Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added index of rules and script to update index #7

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Added index of rules and script to update index #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
261 changes: 261 additions & 0 deletions yara/index.yara
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,261 @@
include "./virus/Win32.Virus.Elerad.yara"
include "./virus/Win32.Virus.Negt.yara"
include "./virus/Win32.Virus.DeadCode.yara"
include "./virus/Win32.Virus.Cmay.yara"
include "./virus/Win32.Virus.Mocket.yara"
include "./virus/Win32.Virus.Awfull.yara"
include "./virus/Win32.Virus.Greenp.yara"
include "./virus/Linux.Virus.Vit.yara"
include "./trojan/Win32.Trojan.HermeticWiper.yara"
include "./trojan/Win32.Trojan.CaddyWiper.yara"
include "./trojan/Win32.Trojan.Emotet.yara"
include "./trojan/Win32.Trojan.IsaacWiper.yara"
include "./trojan/Win32.Trojan.Dridex.yara"
include "./trojan/Win32.Trojan.TrickBot.yara"
include "./exploit/Win32.Exploit.CVE20200601.yara"
include "./infostealer/Win32.Infostealer.MultigrainPOS.yara"
include "./infostealer/Win32.Infostealer.ProjectHookPOS.yara"
include "./ransomware/Win32.Ransomware.ZeroCrypt.yara"
include "./ransomware/Win32.Ransomware.HydraCrypt.yara"
include "./ransomware/Win32.Ransomware.CryptoJoker.yara"
include "./ransomware/Win32.Ransomware.BlackCat.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Venom.yara"
include "./ransomware/Win64.Ransomware.BlackBasta.yara"
include "./ransomware/Win32.Ransomware.Makop.yara"
include "./ransomware/Win32.Ransomware.IFN643.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.GhosTEncryptor.yara"
include "./ransomware/Win32.Ransomware.Ransomexx.yara"
include "./ransomware/Win32.Ransomware.BitCrypt.yara"
include "./ransomware/Win32.Ransomware.Babuk.yara"
include "./ransomware/Win32.Ransomware.Marlboro.yara"
include "./ransomware/Win32.Ransomware.Atlas.yara"
include "./ransomware/Win32.Ransomware.Monalisa.yara"
include "./ransomware/Win32.Ransomware.Rokku.yara"
include "./ransomware/Win32.Ransomware.Teslarvng.yara"
include "./ransomware/Win32.Ransomware.BlackMoon.yara"
include "./ransomware/Win32.Ransomware.DearCry.yara"
include "./ransomware/Win32.Ransomware.MRAC.yara"
include "./ransomware/Win64.Ransomware.Ako.yara"
include "./ransomware/Win32.Ransomware.Nefilim.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Pacman.yara"
include "./ransomware/Win32.Ransomware.GandCrab.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.McBurglar.yara"
include "./ransomware/Win32.Ransomware.CryptoLocker.yara"
include "./ransomware/Win32.Ransomware.OphionLocker.yara"
include "./ransomware/Win32.Ransomware.Zoldon.yara"
include "./ransomware/Win32.Ransomware.Hermes.yara"
include "./ransomware/Win32.Ransomware.TechandStrat.yara"
include "./ransomware/Linux.Ransomware.LuckyJoe.yara"
include "./ransomware/Win64.Ransomware.HotCoffee.yara"
include "./ransomware/Win32.Ransomware.LeChiffre.yara"
include "./ransomware/Win32.Ransomware.BKRansomware.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Janelle.yara"
include "./ransomware/Win32.Ransomware.TBLocker.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.EAF.yara"
include "./ransomware/Win32.Ransomware.Blitzkrieg.yara"
include "./ransomware/Win32.Ransomware.HDDCryptor.yara"
include "./ransomware/Win32.Ransomware.GlobeImposter.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Dusk.yara"
include "./ransomware/Win32.Ransomware.Sherminator.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Hog.yara"
include "./ransomware/Win64.Ransomware.Wintenzz.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.GoodWill.yara"
include "./ransomware/Win32.Ransomware.KillDisk.yara"
include "./ransomware/Win32.Ransomware.HentaiOniichan.yara"
include "./ransomware/Win32.Ransomware.CryptoFortress.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Cring.yara"
include "./ransomware/Win32.Ransomware.WinWord64.yara"
include "./ransomware/Win32.Ransomware.Gpcode.yara"
include "./ransomware/Win32.Ransomware.Jormungand.yara"
include "./ransomware/Win32.Ransomware.Dragon.yara"
include "./ransomware/Win32.Ransomware.Skystars.yara"
include "./ransomware/Win32.Ransomware.Defray.yara"
include "./ransomware/Win32.Ransomware.Nemty.yara"
include "./ransomware/Win32.Ransomware.Jemd.yara"
include "./ransomware/Win64.Ransomware.DST.yara"
include "./ransomware/Win32.Ransomware.FCT.yara"
include "./ransomware/Win32.Ransomware.LooCipher.yara"
include "./ransomware/Win32.Ransomware.Kovter.yara"
include "./ransomware/Win32.Ransomware.RagnarLocker.yara"
include "./ransomware/Win32.Ransomware.Velso.yara"
include "./ransomware/Win32.Ransomware.FLKR.yara"
include "./ransomware/Win32.Ransomware.Knot.yara"
include "./ransomware/Win32.Ransomware.District.yara"
include "./ransomware/Win32.Ransomware.HDMR.yara"
include "./ransomware/Win32.Ransomware.DirtyDecrypt.yara"
include "./ransomware/Win32.Ransomware.HowAreYou.yara"
include "./ransomware/Win32.Ransomware.WaspLocker.yara"
include "./ransomware/Win64.Ransomware.SeedLocker.yara"
include "./ransomware/Win32.Ransomware.5ss5c.yara"
include "./ransomware/Win32.Ransomware.TargetCompany.yara"
include "./ransomware/Win32.Ransomware.Zeoticus.yara"
include "./ransomware/Win32.Ransomware.Flamingo.yara"
include "./ransomware/Win32.Ransomware.CryptoWall.yara"
include "./ransomware/Win32.Ransomware.Sanwai.yara"
include "./ransomware/Win32.Ransomware.HakunaMatata.yara"
include "./ransomware/Win64.Ransomware.RedRoman.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Namaste.yara"
include "./ransomware/Win32.Ransomware.GPGQwerty.yara"
include "./ransomware/Win32.Ransomware.Matsnu.yara"
include "./ransomware/Win32.Ransomware.DarkSide.yara"
include "./ransomware/Win32.Ransomware.DMALocker.yara"
include "./ransomware/Win32.Ransomware.Sifrelendi.yara"
include "./ransomware/Win32.Ransomware.Gibon.yara"
include "./ransomware/Win32.Ransomware.Erica.yara"
include "./ransomware/Win32.Ransomware.Crypren.yara"
include "./ransomware/Win32.Ransomware.Prometey.yara"
include "./ransomware/Win32.Ransomware.Lolkek.yara"
include "./ransomware/Win32.Ransomware.NB65.yara"
include "./ransomware/Win32.Ransomware.Cincoo.yara"
include "./ransomware/Win32.Ransomware.Pay2Key.yara"
include "./ransomware/Win32.Ransomware.Dualshot.yara"
include "./ransomware/Win32.Ransomware.JuicyLemon.yara"
include "./ransomware/Win32.Ransomware.Ferrlock.yara"
include "./ransomware/Win32.Ransomware.GarrantyDecrypt.yara"
include "./ransomware/Win32.Ransomware.RansomPlus.yara"
include "./ransomware/Win32.Ransomware.Delphimorix.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.ZeroLocker.yara"
include "./ransomware/Win32.Ransomware.Good.yara"
include "./ransomware/Win32.Ransomware.AnteFrigus.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Fantom.yara"
include "./ransomware/Win32.Ransomware.Reveton.yara"
include "./ransomware/Win32.Ransomware.TorrentLocker.yara"
include "./ransomware/Win32.Ransomware.FenixLocker.yara"
include "./ransomware/Win32.Ransomware.AvosLocker.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Apis.yara"
include "./ransomware/Win32.Ransomware.PXJ.yara"
include "./ransomware/Win32.Ransomware.Henry.yara"
include "./ransomware/Win32.Ransomware.Cuba.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.TaRRaK.yara"
include "./ransomware/Bytecode.MSIL.Ransomware.CobraLocker.yara"
include "./ransomware/Win32.Ransomware.Ladon.yara"
include "./ransomware/Win64.Ransomware.Pandora.yara"
include "./ransomware/Win32.Ransomware.Sarbloh.yara"
include "./ransomware/Win32.Ransomware.Crysis.yara"
include "./ransomware/Win32.Ransomware.Termite.yara"
include "./ransomware/Win32.Ransomware.Koxic.yara"
include "./ransomware/Win32.Ransomware.Sifreli.yara"
include "./ransomware/Win32.Ransomware.Bam2021.yara"
include "./ransomware/Win32.Ransomware.Armage.yara"
include "./ransomware/Win32.Ransomware.Kraken.yara"
include "./ransomware/Win32.Ransomware.Encoded01.yara"
include "./ransomware/Win32.Ransomware.Alcatraz.yara"
include "./ransomware/Win32.Ransomware.Conti.yara"
include "./ransomware/Linux.Ransomware.RedAlert.yara"
include "./ransomware/Win32.Ransomware.Zhen.yara"
include "./ransomware/Win32.Ransomware.TeleCrypt.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.PoliceRecords.yara"
include "./ransomware/Win32.Ransomware.Saturn.yara"
include "./ransomware/Win32.Ransomware.Maktub.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.ChupaCabra.yara"
include "./ransomware/Linux.Ransomware.KillDisk.yara"
include "./ransomware/Win32.Ransomware.Zeppelin.yara"
include "./ransomware/Win32.Ransomware.RegretLocker.yara"
include "./ransomware/Win32.Ransomware.Spora.yara"
include "./ransomware/Win32.Ransomware.Motocos.yara"
include "./ransomware/Win32.Ransomware.RetMyData.yara"
include "./ransomware/Win32.Ransomware.CryptoBit.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.WildFire.yara"
include "./ransomware/Win32.Ransomware.Redeemer.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.HarpoonLocker.yara"
include "./ransomware/Win64.Ransomware.Seth.yara"
include "./ransomware/Win32.Ransomware.ChiChi.yara"
include "./ransomware/Win64.Ransomware.AntiWar.yara"
include "./ransomware/Win32.Ransomware.Ouroboros.yara"
include "./ransomware/Win32.Ransomware.Satana.yara"
include "./ransomware/Win64.Ransomware.WhiteBlackCrypt.yara"
include "./ransomware/Win32.Ransomware.VHDLocker.yara"
include "./ransomware/Win32.Ransomware.Meow.yara"
include "./ransomware/Win32.Ransomware.DesuCrypt.yara"
include "./ransomware/Win32.Ransomware.Ragnarok.yara"
include "./ransomware/Win32.Ransomware.MedusaLocker.yara"
include "./ransomware/Win32.Ransomware.NanoLocker.yara"
include "./ransomware/Win32.Ransomware.Mafia.yara"
include "./ransomware/Win32.Ransomware.Xorist.yara"
include "./ransomware/Win64.Ransomware.AwesomeScott.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Invert.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Moisha.yara"
include "./ransomware/Win32.Ransomware.WsIR.yara"
include "./ransomware/Win32.Ransomware.DenizKizi.yara"
include "./ransomware/Win32.Ransomware.Montserrat.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Ghostbin.yara"
include "./ransomware/Win32.Ransomware.PrincessLocker.yara"
include "./ransomware/Win32.Ransomware.Revil.yara"
include "./ransomware/Win32.Ransomware.MarsJoke.yara"
include "./ransomware/Win32.Ransomware.BrainCrypt.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Retis.yara"
include "./ransomware/Win32.Ransomware.Petya.yara"
include "./ransomware/Win32.Ransomware.MZP.yara"
include "./ransomware/Win32.Ransomware.Ako.yara"
include "./ransomware/Win32.Ransomware.Clop.yara"
include "./ransomware/Win32.Ransomware.BananaCrypt.yara"
include "./ransomware/Win32.Ransomware.Oni.yara"
include "./ransomware/Win64.Ransomware.Solaso.yara"
include "./ransomware/Win32.Ransomware.Jamper.yara"
include "./ransomware/Win32.Ransomware.GusCrypter.yara"
include "./ransomware/Win32.Ransomware.Wastedlocker.yara"
include "./ransomware/Win32.Ransomware.Teslacrypt.yara"
include "./ransomware/Win32.Ransomware.Networm.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Povlsomware.yara"
include "./ransomware/Win32.Ransomware.BadBlock.yara"
include "./ransomware/Linux.Ransomware.GwisinLocker.yara"
include "./ransomware/Win32.Ransomware.ShadowCryptor.yara"
include "./ransomware/Win32.Ransomware.Serpent.yara"
include "./ransomware/Win32.Ransomware.Thanatos.yara"
include "./ransomware/Win32.Ransomware.Avaddon.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.TimeCrypt.yara"
include "./ransomware/Win32.Ransomware.Magniber.yara"
include "./ransomware/Win32.Ransomware.ASN1Encoder.yara"
include "./ransomware/Win32.Ransomware.Balaclava.yara"
include "./ransomware/Win32.Ransomware.MountLocker.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.WormLocker.yara"
include "./ransomware/Win32.Ransomware.NotPetya.yara"
include "./ransomware/Win32.Ransomware.BlackBasta.yara"
include "./ransomware/Win64.Ransomware.Curator.yara"
include "./ransomware/Win32.Ransomware.Kangaroo.yara"
include "./ransomware/Win64.Ransomware.Nokoyawa.yara"
include "./ransomware/Win32.Ransomware.Sigrun.yara"
include "./ransomware/Win32.Ransomware.Lorenz.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Thanos.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Eternity.yara"
include "./ransomware/Win32.Ransomware.Badbeeteam.yara"
include "./ransomware/Win32.Ransomware.FuxSocy.yara"
include "./ransomware/Win32.Ransomware.Buran.yara"
include "./ransomware/Win32.Ransomware.DMR.yara"
include "./ransomware/Win32.Ransomware.Horsedeal.yara"
include "./ransomware/Win64.Ransomware.Vovalex.yara"
include "./ransomware/Win32.Ransomware.BlueLocker.yara"
include "./ransomware/Win32.Ransomware.InfoDot.yara"
include "./ransomware/Win32.Ransomware.WannaCry.yara"
include "./ransomware/Win32.Ransomware.Satan.yara"
include "./ransomware/Win32.Ransomware.DogeCrypt.yara"
include "./ransomware/Win32.Ransomware.FarAttack.yara"
include "./ransomware/Win32.Ransomware.Cryakl.yara"
include "./ransomware/Win32.Ransomware.Plague17.yara"
include "./ransomware/Win32.Ransomware.Major.yara"
include "./ransomware/Win32.Ransomware.Gomer.yara"
include "./ransomware/Win32.Ransomware.BandarChor.yara"
include "./ransomware/Win32.Ransomware.JSWorm.yara"
include "./ransomware/Win32.Ransomware.Dharma.yara"
include "./ransomware/Win32.Ransomware.Sepsis.yara"
include "./ransomware/Win64.Ransomware.HermeticRansom.yara"
include "./ransomware/Win32.Ransomware.KawaiiLocker.yara"
include "./ransomware/Win32.Ransomware.Afrodita.yara"
include "./ransomware/Win32.Ransomware.Outsider.yara"
include "./ransomware/Win32.Ransomware.Archiveus.yara"
include "./ransomware/Win32.Ransomware.Acepy.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.TimeTime.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Khonsari.yara"
include "./ransomware/Win32.Ransomware.LockBit.yara"
include "./ransomware/Win32.Ransomware.SevenSevenSeven.yara"
include "./ransomware/ByteCode.MSIL.Ransomware.Oct.yara"
include "./ransomware/Win32.Ransomware.VegaLocker.yara"
include "./ransomware/Win32.Ransomware.Ryuk.yara"
include "./ransomware/Win64.Ransomware.Rook.yara"
include "./ransomware/Win32.Ransomware.Paradise.yara"
include "./ransomware/Win32.Ransomware.Crypmic.yara"
include "./ransomware/Win32.Ransomware.Sage.yara"
include "./ransomware/Win32.Ransomware.Ransoc.yara"
include "./downloader/Win32.Downloader.dlMarlboro.yara"
include "./certificate/blocklist.yara"
include "./pua/Win32.PUA.Domaiq.yara"
3 changes: 3 additions & 0 deletions yara/update_index.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/usr/bin/env bash

find . -name "*.yara" -not -name "index.yara" | sed -e 's/^/include "/g' | sed -e 's/$/"/g' >index.yara