signature-base

mirror of https://github.com/valitydev/signature-base.git synced 2024-11-06 18:15:20 +00:00

Author	SHA1	Message	Date
Florian Roth	c5f6212d46	New Mirai Sig	2019-11-14 08:37:41 +01:00
Florian Roth	ef711bf5a0	Improved NK CyberAgent rule	2019-11-06 20:41:04 +01:00
Florian Roth	1ef38a6f5e	APT Malware NK unknown https://www.virustotal.com/gui/user/CYBERCOM_Malware_Alert/comments	2019-11-06 20:23:17 +01:00
Florian Roth	a4e1fc222b	CS FPs	2019-11-06 13:52:59 +01:00
Florian Roth	7e20664bce	Dark Universe Hashes	2019-11-06 13:52:50 +01:00
Florian Roth	d013e5834b	C2 with it all hashes	2019-11-06 13:52:43 +01:00
Florian Roth	9729b0f794	Calypso APT	2019-11-01 09:05:14 +01:00
Florian Roth	53af347101	rule: BitPaymer	2019-10-30 08:43:57 +01:00
Florian Roth	03e2ff82b0	Double base64 encoded executables	2019-10-29 10:06:18 +01:00
Florian Roth	d26118570b	Reworked condition of DTRACK rule	2019-10-28 21:26:17 +01:00
Florian Roth	d5e867192c	DTRACK rule adjusted	2019-10-28 21:22:28 +01:00
Florian Roth	63378664f5	Reworked DTRACK rule	2019-10-28 21:06:36 +01:00
Florian Roth	bd6474b7c3	score adjusted	2019-10-28 20:38:50 +01:00
Florian Roth	c775e32091	DTRACK malware	2019-10-28 20:38:42 +01:00
Florian Roth	17e6f6ae80	rule: xored expressions MSDOS stub	2019-10-28 13:41:13 +01:00
Florian Roth	284229b854	rule: xor hunting Mozilla	2019-10-28 13:25:30 +01:00
Florian Roth	e5dfec4e2f	fix: fixed duplicate rule name	2019-10-26 15:06:00 +02:00
Florian Roth	72176969fa	adjusted Nick's URL persistence rules	2019-10-26 14:35:57 +02:00
Florian Roth	0728bf5d25	fix: fixed rule name	2019-10-24 17:52:07 +02:00
Florian Roth	c523ec8d63	fix: big false positive cleanup	2019-10-24 16:49:56 +02:00
Florian Roth	733ee7eb8a	New CobaltGang rule	2019-10-24 16:49:40 +02:00
Florian Roth	563cb2c5f5	Metasploit ShikataGaNai signature https://github.com/InQuest/yara-rules/blob/master/Hunting_Rule_ShikataGaNai.rule	2019-10-21 23:13:17 +02:00
Florian Roth	fd13d0ba7c	changed Neuron2 loader rule	2019-10-21 16:48:14 +02:00
Florian Roth	3018b3dcc0	Winnti MSSQL server backdoor IOCs	2019-10-21 16:46:23 +02:00
Florian Roth	b66c22e1ff	Neuron2 Loader	2019-10-21 16:46:10 +02:00
Florian Roth	f4e97d1237	docs: added reference links	2019-10-20 09:54:38 +02:00
Florian Roth	704a5d9c14	file-type-sigantures update	2019-10-20 09:54:16 +02:00
Florian Roth	c0ea5e3e8f	Renamed Python TCP reverse connect shell	2019-10-19 18:03:31 +02:00
Florian Roth	423865b39a	Suspicious WER files	2019-10-19 18:02:11 +02:00
Florian Roth	bbed6714a1	Merge pull request #79 from jbeley/master creation of Reverse_Connect_TCP_PTY_Shell rule	2019-10-19 17:59:27 +02:00
Florian Roth	d87f34cb92	fix: wrong escape char	2019-10-19 17:22:15 +02:00
Florian Roth	f86be3a784	fix: bugfix in rule - missing escape char	2019-10-19 17:21:47 +02:00
Florian Roth	9aee9fbe43	Improved / simplified rule	2019-10-19 17:20:00 +02:00
Jeff Beley	0479ade55c	creation of Reverse_Connect_TCP_PTY_Shell rule	2019-10-19 07:14:15 -05:00
Florian Roth	819c709a98	Operation Ghost Dukes Hash IOCs	2019-10-17 12:14:49 +02:00
Florian Roth	029c8915c5	APT41 DEADEYE hashes	2019-10-15 17:14:22 +02:00
Florian Roth	93e039f225	Winnti IOCs	2019-10-14 12:43:35 +02:00
Florian Roth	928418f97f	fix: FP with Wilted Tulip rule	2019-10-13 13:38:04 +02:00
Florian Roth	afed2dc7b8	new filename IOCs	2019-10-13 13:37:51 +02:00
Florian Roth	c33ff16c13	fix: filename IOC prone to FPs	2019-10-13 13:37:41 +02:00
Florian Roth	6b9ee44991	fix: fixed Trickbot rule set - missing pe	2019-10-04 16:28:05 +02:00
Florian Roth	cca4006da5	Trickbot YARA rules	2019-10-04 16:04:20 +02:00
Florian Roth	e37620fece	Emotet JS dropper	2019-10-04 16:04:08 +02:00
Florian Roth	75460e4d13	Suspicious PDB Path keywords	2019-10-04 16:02:16 +02:00
Florian Roth	7d08d01830	docs: changed descriptions	2019-10-04 16:02:05 +02:00
Florian Roth	a567b4932a	OSPPSVC Signature Anomaly	2019-09-30 15:27:24 +02:00
Florian Roth	f3d77c8694	fixed Codoso FP	2019-09-30 15:27:08 +02:00
Florian Roth	7cc37f5a65	Sofacy IOCs	2019-09-30 15:26:56 +02:00
Florian Roth	a9b693bab6	score updated for URL persistence rules	2019-09-25 18:59:11 +02:00
Florian Roth	799d0836b8	fix: reworked fucked up hatman rules	2019-09-25 16:37:39 +02:00

1 2 3 4 5 ...

1168 Commits