Index regenerated

caa04d55 · Xumeiquer · 508a5a3a · caa04d55 · caa04d55 · caa04d55
Commit caa04d55 authored 6 years ago by Xumeiquer
13 changed files
--- a/Antidebug_AntiVM_index.yar
+++ b/Antidebug_AntiVM_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./Antidebug_AntiVM/antidebug_antivm.yar"
--- a/CVE_Rules_index.yar
+++ b/CVE_Rules_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./CVE_Rules/CVE-2010-0805.yar"
 include "./CVE_Rules/CVE-2010-0887.yar"
@@ -14,4 +14,5 @@ include "./CVE_Rules/CVE-2015-2545.yar"
 include "./CVE_Rules/CVE-2015-5119.yar"
 include "./CVE_Rules/CVE-2016-5195.yar"
 include "./CVE_Rules/CVE-2017-11882.yar"
+include "./CVE_Rules/CVE-2018-20250.yar"
 include "./CVE_Rules/CVE-2018-4878.yar"
--- a/Capabilities_index.yar
+++ b/Capabilities_index.yar
+/*
+Generated by Yara-Rules
+On 27-03-2019
+*/
+include "./Capabilities/capabilities.yar"
--- a/Crypto_index.yar
+++ b/Crypto_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./Crypto/crypto_signatures.yar"
--- a/Exploit-Kits_index.yar
+++ b/Exploit-Kits_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./Exploit-Kits/EK_Angler.yar"
 include "./Exploit-Kits/EK_Blackhole.yar"

--- a/Malicious_Documents_index.yar
+++ b/Malicious_Documents_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
+include "./Malicious_Documents/Maldoc_APT10_MenuPass.yar"
+include "./Malicious_Documents/Maldoc_APT19_CVE-2017-1099.yar"
 include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar"
 include "./Malicious_Documents/Maldoc_CVE-2017-0199.yar"
 include "./Malicious_Documents/Maldoc_CVE_2017_11882.yar"

--- a/Mobile_Malware_index.yar
+++ b/Mobile_Malware_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./Mobile_Malware/Android_ASSDdeveloper.yar"
 include "./Mobile_Malware/Android_AVITOMMS.yar"

--- a/Packers_index.yar
+++ b/Packers_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./Packers/JJencode.yar"
 include "./Packers/Javascript_exploit_and_obfuscation.yar"

--- a/Webshells_index.yar
+++ b/Webshells_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./Webshells/WShell_APT_Laudanum.yar"
+include "./Webshells/WShell_ASPXSpy.yar"
 include "./Webshells/WShell_PHP_Anuna.yar"
 include "./Webshells/WShell_PHP_in_images.yar"
 include "./Webshells/WShell_THOR_Webshells.yar"

--- a/email_index.yar
+++ b/email_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./email/EMAIL_Cryptowall.yar"
 include "./email/attachment.yar"

--- a/index.yar
+++ b/index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./Antidebug_AntiVM/antidebug_antivm.yar"
 include "./CVE_Rules/CVE-2010-0805.yar"
@@ -15,7 +15,9 @@ include "./CVE_Rules/CVE-2015-2545.yar"
 include "./CVE_Rules/CVE-2015-5119.yar"
 include "./CVE_Rules/CVE-2016-5195.yar"
 include "./CVE_Rules/CVE-2017-11882.yar"
+include "./CVE_Rules/CVE-2018-20250.yar"
 include "./CVE_Rules/CVE-2018-4878.yar"
+include "./Capabilities/capabilities.yar"
 include "./Crypto/crypto_signatures.yar"
 include "./Exploit-Kits/EK_Angler.yar"
 include "./Exploit-Kits/EK_Blackhole.yar"
@@ -28,6 +30,8 @@ include "./Exploit-Kits/EK_Sakura.yar"
 include "./Exploit-Kits/EK_ZeroAcces.yar"
 include "./Exploit-Kits/EK_Zerox88.yar"
 include "./Exploit-Kits/EK_Zeus.yar"
+include "./Malicious_Documents/Maldoc_APT10_MenuPass.yar"
+include "./Malicious_Documents/Maldoc_APT19_CVE-2017-1099.yar"
 include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar"
 include "./Malicious_Documents/Maldoc_CVE-2017-0199.yar"
 include "./Malicious_Documents/Maldoc_CVE_2017_11882.yar"
@@ -51,6 +55,7 @@ include "./Packers/packer.yar"
 include "./Packers/packer_compiler_signatures.yar"
 include "./Packers/peid.yar"
 include "./Webshells/WShell_APT_Laudanum.yar"
+include "./Webshells/WShell_ASPXSpy.yar"
 include "./Webshells/WShell_PHP_Anuna.yar"
 include "./Webshells/WShell_PHP_in_images.yar"
 include "./Webshells/WShell_THOR_Webshells.yar"
@@ -144,6 +149,7 @@ include "./malware/APT_Turla_Neuron.yar"
 include "./malware/APT_Turla_RUAG.yar"
 include "./malware/APT_UP007_SLServer.yar"
 include "./malware/APT_Unit78020.yar"
+include "./malware/APT_Uppercut.yar"
 include "./malware/APT_Waterbug.yar"
 include "./malware/APT_WildNeutron.yar"
 include "./malware/APT_Windigo_Onimiki.yar"
@@ -155,6 +161,8 @@ include "./malware/APT_fancybear_downdelph.yar"
 include "./malware/APT_furtim.yar"
 include "./malware/EXPERIMENTAL_Beef.yar"
 include "./malware/GEN_PowerShell.yar"
+include "./malware/MALW_ATMPot.yar"
+include "./malware/MALW_ATM_HelloWorld.yar"
 include "./malware/MALW_AZORULT.yar"
 include "./malware/MALW_AgentTesla.yar"
 include "./malware/MALW_AgentTesla_SMTP.yar"
@@ -216,6 +224,7 @@ include "./malware/MALW_IotReaper.yar"
 include "./malware/MALW_Jolob_Backdoor.yar"
 include "./malware/MALW_KINS.yar"
 include "./malware/MALW_Kelihos.yar"
+include "./malware/MALW_KeyBase.yar"
 include "./malware/MALW_Korlia.yar"
 include "./malware/MALW_Korplug.yar"
 include "./malware/MALW_Kovter.yar"
@@ -257,6 +266,7 @@ include "./malware/MALW_PE_sections.yar"
 include "./malware/MALW_PittyTiger.yar"
 include "./malware/MALW_Ponmocup.yar"
 include "./malware/MALW_Pony.yar"
+include "./malware/MALW_Predator.yar"
 include "./malware/MALW_PubSab.yar"
 include "./malware/MALW_PyPI.yar"
 include "./malware/MALW_Pyinstaller.yar"
@@ -301,9 +311,11 @@ include "./malware/MALW_XHide.yar"
 include "./malware/MALW_XMRIG_Miner.yar"
 include "./malware/MALW_XOR_DDos.yar"
 include "./malware/MALW_Yayih.yar"
+include "./malware/MALW_Yordanyan_ActiveAgent.yar"
 include "./malware/MALW_Zegost.yar"
 include "./malware/MALW_Zeus.yar"
 include "./malware/MALW_adwind_RAT.yar"
+include "./malware/MALW_hancitor.yar"
 include "./malware/MALW_kpot.yar"
 include "./malware/MALW_marap.yar"
 include "./malware/MALW_shifu_shiz.yar"

--- a/index_w_mobile.yar
+++ b/index_w_mobile.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./Antidebug_AntiVM/antidebug_antivm.yar"
 include "./CVE_Rules/CVE-2010-0805.yar"
@@ -15,7 +15,9 @@ include "./CVE_Rules/CVE-2015-2545.yar"
 include "./CVE_Rules/CVE-2015-5119.yar"
 include "./CVE_Rules/CVE-2016-5195.yar"
 include "./CVE_Rules/CVE-2017-11882.yar"
+include "./CVE_Rules/CVE-2018-20250.yar"
 include "./CVE_Rules/CVE-2018-4878.yar"
+include "./Capabilities/capabilities.yar"
 include "./Crypto/crypto_signatures.yar"
 include "./Exploit-Kits/EK_Angler.yar"
 include "./Exploit-Kits/EK_Blackhole.yar"
@@ -28,6 +30,8 @@ include "./Exploit-Kits/EK_Sakura.yar"
 include "./Exploit-Kits/EK_ZeroAcces.yar"
 include "./Exploit-Kits/EK_Zerox88.yar"
 include "./Exploit-Kits/EK_Zeus.yar"
+include "./Malicious_Documents/Maldoc_APT10_MenuPass.yar"
+include "./Malicious_Documents/Maldoc_APT19_CVE-2017-1099.yar"
 include "./Malicious_Documents/Maldoc_APT_OLE_JSRat.yar"
 include "./Malicious_Documents/Maldoc_CVE-2017-0199.yar"
 include "./Malicious_Documents/Maldoc_CVE_2017_11882.yar"
@@ -114,6 +118,7 @@ include "./Packers/packer.yar"
 include "./Packers/packer_compiler_signatures.yar"
 include "./Packers/peid.yar"
 include "./Webshells/WShell_APT_Laudanum.yar"
+include "./Webshells/WShell_ASPXSpy.yar"
 include "./Webshells/WShell_PHP_Anuna.yar"
 include "./Webshells/WShell_PHP_in_images.yar"
 include "./Webshells/WShell_THOR_Webshells.yar"
@@ -207,6 +212,7 @@ include "./malware/APT_Turla_Neuron.yar"
 include "./malware/APT_Turla_RUAG.yar"
 include "./malware/APT_UP007_SLServer.yar"
 include "./malware/APT_Unit78020.yar"
+include "./malware/APT_Uppercut.yar"
 include "./malware/APT_Waterbug.yar"
 include "./malware/APT_WildNeutron.yar"
 include "./malware/APT_Windigo_Onimiki.yar"
@@ -218,6 +224,8 @@ include "./malware/APT_fancybear_downdelph.yar"
 include "./malware/APT_furtim.yar"
 include "./malware/EXPERIMENTAL_Beef.yar"
 include "./malware/GEN_PowerShell.yar"
+include "./malware/MALW_ATMPot.yar"
+include "./malware/MALW_ATM_HelloWorld.yar"
 include "./malware/MALW_AZORULT.yar"
 include "./malware/MALW_AgentTesla.yar"
 include "./malware/MALW_AgentTesla_SMTP.yar"
@@ -279,6 +287,7 @@ include "./malware/MALW_IotReaper.yar"
 include "./malware/MALW_Jolob_Backdoor.yar"
 include "./malware/MALW_KINS.yar"
 include "./malware/MALW_Kelihos.yar"
+include "./malware/MALW_KeyBase.yar"
 include "./malware/MALW_Korlia.yar"
 include "./malware/MALW_Korplug.yar"
 include "./malware/MALW_Kovter.yar"
@@ -320,6 +329,7 @@ include "./malware/MALW_PE_sections.yar"
 include "./malware/MALW_PittyTiger.yar"
 include "./malware/MALW_Ponmocup.yar"
 include "./malware/MALW_Pony.yar"
+include "./malware/MALW_Predator.yar"
 include "./malware/MALW_PubSab.yar"
 include "./malware/MALW_PyPI.yar"
 include "./malware/MALW_Pyinstaller.yar"
@@ -364,9 +374,11 @@ include "./malware/MALW_XHide.yar"
 include "./malware/MALW_XMRIG_Miner.yar"
 include "./malware/MALW_XOR_DDos.yar"
 include "./malware/MALW_Yayih.yar"
+include "./malware/MALW_Yordanyan_ActiveAgent.yar"
 include "./malware/MALW_Zegost.yar"
 include "./malware/MALW_Zeus.yar"
 include "./malware/MALW_adwind_RAT.yar"
+include "./malware/MALW_hancitor.yar"
 include "./malware/MALW_kpot.yar"
 include "./malware/MALW_marap.yar"
 include "./malware/MALW_shifu_shiz.yar"

--- a/malware_index.yar
+++ b/malware_index.yar
 /*
 Generated by Yara-Rules
-On 07-10-2018
+On 27-03-2019
 */
 include "./malware/000_common_rules.yar"
 include "./malware/APT_APT1.yar"
@@ -83,6 +83,7 @@ include "./malware/APT_Turla_Neuron.yar"
 include "./malware/APT_Turla_RUAG.yar"
 include "./malware/APT_UP007_SLServer.yar"
 include "./malware/APT_Unit78020.yar"
+include "./malware/APT_Uppercut.yar"
 include "./malware/APT_Waterbug.yar"
 include "./malware/APT_WildNeutron.yar"
 include "./malware/APT_Windigo_Onimiki.yar"
@@ -94,6 +95,8 @@ include "./malware/APT_fancybear_downdelph.yar"
 include "./malware/APT_furtim.yar"
 include "./malware/EXPERIMENTAL_Beef.yar"
 include "./malware/GEN_PowerShell.yar"
+include "./malware/MALW_ATMPot.yar"
+include "./malware/MALW_ATM_HelloWorld.yar"
 include "./malware/MALW_AZORULT.yar"
 include "./malware/MALW_AgentTesla.yar"
 include "./malware/MALW_AgentTesla_SMTP.yar"
@@ -155,6 +158,7 @@ include "./malware/MALW_IotReaper.yar"
 include "./malware/MALW_Jolob_Backdoor.yar"
 include "./malware/MALW_KINS.yar"
 include "./malware/MALW_Kelihos.yar"
+include "./malware/MALW_KeyBase.yar"
 include "./malware/MALW_Korlia.yar"
 include "./malware/MALW_Korplug.yar"
 include "./malware/MALW_Kovter.yar"
@@ -196,6 +200,7 @@ include "./malware/MALW_PE_sections.yar"
 include "./malware/MALW_PittyTiger.yar"
 include "./malware/MALW_Ponmocup.yar"
 include "./malware/MALW_Pony.yar"
+include "./malware/MALW_Predator.yar"
 include "./malware/MALW_PubSab.yar"
 include "./malware/MALW_PyPI.yar"
 include "./malware/MALW_Pyinstaller.yar"
@@ -240,9 +245,11 @@ include "./malware/MALW_XHide.yar"
 include "./malware/MALW_XMRIG_Miner.yar"
 include "./malware/MALW_XOR_DDos.yar"
 include "./malware/MALW_Yayih.yar"
+include "./malware/MALW_Yordanyan_ActiveAgent.yar"
 include "./malware/MALW_Zegost.yar"
 include "./malware/MALW_Zeus.yar"
 include "./malware/MALW_adwind_RAT.yar"
+include "./malware/MALW_hancitor.yar"
 include "./malware/MALW_kpot.yar"
 include "./malware/MALW_marap.yar"
 include "./malware/MALW_shifu_shiz.yar"