Yara-Rules/rules issues and pull requests

#100 - Create CredStealer

Pull Request - State: closed - Opened by seifreed over 8 years ago - 1 comment

#99 - Create SpyGate_v2_9

Pull Request - State: closed - Opened by seifreed over 8 years ago - 1 comment

#98 - Create EmiratesStatement

Pull Request - State: closed - Opened by seifreed over 8 years ago - 1 comment

#97 - Android_Triada_Banking

Pull Request - State: closed - Opened by R3vrseShell over 8 years ago - 1 comment

#96 - Create APT-Derusbi.yar

Pull Request - State: closed - Opened by seifreed over 8 years ago - 1 comment

#95 - Create Hsdfihdf.yar

Pull Request - State: closed - Opened by adamziaja over 8 years ago - 1 comment

#94 - Create APT_bestia.yar

Pull Request - State: closed - Opened by adamziaja over 8 years ago - 1 comment

#93 - malicious_document.yar incorrect syntax

Issue - State: closed - Opened by tlovenspclsauce over 8 years ago - 1 comment

#92 - Create Operation_Dust_storm.yar

Pull Request - State: closed - Opened by seifreed over 8 years ago - 1 comment

#91 - Fix duplicate identifiers in the rules

Pull Request - State: closed - Opened by apolkosnik-old almost 9 years ago - 1 comment

#90 - Create Adwind_JAR_PACKB

Pull Request - State: closed - Opened by seifreed almost 9 years ago - 1 comment

#89 - Create Adwind_JAR_PACKA

Pull Request - State: closed - Opened by seifreed almost 9 years ago - 1 comment

#88 - Create CorkowDLL

Pull Request - State: closed - Opened by seifreed almost 9 years ago - 1 comment

#87 - Added rule to detect a type of SMSFraud

Pull Request - State: closed - Opened by plutec almost 9 years ago - 1 comment

#86 - Add yara rule -> Hi-Zor RAT

Issue - State: closed - Opened by jholgui almost 9 years ago - 1 comment

#85 - Added ruleset to detect a type of scam

Pull Request - State: closed - Opened by plutec almost 9 years ago

#84 - Testear expresion regular greedy vs non greedy

Issue - State: closed - Opened by mmorenog almost 9 years ago - 1 comment

#83 - Possible .eml used in the Ukraine BE power attack

Issue - State: closed - Opened by mmorenog almost 9 years ago - 1 comment

#82 - Create "ELF.Torte" .yar

Issue - State: closed - Opened by mmorenog almost 9 years ago - 1 comment

#81 - THOR rulesets introduce duplicate identifiers

Issue - State: closed - Opened by timothycovel almost 9 years ago - 1 comment

#80 - clamav integration

Issue - State: closed - Opened by JayBrown almost 9 years ago - 1 comment

#79 - Undefined identifier in antidebug.yar

Issue - State: closed - Opened by msapiro almost 9 years ago - 4 comments

#78 - Undefined identifier in malicious_document.yar

Issue - State: closed - Opened by msapiro almost 9 years ago - 2 comments

#77 - Firmas a revisar

Issue - State: closed - Opened by mmorenog almost 9 years ago - 1 comment

#76 - Create derkziel_stealer

Pull Request - State: closed - Opened by seifreed almost 9 years ago - 1 comment

#75 - Update rovnix to replace M$ word quotes with ASCII quotation marks

Pull Request - State: closed - Opened by apolkosnik almost 9 years ago - 1 comment

#74 - Revisar

Issue - State: closed - Opened by mmorenog almost 9 years ago - 1 comment

#73 - Add embedded executable detection

Pull Request - State: closed - Opened by 0pc0deFR almost 9 years ago - 1 comment

#72 - Update antidebug.yar

Pull Request - State: closed - Opened by seifreed almost 9 years ago

#71 - Firmas a revisar

Issue - State: closed - Opened by mmorenog almost 9 years ago - 1 comment

#70 - Create inocnation.yar

Pull Request - State: closed - Opened by seifreed almost 9 years ago - 1 comment

#69 - Create rovnix_downloader_sinkhole_check

Pull Request - State: closed - Opened by seifreed almost 9 years ago

#68 - Create ponmocup_plugin_memory.yar

Pull Request - State: closed - Opened by seifreed almost 9 years ago

#67 - Some rules to detect features in emails

Pull Request - State: closed - Opened by plutec almost 9 years ago

#66 - Yara rules repository

Issue - State: closed - Opened by mmorenog almost 9 years ago - 1 comment

#65 - packer.yara

Pull Request - State: closed - Opened by Chandlr almost 9 years ago

#64 - Create tedroo.yar

Pull Request - State: closed - Opened by 0pc0deFR almost 9 years ago - 1 comment

#63 - Update OpClandestineWolf.yar

Pull Request - State: closed - Opened by DottoPing about 9 years ago - 1 comment

#62 - Update XOR_DDosv1

Pull Request - State: closed - Opened by DottoPing about 9 years ago - 1 comment

#61 - Rename Ramsonware.yar to Ransomware.yar

Pull Request - State: closed - Opened by suleymanozarslan about 9 years ago - 1 comment

#60 - malware.yar missing

Issue - State: closed - Opened by karolpivo about 9 years ago - 4 comments

#59 - Added rules for Android Mapin trojan

Pull Request - State: closed - Opened by plutec about 9 years ago - 1 comment

#58 - Update Android_FakeApps.yar

Pull Request - State: closed - Opened by Diviei about 9 years ago - 1 comment

#57 - Create XOR_DDosv1

Pull Request - State: closed - Opened by 0pc0deFR about 9 years ago

#56 - Fixed the APT1_aspnetreport and APT1_dbg_mess

Pull Request - State: closed - Opened by apolkosnik-old about 9 years ago - 1 comment

#55 - removed duplicate hash5 string

Pull Request - State: closed - Opened by niterain about 9 years ago - 1 comment

#54 - Added 2 rules to detect adware and smsfraud APKs

Pull Request - State: closed - Opened by plutec about 9 years ago - 1 comment

#53 - Undefined identifier

Issue - State: closed - Opened by dforce about 9 years ago - 2 comments

#52 - cleanup + more categories + 2 new rules

Pull Request - State: closed - Opened by shibumi about 9 years ago - 3 comments

#51 - duplicate code

Issue - State: closed - Opened by xambroz about 9 years ago - 1 comment

#50 - Create js_obfuscator.yar

Pull Request - State: closed - Opened by xanda about 9 years ago - 1 comment

#49 - Added rule for xRAT 2.0

Pull Request - State: closed - Opened by Rottweiler about 9 years ago - 1 comment

#48 - Add Wabot Rule

Pull Request - State: closed - Opened by 0pc0deFR about 9 years ago - 1 comment

#47 - rename the second smsfraud rule to smsfraud_apk

Pull Request - State: closed - Opened by apolkosnik-old over 9 years ago - 1 comment

#46 - Fix syntax error in APT_threatgroup_3390.yar

Pull Request - State: closed - Opened by apolkosnik-old over 9 years ago - 1 comment

#45 - "import androguard" raises error inside YARA rule

Issue - State: closed - Opened by shivang1989 over 9 years ago - 2 comments

#44 - Terracotta rules

Issue - State: closed - Opened by nyx0 over 9 years ago - 1 comment

#43 - fix a weird quotation character

Pull Request - State: closed - Opened by apolkosnik-old over 9 years ago

#42 - Potao rules

Issue - State: closed - Opened by nyx0 over 9 years ago - 1 comment

#41 - Removed duplicate rule UACElevator (already exist exploit_uac_elevato…

Pull Request - State: closed - Opened by fedelemantuano over 9 years ago

#40 - Added Dropper-realshell rule

Pull Request - State: closed - Opened by plutec over 9 years ago - 1 comment

#39 - Remove highly false-positive rules

Issue - State: closed - Opened by brad-sp over 9 years ago - 3 comments

#38 - Create OpClandestineWolf.yar

Pull Request - State: closed - Opened by NoDataFound over 9 years ago - 1 comment

#37 - Process memory working set size anti-debug trick

Pull Request - State: closed - Opened by merces over 9 years ago - 1 comment

#36 - Duplicate rules Mimikatz_Memory_Rule_1 Mimikatz_Memory_Rule_2

Issue - State: closed - Opened by timothycovel over 9 years ago - 1 comment

#35 - Add this rule: MalumPOS Config File Yara Rule from Loki

Issue - State: closed - Opened by jholgui over 9 years ago - 1 comment

#34 - Add this rule: Trend Micro MalumPOS from Loki

Issue - State: closed - Opened by jholgui over 9 years ago - 2 comments

#33 - improved Tox with 139 samples

Pull Request - State: closed - Opened by GelosSnake over 9 years ago - 2 comments

#32 - Tox "ransomware"

Pull Request - State: closed - Opened by GelosSnake over 9 years ago - 2 comments

#31 - duplicate rule mumblehard_packer

Issue - State: closed - Opened by GelosSnake over 9 years ago - 2 comments

#30 - Integrate ESET IOC Repository

Issue - State: closed - Opened by elhoim over 9 years ago - 1 comment

#29 - Moose Linux malware yara

Issue - State: closed - Opened by nyx0 over 9 years ago - 1 comment

#28 - List of yara rules repository to integrate

Issue - State: closed - Opened by mmorenog over 9 years ago - 2 comments

#27 - List of yara rules to integrate

Issue - State: closed - Opened by mmorenog over 9 years ago - 1 comment

#26 - Cmstar Downloader Lurid and Enfal’s New Cousin

Issue - State: closed - Opened by nyx0 over 9 years ago - 1 comment

#25 - Ramsonware.yar false positives

Issue - State: closed - Opened by timothycovel over 9 years ago - 3 comments

#24 - List of yara rules repositories to integrate

Issue - State: closed - Opened by elhoim over 9 years ago - 2 comments

#23 - Patch 3

Pull Request - State: closed - Opened by elhoim over 9 years ago

#22 - Copied warning about false positives from Loki's repository

Pull Request - State: closed - Opened by elhoim over 9 years ago - 1 comment

#21 - Added rules from Loki thor-hacktools.yar

Pull Request - State: closed - Opened by elhoim over 9 years ago - 1 comment

#20 - Guidelines for contribution

Issue - State: closed - Opened by elhoim over 9 years ago - 1 comment

#19 - Added yara rule from McAfee Middle-East Developer of SpyGate Struts H…

Pull Request - State: closed - Opened by elhoim over 9 years ago

#18 - Old rule from McAfee

Issue - State: closed - Opened by nyx0 over 9 years ago - 2 comments