valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-07 02:25:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
698 Commits 2 Branches 1 Tag 33 MiB
7a7181975f
Commit Graph

48 Commits

Author SHA1 Message Date
Florian Roth
7a7181975f NCCGroup Ghost RAT report 
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/decoding-network-data-from-a-gh0st-rat-variant/
 2018-04-23 19:31:39 +02:00
Florian Roth
7cec4f0426 Carbanak IOC FP with 7z.exe 2018-04-13 08:32:02 +02:00
Florian Roth
59aaf36901 TEMP.Persicope hash IOCs 2018-03-16 23:23:02 +01:00
Florian Roth
9f06d34539 Slingshot APT file hashes 
https://securelist.com/apt-slingshot/84312/
 2018-03-09 16:58:04 +01:00
Florian Roth
e9eac4fdc6
Merge pull request #25 from jantdm/patch-1 
Link broken
 2018-03-02 13:46:54 +01:00
Florian Roth
4bdcf3c64b Sofacy IOCs and YARA signature 2018-03-01 09:29:57 +01:00
Jan Tiedemann
786fe0bffb
Link broken 
Link to DCSO Apache Struts Vulns was broken (https://goo.gl/t4FKT5). Fixed that for you (https://goo.gl/7jGkpV).
 2018-02-28 20:44:59 +01:00
Florian Roth
c95a25cc72 Removed 0 byte file hashes 2018-02-13 11:36:21 +01:00
Florian Roth
9b5176b38b Dark Caracal Hashes 2018-01-23 17:06:18 +01:00
Florian Roth
a1627b46f2 False Positive Reduction 2018-01-22 08:44:49 +01:00
Florian Roth
cadbe73482 Hidden Cobra Hash IOCs 
https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity
 2017-12-26 01:09:29 +01:00
Florian Roth
e7020d1e59 Lazarus Group Hashes 
https://www.proofpoint.com/us/threat-insight/post/north-korea-bitten-bitcoin-bug-financially-motivated-campaigns-reveal-new
 2017-12-20 09:47:24 +01:00
Florian Roth
6ac7eff3ce Triton ICS malware hashes 
https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html
 2017-12-19 01:44:56 +01:00
Florian Roth
142e856eca Lazarus group malware hash IOCs 2017-12-16 13:17:33 +01:00
Florian Roth
2c1e768adc Charming Kitten Hash IOCs 2017-12-06 22:37:12 +01:00
Florian Roth
4c893df291 Carbanak Hash IOCs 2017-12-06 22:37:01 +01:00
Florian Roth
4755027693 US-CERT TA17-293A - Part 1 - Filename, Hash, C2 IOCs 
https://www.us-cert.gov/ncas/alerts/TA17-293A
 2017-10-21 16:26:07 +02:00
Florian Roth
75101b02ce Black Oasis IOCs 2017-10-19 09:30:40 +02:00
Florian Roth
ae643f78d9 FEIB Report - by BEA systems 
https://baesystemsai.blogspot.de/2017/10/taiwan-heist-lazarus-tools.html
 2017-10-17 08:31:59 +02:00
Florian Roth
6bd3d07baa More malicious CCleaner hashes 2017-09-18 16:20:17 +02:00
Florian Roth
4699b5d732 Malicious CCleaner versions 2017-09-18 15:56:08 +02:00
Florian Roth
ddefcaa510 Vulnerable Apache Struts versions by @DCSO_de @DCSO 
https://github.com/DCSO/vulninfos/tree/master/ApacheStrutsVulnerabilities
 2017-09-16 08:36:57 +02:00
Florian Roth
d776d65fdc Tick Report Hashes 2017-07-26 23:30:26 +02:00
Florian Roth
1f0cad89f1 Bugfixes and False Positive Reduction 2017-07-20 12:24:49 -06:00
Florian Roth
b6d157b0f1 Paranoid PlugX Hashes 2017-06-28 15:44:23 +02:00
Florian Roth
017241e881 Waterbear Hashes 2017-06-23 17:03:50 +02:00
Florian Roth
024e26df96 Hidden Cobra IOCs and YARA Sigs 2017-06-14 09:16:23 +02:00
Florian Roth
c9e26ccac5 Industroyer / CrashOverride IOCs (Filenames, Hashes) 2017-06-13 13:23:43 +02:00
Florian Roth
890c6f122b FireEye - EternalBlue Non-Wannacry attack 
https://www.fireeye.com/blog/threat-research/2017/05/threat-actors-leverage-eternalblue-exploit-to-deliver-non-wannacry-payloads.html
 2017-06-04 17:00:14 +02:00
Florian Roth
fec50df702 False Positives 2017-05-22 16:46:08 +02:00
msenturk
d3fe119760 wannacry hashes 2017-05-15 22:11:46 +03:00
Florian Roth
cbb45ab017 FP Hash DA5EE020BEF41DC95C3532CBAA1EA8F4 2017-05-12 15:48:50 +02:00
Florian Roth
af4b03df31 Vault7 Archimedes File Hashes 
https://wikileaks.org/vault7/document/#archimedes
 2017-05-05 15:14:29 +02:00
Florian Roth
2c84ae6371 Kazuar Hashes 2017-05-04 11:30:08 +02:00
Florian Roth
00b8270b65 Snake/Turla, FIN7, Kazuar 2017-05-04 11:28:03 +02:00
Florian Roth
adc742e6c3 US CERT Alert TA17-117A https://goo.gl/fZhL9H 2017-04-28 11:14:52 +02:00
Jonas Lejon
e5a69a304d Added APT10 / Cloud Hopper from the PwC report 2017-04-07 09:29:35 +02:00
Florian Roth
83daf31b8e Shamoon 2.0 2016-12-01 22:44:35 +01:00
Florian Roth
ad1adfb497 APT29 Post-Election Activity 2016-11-11 11:01:17 +01:00
Florian Roth
784a38464b Odinaff Hash IOCs 2016-10-13 09:40:36 +02:00
Florian Roth
e7dd247fa3 Signature Update October 2016 A 2016-10-09 11:33:29 +02:00
Florian Roth
dad52eb4a0 Symantec Strider IOCs and YARA Rules 2016-08-10 09:33:54 +02:00
Florian Roth
f10ecb5929 Project Sauron IOCs 2016-08-08 17:29:28 +02:00
Florian Roth
7a68156e21 Furtims Parent 
https://sentinelone.com/blogs/sfg-furtims-parent/
 2016-07-17 12:59:29 +02:00
Florian Roth
69f96e2011 Stuxnet Rules 
- YARA Rules
- Hash IOCs
 2016-07-11 19:48:03 +02:00
Florian Roth
a1927bb1e5 FoxIT Mofang IOCs and YARA Rules 
https://goo.gl/t3uUTG
 2016-06-15 18:58:10 +02:00
Florian Roth
f6dcff1e51 False Positive Reduction 2016-04-27 13:37:54 +02:00
Florian Roth
4d17221b65 First Signature Set 2016-02-15 10:22:28 +01:00