valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-06 18:15:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
878 Commits 2 Branches 1 Tag 33 MiB
a694d81eee
Commit Graph

206 Commits

Author SHA1 Message Date
Florian Roth
a694d81eee Cold River Filename IOCs 2019-01-16 18:57:40 +01:00
Florian Roth
baaa280ee0 False Positive Hash 2019-01-13 09:35:17 +01:00
Florian Roth
c3b87a7be2 Filename IOC adjusted 2019-01-07 13:27:50 +01:00
Florian Roth
5710d22af2 APT10 IOCs - all publicly available IOCs from AlienVault OTX 2018-12-28 12:38:08 +01:00
Florian Roth
37582f20d3 Removed duplicates that appear 3 times in list 2018-12-13 14:25:24 +01:00
Florian Roth
80a090685d False Positive Reduction and Cleanup 2018-12-11 15:08:39 +01:00
Florian Roth
5dfc61f909 MuddyWater Filename IOCs 
https://securelist.com/muddywater/88059/
 2018-10-10 16:31:09 +02:00
Florian Roth
ce17d9ab65 False Positive Reduction 2018-10-10 16:30:08 +02:00
Florian Roth
7d6104c467 Lucky Mouse Driver Hash IOCs 2018-09-11 13:34:27 +02:00
Florian Roth
eed7fcdf4c False Positive Reduction 2018-09-11 13:34:14 +02:00
Florian Roth
c3294a822b Lazarus - Operation Applejeus Filename IOCs 
https://securelist.com/operation-applejeus/87553/
 2018-08-24 12:07:00 +02:00
Florian Roth
479f69360c Turla Outlook Backdoor Filename IOCs 
https://www.welivesecurity.com/2018/08/22/turla-unique-outlook-backdoor/
 2018-08-22 15:42:31 +02:00
Florian Roth
5bffe6fdc3 Activating one 3rd gen filename IOC 2018-08-22 11:10:21 +02:00
Florian Roth
0d86920779 Insikt Report Filename IOC 2018-08-21 10:58:58 +02:00
Florian Roth
0e7dc3ce9b Consolidated Adwind filename IOCs 2018-08-15 12:36:41 +02:00
Florian Roth
d600b2285d False Positive 
https://github.com/Neo23x0/signature-base/issues/41
 2018-08-04 15:04:42 +02:00
Florian Roth
2ef79d11fa fixed typo 2018-08-02 15:47:58 +02:00
Florian Roth
52dec17214 False Positive Reduction 2018-08-02 11:50:43 +02:00
Florian Roth
0593885c67 False Positive Reduction 2018-07-27 13:25:10 +02:00
Florian Roth
2c2cadaf80 fix: wget false positive 2018-07-08 11:22:09 -06:00
Florian Roth
66aa4e2de6 False Positive Reduction 2018-07-06 16:07:13 -06:00
Florian Roth
5f87e74c00 Tick Weaponized USB 2018-06-24 22:44:11 +02:00
Florian Roth
66eb62b311 LuckyMouse filename IOCs 2018-06-16 17:39:14 +02:00
Florian Roth
c0bd89425d False Positive Reduction 2018-06-10 20:16:00 +02:00
Florian Roth
7900b0b69a QRAT filename IOCs 2018-06-08 21:11:50 +02:00
Florian Roth
be2315b3cf False Positive Reduction 2018-06-08 21:11:39 +02:00
Florian Roth
7453558356 False Positive Hash 2018-05-29 14:22:28 +02:00
Florian Roth
cc63f0b120 File names found in Alina PoS malware 2018-05-29 14:22:08 +02:00
Florian Roth
abad2025a7 Patchwork hash IOCs 2018-05-20 18:49:45 +02:00
Florian Roth
d8d0a753f1 Ocean Lotus Report by Tencent 
https://s.tencent.com/research/report/471.html
 2018-05-03 10:42:28 +02:00
Florian Roth
defc966d74 Fancy Bear Lojack Double Agent Hashes & YARA rule 
https://asert.arbornetworks.com/lojack-becomes-a-double-agent/
 2018-05-02 10:41:35 +02:00
Florian Roth
525c25703c Hogfish Redleaves Threat Analysis 
https://www.accenture.com/t20180423T055005Z__w__/se-en/_acnmedia/PDF-76/Accenture-Hogfish-Threat-Analysis.pdf
 2018-05-01 21:19:04 +02:00
Florian Roth
f77db67203 Malicious sample filename IOCs 2018-05-01 21:18:33 +02:00
Florian Roth
fa605df675 False Positive Reduction 2018-05-01 21:17:00 +02:00
Florian Roth
abdc494d13 False Positive Reduction 2018-04-26 23:19:13 +02:00
Florian Roth
b2448ab324 Orange Work IOCs 
https://www.symantec.com/blogs/threat-intelligence/orangeworm-targets-healthcare-us-europe-asia
 2018-04-23 19:31:39 +02:00
Florian Roth
d4c0cb4488 Energetic Bear Hash IOCs 2018-04-23 19:31:39 +02:00
Florian Roth
7a7181975f NCCGroup Ghost RAT report 
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/decoding-network-data-from-a-gh0st-rat-variant/
 2018-04-23 19:31:39 +02:00
Florian Roth
7cec4f0426 Carbanak IOC FP with 7z.exe 2018-04-13 08:32:02 +02:00
Florian Roth
b1641ee954 New and modified filename IOCs 2018-04-12 19:41:54 +02:00
Florian Roth
31d072c72b Filename IOCs PrivEsc tools 2018-04-06 12:45:37 +02:00
Florian Roth
44b2424435 False Positive Reduction 2018-04-06 12:45:37 +02:00
Florian Roth
525bb2d361 False Positive Reduction 2018-03-22 00:17:41 +01:00
Florian Roth
59aaf36901 TEMP.Persicope hash IOCs 2018-03-16 23:23:02 +01:00
Florian Roth
a6e46b9b4a TA18-074A filename IOCs 2018-03-16 23:22:44 +01:00
Florian Roth
d37c5f6b98 False Positive 
https://github.com/Neo23x0/Loki/issues/101#issuecomment-373337359
 2018-03-15 12:36:37 +01:00
Florian Roth
9f06d34539 Slingshot APT file hashes 
https://securelist.com/apt-slingshot/84312/
 2018-03-09 16:58:04 +01:00
Florian Roth
d99e4b859e NSA’s perspective on APT landscape - file name IOCs 
https://blog.crysys.hu/2018/03/territorial-dispute-nsas-perspective-on-apt-landscape/
 2018-03-09 15:30:19 +01:00
Florian Roth
51f7b978a1 FinFisher IOCs 2018-03-02 17:04:34 +01:00
Florian Roth
e9eac4fdc6
Merge pull request #25 from jantdm/patch-1 
Link broken
 2018-03-02 13:46:54 +01:00