valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-07 02:25:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29 Commits 2 Branches 1 Tag 33 MiB
aad907f7ee
Commit Graph

29 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Florian Roth
aad907f7ee RTF Anti-Analysis 
http://decalage.info/rtf_tricks
 2016-04-13 00:51:44 +02:00
Florian Roth
62f3edda9f False Positives with Common File Sizes 2016-04-13 00:51:08 +02:00
Florian Roth
65bb44d764 APT6 Malware Signature 2016-04-09 12:55:32 +02:00
Florian Roth
dd4cb5d8a9 Linux Postscanner Shark 
- Replaced older hack tool rule that matched also on goodware
 2016-04-02 02:06:19 +02:00
Florian Roth
b632c0ddde Signature Update 
- Project M APT malware
- TempRacer Priv Esc Tool
- Winshells
 2016-04-01 16:51:30 +02:00
Florian Roth
26c66878b6 Petya Ransomware 2016-03-25 00:29:51 +01:00
Florian Roth
c820d24d95 OTX Update 2016-03-23 14:30:36 +01:00
Florian Roth
faed52d107 Merge pull request #1 from TKCERT/devel 
Decomposition of $hex_api_call in lsadump rule for Yara compatibility reasons
 2016-03-23 10:43:58 +01:00
Thomas Patzke
4f503dcb92 Decomposition of $hex_api_call in lsadump rule for Yara compatibility reasons 2016-03-23 10:29:05 +01:00
Florian Roth
7b2101bde0 False Positive with old mstsc 2016-03-23 10:05:57 +01:00
Florian Roth
681ed2c3f5 New OTX IOCs 2016-03-09 19:46:59 +01:00
Florian Roth
838cdbe318 Bugfix PSAttack Rule 2016-03-09 14:06:18 +01:00
Florian Roth
4d200832eb PSAttack Signature 2016-03-09 14:05:06 +01:00
Florian Roth
085572e77f New Signatures 2016-03-09 13:40:49 +01:00
Florian Roth
796c0f7c5a Update README.md 2016-03-01 14:37:51 +01:00
Florian Roth
8e4dec9f8d Derusbi ELF / Win32 Turbo Campaign 2016-02-29 20:32:42 +01:00
Florian Roth
02d2b41836 False Positives 
- software_reporter_tool.exe
https://www.virustotal.com/en/file/4d83a4250113aabc303b29c99c26da1decc85
e7866db1922dc312799dccb8302/analysis/
- spoolsv.exe anomaly
 2016-02-29 13:46:21 +01:00
Florian Roth
3215f8285a Removed False Positive 2016-02-23 19:18:31 +01:00
Florian Roth
813c5938ac Keywords 2016-02-19 18:31:06 +01:00
Florian Roth
3da4a289e5 Locky Ransomware 2016-02-17 18:03:58 +01:00
Florian Roth
e923b8d0db OTX Signatures Update 17.02.2016 
- Also removed sublime-workspace file
 2016-02-17 10:21:26 +01:00
Florian Roth
39787aaefa Added File Type Signatures 2016-02-15 21:15:25 +01:00
Florian Roth
64b304b5ea Ignore 2016-02-15 20:56:53 +01:00
Florian Roth
b9ec884dab Updated README 2016-02-15 20:53:36 +01:00
Florian Roth
59b69445a5 Update README.md 2016-02-15 20:52:33 +01:00
Florian Roth
3a61922ceb signatures > yara 2016-02-15 12:31:27 +01:00
Florian Roth
87eb57eaac Updated README 2016-02-15 12:13:20 +01:00
Florian Roth
4d17221b65 First Signature Set 2016-02-15 10:22:28 +01:00
Florian Roth
d96f9a4eb8 Initial commit 2016-02-15 10:16:53 +01:00