git a/index_w_mobile.yar b/index_w_mobile.yar index 9abe2742..234cf78f 100644 --- a/index_w_mobile.yar +++ b/index_w_mobile.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./Antidebug_AntiVM/antidebug_antivm.yar" include "./Crypto/crypto_signatures.yar" @@ -36,6 +36,7 @@ include "./Exploit-Kits/EK_Zeus.yar" include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar" include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar" include "./Malicious_Documents/Maldoc_CVE-2017-0199.yar" +include "./Malicious_Documents/Maldoc_CVE_2017_8759.yar" include "./Malicious_Documents/Maldoc_Dridex.yar" include "./Malicious_Documents/Maldoc_Hidden_PE_file.yar" include "./Malicious_Documents/Maldoc_malrtf_ole2link.yar" @@ -74,6 +75,7 @@ include "./malware/APT_Equation.yar" include "./malware/APT_EQUATIONGRP.yar" include "./malware/APT_fancybear_dnc.yar" include "./malware/APT_fancybear_downdelph.yar" +include "./malware/APT_FIN7.yar" include "./malware/APT_FiveEyes.yar" include "./malware/APT_furtim.yar" include "./malware/APT_FVEY_ShadowBrokers_Jan17_Screen_Strings.yar" @@ -130,12 +132,12 @@ include "./malware/APT_Winnti.yar" include "./malware/APT_WoolenGoldfish.yar" include "./malware/EXPERIMENTAL_Beef.yar" include "./malware/GEN_PowerShell.yar" -include "./malware/MALW_AdGholas.yar" include "./malware/MALW_adwind_RAT.yar" include "./malware/MALW_Alina.yar" include "./malware/MALW_Andromeda.yar" include "./malware/MALW_Athena.yar" include "./malware/MALW_Atmos.yar" +include "./malware/MALW_AZORult.yar" include "./malware/MALW_BackdoorSSH.yar" include "./malware/MALW_Backoff.yar" include "./malware/MALW_Bangat.yar" @@ -221,6 +223,7 @@ include "./malware/MALW_Ponmocup.yar" include "./malware/MALW_Pony.yar" include "./malware/MALW_PubSab.yar" include "./malware/MALW_Pyinstaller.yar" +include "./malware/MALW_PyPI.yar" include "./malware/MALW_Quarian.yar" include "./malware/MALW_Regsubdat.yar" include "./malware/MALW_Retefe.yar" diff --git a/malware_index.yar b/malware_index.yar index 78897f28..c08f93d2 100644 --- a/malware_index.yar +++ b/malware_index.yar @@ -1,6 +1,6 @@ /* Generated by Yara-Rules -On 13-09-2017 +On 10-10-2017 */ include "./malware/APT_APT1.yar" include "./malware/APT_APT10.yar" @@ -31,6 +31,7 @@ include "./malware/APT_Equation.yar" include "./malware/APT_EQUATIONGRP.yar" include "./malware/APT_fancybear_dnc.yar" include "./malware/APT_fancybear_downdelph.yar" +include "./malware/APT_FIN7.yar" include "./malware/APT_FiveEyes.yar" include "./malware/APT_furtim.yar" include "./malware/APT_FVEY_ShadowBrokers_Jan17_Screen_Strings.yar" @@ -87,12 +88,12 @@ include "./malware/APT_Winnti.yar" include "./malware/APT_WoolenGoldfish.yar" include "./malware/EXPERIMENTAL_Beef.yar" include "./malware/GEN_PowerShell.yar" -include "./malware/MALW_AdGholas.yar" include "./malware/MALW_adwind_RAT.yar" include "./malware/MALW_Alina.yar" include "./malware/MALW_Andromeda.yar" include "./malware/MALW_Athena.yar" include "./malware/MALW_Atmos.yar" +include "./malware/MALW_AZORult.yar" include "./malware/MALW_BackdoorSSH.yar" include "./malware/MALW_Backoff.yar" include "./malware/MALW_Bangat.yar" @@ -178,6 +179,7 @@ include "./malware/MALW_Ponmocup.yar" include "./malware/MALW_Pony.yar" include "./malware/MALW_PubSab.yar" include "./malware/MALW_Pyinstaller.yar" +include "./malware/MALW_PyPI.yar" include "./malware/MALW_Quarian.yar" include "./malware/MALW_Regsubdat.yar" include "./malware/MALW_Retefe.yar"