Mirrors/reversinglabs-reversinglabs-yara-rules
1
0
Fork 0
mirror of https://github.com/reversinglabs/reversinglabs-yara-rules synced 2026-06-10 18:51:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added new YARA rules.

Browse Source
This commit is contained in:
Threat Analyst
2020-07-10 19:11:22 +02:00
parent f38190f1df
commit b95d1e6bee
132 changed files with 924 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
yara/virus/Linux.Virus.Vit.yara
+7
View File
@@ -5,6 +5,13 @@ rule Linux_Virus_Vit : tc_detection malicious
meta:
author = "ReversingLabs"
source = "ReversingLabs"
status = "RELEASED"
sharing = "TLP:WHITE"
category = "MALWARE"
description = "Yara rule that detects Vit virus."
tc_detection_type = "Virus"
tc_detection_name = "Vit"
tc_detection_factor = 5
yara/virus/Win32.Virus.Awfull.yara
+7
View File
@@ -5,6 +5,13 @@ rule Win32_Virus_Awfull : tc_detection malicious
meta:
author = "ReversingLabs"
source = "ReversingLabs"
status = "RELEASED"
sharing = "TLP:WHITE"
category = "MALWARE"
description = "Yara rule that detects Awfull virus."
tc_detection_type = "Virus"
tc_detection_name = "Awfull"
tc_detection_factor = 5
yara/virus/Win32.Virus.Cmay.yara
+7
View File
@@ -5,6 +5,13 @@ rule Win32_Virus_Cmay : tc_detection malicious
meta:
author = "ReversingLabs"
source = "ReversingLabs"
status = "RELEASED"
sharing = "TLP:WHITE"
category = "MALWARE"
description = "Yara rule that detects Cmay virus."
tc_detection_type = "Virus"
tc_detection_name = "Cmay"
tc_detection_factor = 5
yara/virus/Win32.Virus.DeadCode.yara
+7
View File
@@ -5,6 +5,13 @@ rule Win32_Virus_DeadCode : tc_detection malicious
meta:
author = "ReversingLabs"
source = "ReversingLabs"
status = "RELEASED"
sharing = "TLP:WHITE"
category = "MALWARE"
description = "Yara rule that detects DeadCode virus."
tc_detection_type = "Virus"
tc_detection_name = "DeadCode"
tc_detection_factor = 5
yara/virus/Win32.Virus.Elerad.yara
+7
View File
@@ -5,6 +5,13 @@ rule Win32_Virus_Elerad : tc_detection malicious
meta:
author = "ReversingLabs"
source = "ReversingLabs"
status = "RELEASED"
sharing = "TLP:WHITE"
category = "MALWARE"
description = "Yara rule that detects Elerad virus."
tc_detection_type = "Virus"
tc_detection_name = "Elerad"
tc_detection_factor = 5
yara/virus/Win32.Virus.Greenp.yara
+7
View File
@@ -5,6 +5,13 @@ rule Win32_Virus_Greenp : tc_detection malicious
meta:
author = "ReversingLabs"
source = "ReversingLabs"
status = "RELEASED"
sharing = "TLP:WHITE"
category = "MALWARE"
description = "Yara rule that detects Greenp virus."
tc_detection_type = "Virus"
tc_detection_name = "Greenp"
tc_detection_factor = 5
yara/virus/Win32.Virus.Mocket.yara
+7
View File
@@ -5,6 +5,13 @@ rule Win32_Virus_Mocket : tc_detection malicious
meta:
author = "ReversingLabs"
source = "ReversingLabs"
status = "RELEASED"
sharing = "TLP:WHITE"
category = "MALWARE"
description = "Yara rule that detects Mocket virus."
tc_detection_type = "Virus"
tc_detection_name = "Mocket"
tc_detection_factor = 5
yara/virus/Win32.Virus.Negt.yara
+7
View File
@@ -5,6 +5,13 @@ rule Win32_Virus_Negt : tc_detection malicious
meta:
author = "ReversingLabs"
source = "ReversingLabs"
status = "RELEASED"
sharing = "TLP:WHITE"
category = "MALWARE"
description = "Yara rule that detects Negt virus."
tc_detection_type = "Virus"
tc_detection_name = "Negt"
tc_detection_factor = 5