eset/malware-ioc eset/malware-ioc

  • Stars
    star
    1,429
  • Rank 32,929 (Top 0.7 %)
  • Language YARA
  • License
    BSD 2-Clause "Sim...
  • Created over 10 years ago
  • Updated 12 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
eset/malware-ioc
github

eset

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Indicators of Compromises (IOC) of our various investigations

Malware Indicators of Compromise

 .-------------.
(  E  S | E  T  )  R e s e a r c h
 `-------------'

Copyright © ESET 2014-2020

Here are indicators of compromise (IOCs) of our various investigations. We are doing this to help the broader security community fight malware wherever it might be.

  • .yar files are Yara rules

  • .rules files are Snort rules

  • samples.md5, samples.sha1 and samples.sha256 files are newline separated list of hexadecimal digests of malware samples

If you would like to contribute improved versions please send us a pull request.

If you’ve found false positives give us the details in an issue report and we’ll try to improve our IOCs.

These are licensed under the permissive BSD two-clause license. You are allowed to modify these and keep the changes to yourself even though it would be rude to do so.

More Repositories

1

ipyida

IPython console integration for IDA Pro
Python
671
star
2

malware-research

Code written as part of our various malware investigations
Python
336
star
3

vba-dynamic-hook

VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls
Python
145
star
4

stadeo

Control-flow-flattening and string deobfuscator
Python
127
star
5

wslink-vm-analyzer

WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware
Python
46
star
6

volatility-browserhooks

Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
Python
38
star
7

vulnerability-disclosures

Repository of vulnerabilities disclosed by ESET
23
star
8

slides

Slides from presentations done by ESET researchers
HTML
20
star
9

cry-decryptor

CryDecryptor is an Android application to decrypt files from device compromised by the CryCryptor ransomware
Java
16
star
10

wslink-client

WslinkClient is a client intended to communicate with Wslink, which is a unique loader running as a server
C
12
star
11

kafka-browser

Kafka message viewer
CSS
8
star
12

jupyter-kernel-proxy

Jupyter kernel acting as a proxy to any other, already running, kernel.
Python
2
star
13

eei-agent-linux-probes

eBPF probes used by ESET Linux products
C
1
star
14

sampleshare

ESET sample sharing platform, implementing the Norman Sampleshare Framework
JavaScript
1
star