Skip to content

R
rules
Commit 863a3fef by Xumeiquer
Options

Fixing bug in index_gen

parent 67718bdc
Showing with 13 additions and 15 deletions
Antidebug_AntiVM_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Antidebug_AntiVM/antidebug_antivm.yar" include "./Antidebug_AntiVM/antidebug_antivm.yar"
CVE_Rules_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./CVE_Rules/CVE-2010-0805.yar" include "./CVE_Rules/CVE-2010-0805.yar"
include "./CVE_Rules/CVE-2010-0887.yar" include "./CVE_Rules/CVE-2010-0887.yar"
......
Crypto_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Crypto/base64.yar" include "./Crypto/base64.yar"
include "./Crypto/crypto_signatures.yar" include "./Crypto/crypto_signatures.yar"
Exploit-Kits_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Exploit-Kits/EK_Angler.yar" include "./Exploit-Kits/EK_Angler.yar"
include "./Exploit-Kits/EK_Blackhole.yar" include "./Exploit-Kits/EK_Blackhole.yar"
......
Malicious_Documents_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar" include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar"
include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar" include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar"
......
Mobile_Malware_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Mobile_Malware/Android_adware.yar" include "./Mobile_Malware/Android_adware.yar"
include "./Mobile_Malware/Android_AliPay_smsStealer.yar" include "./Mobile_Malware/Android_AliPay_smsStealer.yar"
......
Packers_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Packers/Javascript_exploit_and_obfuscation.yar" include "./Packers/Javascript_exploit_and_obfuscation.yar"
include "./Packers/JJencode.yar" include "./Packers/JJencode.yar"
......
Webshells_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Webshells/WShell_APT_Laudanum.yar" include "./Webshells/WShell_APT_Laudanum.yar"
include "./Webshells/Wshell_ChineseSpam.yar" include "./Webshells/Wshell_ChineseSpam.yar"
......
email_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./email/attachment.yar" include "./email/attachment.yar"
include "./email/bank_rule.yar" include "./email/bank_rule.yar"
......
index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Antidebug_AntiVM/antidebug_antivm.yar" include "./Antidebug_AntiVM/antidebug_antivm.yar"
include "./Crypto/base64.yar" include "./Crypto/base64.yar"
...@@ -32,7 +32,6 @@ include "./Exploit-Kits/EK_Sakura.yar" ...@@ -32,7 +32,6 @@ include "./Exploit-Kits/EK_Sakura.yar"
include "./Exploit-Kits/EK_ZeroAcces.yar" include "./Exploit-Kits/EK_ZeroAcces.yar"
include "./Exploit-Kits/EK_Zerox88.yar" include "./Exploit-Kits/EK_Zerox88.yar"
include "./Exploit-Kits/EK_Zeus.yar" include "./Exploit-Kits/EK_Zeus.yar"
include "./index_w_mobile.yar"
include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar" include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar"
include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar" include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar"
include "./Malicious_Documents/Maldoc_Dridex.yar" include "./Malicious_Documents/Maldoc_Dridex.yar"
......
index_gen.sh
...@@ -18,7 +18,7 @@ function gen_index { ...@@ -18,7 +18,7 @@ function gen_index {
echo -e "/*$4*/" > $IDX_NAME echo -e "/*$4*/" > $IDX_NAME
fi fi
OS=$(uname) OS=$(uname)
AVOID="_?index.yara?|utils" AVOID="_?index.yara?|index_|utils"
if [ x"$BASE" == x"." ]; then if [ x"$BASE" == x"." ]; then
if [ $INC_MOBILE == false ]; then if [ $INC_MOBILE == false ]; then
AVOID+="|Mobile" AVOID+="|Mobile"
......
index_w_mobile.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./Antidebug_AntiVM/antidebug_antivm.yar" include "./Antidebug_AntiVM/antidebug_antivm.yar"
include "./Crypto/base64.yar" include "./Crypto/base64.yar"
...@@ -32,7 +32,6 @@ include "./Exploit-Kits/EK_Sakura.yar" ...@@ -32,7 +32,6 @@ include "./Exploit-Kits/EK_Sakura.yar"
include "./Exploit-Kits/EK_ZeroAcces.yar" include "./Exploit-Kits/EK_ZeroAcces.yar"
include "./Exploit-Kits/EK_Zerox88.yar" include "./Exploit-Kits/EK_Zerox88.yar"
include "./Exploit-Kits/EK_Zeus.yar" include "./Exploit-Kits/EK_Zeus.yar"
include "./index_w_mobile.yar"
include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar" include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar"
include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar" include "./Malicious_Documents/Maldoc_Contains_VBE_File.yar"
include "./Malicious_Documents/Maldoc_Dridex.yar" include "./Malicious_Documents/Maldoc_Dridex.yar"
......
malware_index.yar
/* /*
Generated by Yara-Rules Generated by Yara-Rules
On 25-10-2016 On 30-10-2016
*/ */
include "./malware/APT_APT1.yar" include "./malware/APT_APT1.yar"
include "./malware/APT_APT17.yar" include "./malware/APT_APT17.yar"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment