├── .gitignore ├── LICENSE ├── README.md ├── door_scanner ├── config.json ├── door_scanner_2022_10_20.exe ├── door_scanner_2022_8_26.exe ├── door_scanner_2023_8_3.exe └── offline_scan.py ├── memory_scanner ├── config.json ├── memory_scanner.exe ├── memory_scanner_2024_5_27.exe └── yara_rules │ └── es_rules │ ├── Multi_AttackSimulation_Blindspot.yar │ ├── Multi_EICAR.yar │ ├── Multi_Ransomware_BlackCat.yar │ ├── Multi_Ransomware_Luna.yar │ ├── Multi_Trojan_Coreimpact.yar │ ├── Multi_Trojan_Sliver.yar │ ├── Windows_AttackSimulation_Hovercraft.yar │ ├── Windows_Backdoor_DragonCastling.yar │ ├── Windows_Backdoor_Goldbackdoor.yar │ ├── Windows_Backdoor_TeamViewer.yar │ ├── Windows_Cryptominer_Generic.yar │ ├── Windows_Exploit_Dcom.yar │ ├── Windows_Exploit_Eternalblue.yar │ ├── Windows_Exploit_Log4j.yar │ ├── Windows_Hacktool_BlackBone.yar │ ├── Windows_Hacktool_Capcom.yar │ ├── Windows_Hacktool_CheatEngine.yar │ ├── Windows_Hacktool_CpuLocker.yar │ ├── Windows_Hacktool_DarkLoadLibrary.yar │ ├── Windows_Hacktool_Dcsyncer.yar │ ├── Windows_Hacktool_Gmer.yar │ ├── Windows_Hacktool_Havoc.yar │ ├── Windows_Hacktool_LeiGod.yar │ ├── Windows_Hacktool_Mimikatz.yar │ ├── Windows_Hacktool_Nighthawk.yar │ ├── Windows_Hacktool_PhysMem.yar │ ├── Windows_Hacktool_ProcessHacker.yar │ ├── Windows_Hacktool_RWEverything.yar │ ├── Windows_Hacktool_Rubeus.yar │ ├── Windows_Hacktool_SafetyKatz.yar │ ├── Windows_Hacktool_Seatbelt.yar │ ├── Windows_Hacktool_SharPersist.yar │ ├── Windows_Hacktool_SharpAppLocker.yar │ ├── Windows_Hacktool_SharpChromium.yar │ ├── Windows_Hacktool_SharpDump.yar │ ├── Windows_Hacktool_SharpHound.yar │ ├── Windows_Hacktool_SharpLAPS.yar │ ├── Windows_Hacktool_SharpMove.yar │ ├── Windows_Hacktool_SharpRDP.yar │ ├── Windows_Hacktool_SharpShares.yar │ ├── Windows_Hacktool_SharpStay.yar │ ├── Windows_Hacktool_SharpUp.yar │ ├── Windows_Hacktool_SharpView.yar │ ├── Windows_Hacktool_SharpWMI.yar │ ├── Windows_Hacktool_WinPEAS_ng.yar │ ├── Windows_PUP_Veriato.yar │ ├── Windows_Ransomware_Avoslocker.yar │ ├── Windows_Ransomware_Bitpaymer.yar │ ├── Windows_Ransomware_BlackBasta.yar │ ├── Windows_Ransomware_Blackmatter.yar │ ├── Windows_Ransomware_Clop.yar │ ├── Windows_Ransomware_Conti.yar │ ├── Windows_Ransomware_Cuba.yar │ ├── Windows_Ransomware_Darkside.yar │ ├── Windows_Ransomware_Dharma.yar │ ├── Windows_Ransomware_Doppelpaymer.yar │ ├── Windows_Ransomware_Egregor.yar │ ├── Windows_Ransomware_Generic.yar │ ├── Windows_Ransomware_Grief.yar │ ├── Windows_Ransomware_Haron.yar │ ├── Windows_Ransomware_Hellokitty.yar │ ├── Windows_Ransomware_Helloxd.yar │ ├── Windows_Ransomware_Hive.yar │ ├── Windows_Ransomware_Lockbit.yar │ ├── Windows_Ransomware_Lockfile.yar │ ├── Windows_Ransomware_Magniber.yar │ ├── Windows_Ransomware_Makop.yar │ ├── Windows_Ransomware_Maui.yar │ ├── Windows_Ransomware_Maze.yar │ ├── Windows_Ransomware_Mespinoza.yar │ ├── Windows_Ransomware_Mountlocker.yar │ ├── Windows_Ransomware_Nightsky.yar │ ├── Windows_Ransomware_Pandora.yar │ ├── Windows_Ransomware_Phobos.yar │ ├── Windows_Ransomware_Ragnarok.yar │ ├── Windows_Ransomware_Ransomexx.yar │ ├── Windows_Ransomware_Rook.yar │ ├── Windows_Ransomware_Royal.yar │ ├── Windows_Ransomware_Ryuk.yar │ ├── Windows_Ransomware_Snake.yar │ ├── Windows_Ransomware_Sodinokibi.yar │ ├── Windows_Ransomware_Stop.yar │ ├── Windows_Ransomware_Thanos.yar │ ├── Windows_Ransomware_WannaCry.yar │ ├── Windows_Ransomware_WhisperGate.yar │ ├── Windows_Rootkit_R77.yar │ ├── Windows_Shellcode_Generic.yar │ ├── Windows_Trojan_A310logger.yar │ ├── Windows_Trojan_AgentTesla.yar │ ├── Windows_Trojan_Amadey.yar │ ├── Windows_Trojan_ArkeiStealer.yar │ ├── Windows_Trojan_Asyncrat.yar │ ├── Windows_Trojan_AveMaria.yar │ ├── Windows_Trojan_Azorult.yar │ ├── Windows_Trojan_Babylonrat.yar │ ├── Windows_Trojan_Backoff.yar │ ├── Windows_Trojan_Bandook.yar │ ├── Windows_Trojan_Bazar.yar │ ├── Windows_Trojan_Beam.yar │ ├── Windows_Trojan_Bitrat.yar │ ├── Windows_Trojan_BlackShades.yar │ ├── Windows_Trojan_Blister.yar │ ├── Windows_Trojan_BruteRatel.yar │ ├── Windows_Trojan_Buerloader.yar │ ├── Windows_Trojan_Bughatch.yar │ ├── Windows_Trojan_Bumblebee.yar │ ├── Windows_Trojan_CaesarKbd.yar │ ├── Windows_Trojan_Carberp.yar │ ├── Windows_Trojan_Clipbanker.yar │ ├── Windows_Trojan_CobaltStrike.yar │ ├── Windows_Trojan_Cryptbot.yar │ ├── Windows_Trojan_CyberGate.yar │ ├── Windows_Trojan_DBatLoader.yar │ ├── Windows_Trojan_DCRat.yar │ ├── Windows_Trojan_Danabot.yar │ ├── Windows_Trojan_DarkVNC.yar │ ├── Windows_Trojan_Darkcomet.yar │ ├── Windows_Trojan_Deimos.yar │ ├── Windows_Trojan_DiamondFox.yar │ ├── Windows_Trojan_Diceloader.yar │ ├── Windows_Trojan_Donutloader.yar │ ├── Windows_Trojan_DoorMe.yar │ ├── Windows_Trojan_DoubleBack.yar │ ├── Windows_Trojan_Dridex.yar │ ├── Windows_Trojan_Emotet.yar │ ├── Windows_Trojan_Farfli.yar │ ├── Windows_Trojan_Fickerstealer.yar │ ├── Windows_Trojan_Formbook.yar │ ├── Windows_Trojan_Garble.yar │ ├── Windows_Trojan_Generic.yar │ ├── Windows_Trojan_Gh0st.yar │ ├── Windows_Trojan_Glupteba.yar │ ├── Windows_Trojan_Gozi.yar │ ├── Windows_Trojan_Guloader.yar │ ├── Windows_Trojan_Hancitor.yar │ ├── Windows_Trojan_Hawkeye.yar │ ├── Windows_Trojan_IcedID.yar │ ├── Windows_Trojan_JesterStealer.yar │ ├── Windows_Trojan_Jupyter.yar │ ├── Windows_Trojan_Kronos.yar │ ├── Windows_Trojan_Limerat.yar │ ├── Windows_Trojan_Lokibot.yar │ ├── Windows_Trojan_Lucifer.yar │ ├── Windows_Trojan_Lurker.yar │ ├── Windows_Trojan_MassLogger.yar │ ├── Windows_Trojan_Matanbuchus.yar │ ├── Windows_Trojan_Merlin.yar │ ├── Windows_Trojan_Metasploit.yar │ ├── Windows_Trojan_MicroBackdoor.yar │ ├── Windows_Trojan_Nanocore.yar │ ├── Windows_Trojan_NapListener.yar │ ├── Windows_Trojan_Netwire.yar │ ├── Windows_Trojan_Njrat.yar │ ├── Windows_Trojan_Octopus.yar │ ├── Windows_Trojan_OnlyLogger.yar │ ├── Windows_Trojan_OskiStealer.yar │ ├── Windows_Trojan_Pandastealer.yar │ ├── Windows_Trojan_Parallax.yar │ ├── Windows_Trojan_Phoreal.yar │ ├── Windows_Trojan_Pingpull.yar │ ├── Windows_Trojan_PipeDance.yar │ ├── Windows_Trojan_Pony.yar │ ├── Windows_Trojan_PrivateLoader.yar │ ├── Windows_Trojan_ProtectS.yar │ ├── Windows_Trojan_Qbot.yar │ ├── Windows_Trojan_Quasarrat.yar │ ├── Windows_Trojan_Raccoon.yar │ ├── Windows_Trojan_RedLineStealer.yar │ ├── Windows_Trojan_Remcos.yar │ ├── Windows_Trojan_Remotemanipulator.yar │ ├── Windows_Trojan_Revcoderat.yar │ ├── Windows_Trojan_Revengerat.yar │ ├── Windows_Trojan_SVCReady.yar │ ├── Windows_Trojan_ServHelper.yar │ ├── Windows_Trojan_ShadowPad.yar │ ├── Windows_Trojan_SiestaGraph.yar │ ├── Windows_Trojan_Smokeloader.yar │ ├── Windows_Trojan_SnakeKeylogger.yar │ ├── Windows_Trojan_SomniRecord.yar │ ├── Windows_Trojan_Squirrelwaffle.yar │ ├── Windows_Trojan_StormKitty.yar │ ├── Windows_Trojan_SuddenIcon.yar │ ├── Windows_Trojan_SysJoker.yar │ ├── Windows_Trojan_SystemBC.yar │ ├── Windows_Trojan_Tofsee.yar │ ├── Windows_Trojan_Trickbot.yar │ ├── Windows_Trojan_Vidar.yar │ ├── Windows_Trojan_WhisperGate.yar │ ├── Windows_Trojan_Xpertrat.yar │ ├── Windows_Trojan_XtremeRAT.yar │ ├── Windows_Trojan_Zeus.yar │ ├── Windows_Trojan_Zloader.yar │ ├── Windows_VulnDriver_ATSZIO.yar │ ├── Windows_VulnDriver_Amifldrv.yar │ ├── Windows_VulnDriver_ArPot.yar │ ├── Windows_VulnDriver_AsIo.yar │ ├── Windows_VulnDriver_Asrock.yar │ ├── Windows_VulnDriver_Atillk.yar │ ├── Windows_VulnDriver_BSMI.yar │ ├── Windows_VulnDriver_Biostar.yar │ ├── Windows_VulnDriver_Cpuz.yar │ ├── Windows_VulnDriver_DBUtil.yar │ ├── Windows_VulnDriver_DirectIo.yar │ ├── Windows_VulnDriver_Elby.yar │ ├── Windows_VulnDriver_EneIo.yar │ ├── Windows_VulnDriver_Fidpci.yar │ ├── Windows_VulnDriver_GDrv.yar │ ├── Windows_VulnDriver_GlckIo.yar │ ├── Windows_VulnDriver_Gvci.yar │ ├── Windows_VulnDriver_HpPortIo.yar │ ├── Windows_VulnDriver_Iqvw.yar │ ├── Windows_VulnDriver_LLAccess.yar │ ├── Windows_VulnDriver_Lha.yar │ ├── Windows_VulnDriver_MarvinHW.yar │ ├── Windows_VulnDriver_Mhyprot.yar │ ├── Windows_VulnDriver_MicroStar.yar │ ├── Windows_VulnDriver_MsIo.yar │ ├── Windows_VulnDriver_MtcBsv.yar │ ├── Windows_VulnDriver_PowerProfiler.yar │ ├── Windows_VulnDriver_PowerTool.yar │ ├── Windows_VulnDriver_ProcExp.yar │ ├── Windows_VulnDriver_ProcId.yar │ ├── Windows_VulnDriver_RtCore.yar │ ├── Windows_VulnDriver_Rtkio.yar │ ├── Windows_VulnDriver_Ryzen.yar │ ├── Windows_VulnDriver_Sandra.yar │ ├── Windows_VulnDriver_Segwin.yar │ ├── Windows_VulnDriver_Speedfan.yar │ ├── Windows_VulnDriver_TmComm.yar │ ├── Windows_VulnDriver_ToshibaBios.yar │ ├── Windows_VulnDriver_VBox.yar │ ├── Windows_VulnDriver_Viragt.yar │ ├── Windows_VulnDriver_Vmdrv.yar │ ├── Windows_VulnDriver_WinFlash.yar │ ├── Windows_VulnDriver_WinIo.yar │ ├── Windows_VulnDriver_XTier.yar │ ├── Windows_VulnDriver_Zam.yar │ ├── Windows_Wiper_CaddyWiper.yar │ ├── Windows_Wiper_DoubleZero.yar │ ├── Windows_Wiper_HermeticWiper.yar │ └── Windows_Wiper_IsaacWiper.yar ├── wx.png ├── yara_scanner ├── config.json ├── yara_rules │ └── es_rules │ │ ├── Multi_AttackSimulation_Blindspot.yar │ │ ├── Multi_EICAR.yar │ │ ├── Multi_Ransomware_BlackCat.yar │ │ ├── Multi_Ransomware_Luna.yar │ │ ├── Multi_Trojan_Coreimpact.yar │ │ ├── Multi_Trojan_Sliver.yar │ │ ├── Windows_AttackSimulation_Hovercraft.yar │ │ ├── Windows_Backdoor_DragonCastling.yar │ │ ├── Windows_Backdoor_Goldbackdoor.yar │ │ ├── Windows_Backdoor_TeamViewer.yar │ │ ├── Windows_Cryptominer_Generic.yar │ │ ├── Windows_Exploit_Dcom.yar │ │ ├── Windows_Exploit_Eternalblue.yar │ │ ├── Windows_Exploit_Log4j.yar │ │ ├── Windows_Hacktool_BlackBone.yar │ │ ├── Windows_Hacktool_Capcom.yar │ │ ├── Windows_Hacktool_CheatEngine.yar │ │ ├── Windows_Hacktool_CpuLocker.yar │ │ ├── Windows_Hacktool_DarkLoadLibrary.yar │ │ ├── Windows_Hacktool_Dcsyncer.yar │ │ ├── Windows_Hacktool_Gmer.yar │ │ ├── Windows_Hacktool_Havoc.yar │ │ ├── Windows_Hacktool_LeiGod.yar │ │ ├── Windows_Hacktool_Mimikatz.yar │ │ ├── Windows_Hacktool_Nighthawk.yar │ │ ├── Windows_Hacktool_PhysMem.yar │ │ ├── Windows_Hacktool_ProcessHacker.yar │ │ ├── Windows_Hacktool_RWEverything.yar │ │ ├── Windows_Hacktool_Rubeus.yar │ │ ├── Windows_Hacktool_SafetyKatz.yar │ │ ├── Windows_Hacktool_Seatbelt.yar │ │ ├── Windows_Hacktool_SharPersist.yar │ │ ├── Windows_Hacktool_SharpAppLocker.yar │ │ ├── Windows_Hacktool_SharpChromium.yar │ │ ├── Windows_Hacktool_SharpDump.yar │ │ ├── Windows_Hacktool_SharpHound.yar │ │ ├── Windows_Hacktool_SharpLAPS.yar │ │ ├── Windows_Hacktool_SharpMove.yar │ │ ├── Windows_Hacktool_SharpRDP.yar │ │ ├── Windows_Hacktool_SharpShares.yar │ │ ├── Windows_Hacktool_SharpStay.yar │ │ ├── Windows_Hacktool_SharpUp.yar │ │ ├── Windows_Hacktool_SharpView.yar │ │ ├── Windows_Hacktool_SharpWMI.yar │ │ ├── Windows_Hacktool_WinPEAS_ng.yar │ │ ├── Windows_PUP_Veriato.yar │ │ ├── Windows_Ransomware_Avoslocker.yar │ │ ├── Windows_Ransomware_Bitpaymer.yar │ │ ├── Windows_Ransomware_BlackBasta.yar │ │ ├── Windows_Ransomware_Blackmatter.yar │ │ ├── Windows_Ransomware_Clop.yar │ │ ├── Windows_Ransomware_Conti.yar │ │ ├── Windows_Ransomware_Cuba.yar │ │ ├── Windows_Ransomware_Darkside.yar │ │ ├── Windows_Ransomware_Dharma.yar │ │ ├── Windows_Ransomware_Doppelpaymer.yar │ │ ├── Windows_Ransomware_Egregor.yar │ │ ├── Windows_Ransomware_Generic.yar │ │ ├── Windows_Ransomware_Grief.yar │ │ ├── Windows_Ransomware_Haron.yar │ │ ├── Windows_Ransomware_Hellokitty.yar │ │ ├── Windows_Ransomware_Helloxd.yar │ │ ├── Windows_Ransomware_Hive.yar │ │ ├── Windows_Ransomware_Lockbit.yar │ │ ├── Windows_Ransomware_Lockfile.yar │ │ ├── Windows_Ransomware_Magniber.yar │ │ ├── Windows_Ransomware_Makop.yar │ │ ├── Windows_Ransomware_Maui.yar │ │ ├── Windows_Ransomware_Maze.yar │ │ ├── Windows_Ransomware_Mespinoza.yar │ │ ├── Windows_Ransomware_Mountlocker.yar │ │ ├── Windows_Ransomware_Nightsky.yar │ │ ├── Windows_Ransomware_Pandora.yar │ │ ├── Windows_Ransomware_Phobos.yar │ │ ├── Windows_Ransomware_Ragnarok.yar │ │ ├── Windows_Ransomware_Ransomexx.yar │ │ ├── Windows_Ransomware_Rook.yar │ │ ├── Windows_Ransomware_Royal.yar │ │ ├── Windows_Ransomware_Ryuk.yar │ │ ├── Windows_Ransomware_Snake.yar │ │ ├── Windows_Ransomware_Sodinokibi.yar │ │ ├── Windows_Ransomware_Stop.yar │ │ ├── Windows_Ransomware_Thanos.yar │ │ ├── Windows_Ransomware_WannaCry.yar │ │ ├── Windows_Ransomware_WhisperGate.yar │ │ ├── Windows_Rootkit_R77.yar │ │ ├── Windows_Shellcode_Generic.yar │ │ ├── Windows_Trojan_A310logger.yar │ │ ├── Windows_Trojan_AgentTesla.yar │ │ ├── Windows_Trojan_Amadey.yar │ │ ├── Windows_Trojan_ArkeiStealer.yar │ │ ├── Windows_Trojan_Asyncrat.yar │ │ ├── Windows_Trojan_AveMaria.yar │ │ ├── Windows_Trojan_Azorult.yar │ │ ├── Windows_Trojan_Babylonrat.yar │ │ ├── Windows_Trojan_Backoff.yar │ │ ├── Windows_Trojan_Bandook.yar │ │ ├── Windows_Trojan_Bazar.yar │ │ ├── Windows_Trojan_Beam.yar │ │ ├── Windows_Trojan_Bitrat.yar │ │ ├── Windows_Trojan_BlackShades.yar │ │ ├── Windows_Trojan_Blister.yar │ │ ├── Windows_Trojan_BruteRatel.yar │ │ ├── Windows_Trojan_Buerloader.yar │ │ ├── Windows_Trojan_Bughatch.yar │ │ ├── Windows_Trojan_Bumblebee.yar │ │ ├── Windows_Trojan_CaesarKbd.yar │ │ ├── Windows_Trojan_Carberp.yar │ │ ├── Windows_Trojan_Clipbanker.yar │ │ ├── Windows_Trojan_CobaltStrike.yar │ │ ├── Windows_Trojan_Cryptbot.yar │ │ ├── Windows_Trojan_CyberGate.yar │ │ ├── Windows_Trojan_DBatLoader.yar │ │ ├── Windows_Trojan_DCRat.yar │ │ ├── Windows_Trojan_Danabot.yar │ │ ├── Windows_Trojan_DarkVNC.yar │ │ ├── Windows_Trojan_Darkcomet.yar │ │ ├── Windows_Trojan_Deimos.yar │ │ ├── Windows_Trojan_DiamondFox.yar │ │ ├── Windows_Trojan_Diceloader.yar │ │ ├── Windows_Trojan_Donutloader.yar │ │ ├── Windows_Trojan_DoorMe.yar │ │ ├── Windows_Trojan_DoubleBack.yar │ │ ├── Windows_Trojan_Dridex.yar │ │ ├── Windows_Trojan_Emotet.yar │ │ ├── Windows_Trojan_Farfli.yar │ │ ├── Windows_Trojan_Fickerstealer.yar │ │ ├── Windows_Trojan_Formbook.yar │ │ ├── Windows_Trojan_Garble.yar │ │ ├── Windows_Trojan_Generic.yar │ │ ├── Windows_Trojan_Gh0st.yar │ │ ├── Windows_Trojan_Glupteba.yar │ │ ├── Windows_Trojan_Gozi.yar │ │ ├── Windows_Trojan_Guloader.yar │ │ ├── Windows_Trojan_Hancitor.yar │ │ ├── Windows_Trojan_Hawkeye.yar │ │ ├── Windows_Trojan_IcedID.yar │ │ ├── Windows_Trojan_JesterStealer.yar │ │ ├── Windows_Trojan_Jupyter.yar │ │ ├── Windows_Trojan_Kronos.yar │ │ ├── Windows_Trojan_Limerat.yar │ │ ├── Windows_Trojan_Lokibot.yar │ │ ├── Windows_Trojan_Lucifer.yar │ │ ├── Windows_Trojan_Lurker.yar │ │ ├── Windows_Trojan_MassLogger.yar │ │ ├── Windows_Trojan_Matanbuchus.yar │ │ ├── Windows_Trojan_Merlin.yar │ │ ├── Windows_Trojan_Metasploit.yar │ │ ├── Windows_Trojan_MicroBackdoor.yar │ │ ├── Windows_Trojan_Nanocore.yar │ │ ├── Windows_Trojan_NapListener.yar │ │ ├── Windows_Trojan_Netwire.yar │ │ ├── Windows_Trojan_Njrat.yar │ │ ├── Windows_Trojan_Octopus.yar │ │ ├── Windows_Trojan_OnlyLogger.yar │ │ ├── Windows_Trojan_OskiStealer.yar │ │ ├── Windows_Trojan_Pandastealer.yar │ │ ├── Windows_Trojan_Parallax.yar │ │ ├── Windows_Trojan_Phoreal.yar │ │ ├── Windows_Trojan_Pingpull.yar │ │ ├── Windows_Trojan_PipeDance.yar │ │ ├── Windows_Trojan_Pony.yar │ │ ├── Windows_Trojan_PrivateLoader.yar │ │ ├── Windows_Trojan_ProtectS.yar │ │ ├── Windows_Trojan_Qbot.yar │ │ ├── Windows_Trojan_Quasarrat.yar │ │ ├── Windows_Trojan_Raccoon.yar │ │ ├── Windows_Trojan_RedLineStealer.yar │ │ ├── Windows_Trojan_Remcos.yar │ │ ├── Windows_Trojan_Remotemanipulator.yar │ │ ├── Windows_Trojan_Revcoderat.yar │ │ ├── Windows_Trojan_Revengerat.yar │ │ ├── Windows_Trojan_SVCReady.yar │ │ ├── Windows_Trojan_ServHelper.yar │ │ ├── Windows_Trojan_ShadowPad.yar │ │ ├── Windows_Trojan_SiestaGraph.yar │ │ ├── Windows_Trojan_Smokeloader.yar │ │ ├── Windows_Trojan_SnakeKeylogger.yar │ │ ├── Windows_Trojan_SomniRecord.yar │ │ ├── Windows_Trojan_Squirrelwaffle.yar │ │ ├── Windows_Trojan_StormKitty.yar │ │ ├── Windows_Trojan_SuddenIcon.yar │ │ ├── Windows_Trojan_SysJoker.yar │ │ ├── Windows_Trojan_SystemBC.yar │ │ ├── Windows_Trojan_Tofsee.yar │ │ ├── Windows_Trojan_Trickbot.yar │ │ ├── Windows_Trojan_Vidar.yar │ │ ├── Windows_Trojan_WhisperGate.yar │ │ ├── Windows_Trojan_Xpertrat.yar │ │ ├── Windows_Trojan_XtremeRAT.yar │ │ ├── Windows_Trojan_Zeus.yar │ │ ├── Windows_Trojan_Zloader.yar │ │ ├── Windows_VulnDriver_ATSZIO.yar │ │ ├── Windows_VulnDriver_Amifldrv.yar │ │ ├── Windows_VulnDriver_ArPot.yar │ │ ├── Windows_VulnDriver_AsIo.yar │ │ ├── Windows_VulnDriver_Asrock.yar │ │ ├── Windows_VulnDriver_Atillk.yar │ │ ├── Windows_VulnDriver_BSMI.yar │ │ ├── Windows_VulnDriver_Biostar.yar │ │ ├── Windows_VulnDriver_Cpuz.yar │ │ ├── Windows_VulnDriver_DBUtil.yar │ │ ├── Windows_VulnDriver_DirectIo.yar │ │ ├── Windows_VulnDriver_Elby.yar │ │ ├── Windows_VulnDriver_EneIo.yar │ │ ├── Windows_VulnDriver_Fidpci.yar │ │ ├── Windows_VulnDriver_GDrv.yar │ │ ├── Windows_VulnDriver_GlckIo.yar │ │ ├── Windows_VulnDriver_Gvci.yar │ │ ├── Windows_VulnDriver_HpPortIo.yar │ │ ├── Windows_VulnDriver_Iqvw.yar │ │ ├── Windows_VulnDriver_LLAccess.yar │ │ ├── Windows_VulnDriver_Lha.yar │ │ ├── Windows_VulnDriver_MarvinHW.yar │ │ ├── Windows_VulnDriver_Mhyprot.yar │ │ ├── Windows_VulnDriver_MicroStar.yar │ │ ├── Windows_VulnDriver_MsIo.yar │ │ ├── Windows_VulnDriver_MtcBsv.yar │ │ ├── Windows_VulnDriver_PowerProfiler.yar │ │ ├── Windows_VulnDriver_PowerTool.yar │ │ ├── Windows_VulnDriver_ProcExp.yar │ │ ├── Windows_VulnDriver_ProcId.yar │ │ ├── Windows_VulnDriver_RtCore.yar │ │ ├── Windows_VulnDriver_Rtkio.yar │ │ ├── Windows_VulnDriver_Ryzen.yar │ │ ├── Windows_VulnDriver_Sandra.yar │ │ ├── Windows_VulnDriver_Segwin.yar │ │ ├── Windows_VulnDriver_Speedfan.yar │ │ ├── Windows_VulnDriver_TmComm.yar │ │ ├── Windows_VulnDriver_ToshibaBios.yar │ │ ├── Windows_VulnDriver_VBox.yar │ │ ├── Windows_VulnDriver_Viragt.yar │ │ ├── Windows_VulnDriver_Vmdrv.yar │ │ ├── Windows_VulnDriver_WinFlash.yar │ │ ├── Windows_VulnDriver_WinIo.yar │ │ ├── Windows_VulnDriver_XTier.yar │ │ ├── Windows_VulnDriver_Zam.yar │ │ ├── Windows_Wiper_CaddyWiper.yar │ │ ├── Windows_Wiper_DoubleZero.yar │ │ ├── Windows_Wiper_HermeticWiper.yar │ │ └── Windows_Wiper_IsaacWiper.yar └── yara_scanner.exe └── yara_scanner_beta ├── config.json ├── yara_rules ├── Yara-Rules │ ├── cve_rules │ │ ├── CVE-2010-0805.yar │ │ ├── CVE-2010-0887.yar │ │ ├── CVE-2010-1297.yar │ │ ├── CVE-2012-0158.yar │ │ ├── CVE-2013-0074.yar │ │ ├── CVE-2013-0422.yar │ │ ├── CVE-2015-1701.yar │ │ ├── CVE-2015-2426.yar │ │ ├── CVE-2015-2545.yar │ │ ├── CVE-2015-5119.yar │ │ ├── CVE-2016-5195.yar │ │ ├── CVE-2017-11882.yar │ │ ├── CVE-2018-20250.yar │ │ └── CVE-2018-4878.yar │ ├── exploit_kits │ │ ├── EK_Angler.yar │ │ ├── EK_Blackhole.yar │ │ ├── EK_BleedingLife.yar │ │ ├── EK_Crimepack.yar │ │ ├── EK_Eleonore.yar │ │ ├── EK_Fragus.yar │ │ ├── EK_Phoenix.yar │ │ ├── EK_Sakura.yar │ │ ├── EK_ZeroAcces.yar │ │ ├── EK_Zerox88.yar │ │ └── EK_Zeus.yar │ └── webshells │ │ ├── WShell_APT_Laudanum.yar │ │ ├── WShell_ASPXSpy.yar │ │ ├── WShell_ChinaChopper.yar │ │ ├── WShell_Drupalgeddon2_icos.yar │ │ ├── WShell_PHP_Anuna.yar │ │ ├── WShell_PHP_in_images.yar │ │ ├── WShell_THOR_Webshells.yar │ │ ├── Wshell_ChineseSpam.yar │ │ └── Wshell_fire2013.yar ├── es_rules │ ├── Multi_AttackSimulation_Blindspot.yar │ ├── Multi_EICAR.yar │ ├── Multi_Ransomware_BlackCat.yar │ ├── Multi_Ransomware_Luna.yar │ ├── Multi_Trojan_Coreimpact.yar │ ├── Multi_Trojan_Sliver.yar │ ├── Windows_AttackSimulation_Hovercraft.yar │ ├── Windows_Backdoor_DragonCastling.yar │ ├── Windows_Backdoor_Goldbackdoor.yar │ ├── Windows_Backdoor_TeamViewer.yar │ ├── Windows_Cryptominer_Generic.yar │ ├── Windows_Exploit_Dcom.yar │ ├── Windows_Exploit_Eternalblue.yar │ ├── Windows_Exploit_Log4j.yar │ ├── Windows_Hacktool_BlackBone.yar │ ├── Windows_Hacktool_Capcom.yar │ ├── Windows_Hacktool_CheatEngine.yar │ ├── Windows_Hacktool_CpuLocker.yar │ ├── Windows_Hacktool_DarkLoadLibrary.yar │ ├── Windows_Hacktool_Dcsyncer.yar │ ├── Windows_Hacktool_Gmer.yar │ ├── Windows_Hacktool_Havoc.yar │ ├── Windows_Hacktool_LeiGod.yar │ ├── Windows_Hacktool_Mimikatz.yar │ ├── Windows_Hacktool_Nighthawk.yar │ ├── Windows_Hacktool_PhysMem.yar │ ├── Windows_Hacktool_ProcessHacker.yar │ ├── Windows_Hacktool_RWEverything.yar │ ├── Windows_Hacktool_Rubeus.yar │ ├── Windows_Hacktool_SafetyKatz.yar │ ├── Windows_Hacktool_Seatbelt.yar │ ├── Windows_Hacktool_SharPersist.yar │ ├── Windows_Hacktool_SharpAppLocker.yar │ ├── Windows_Hacktool_SharpChromium.yar │ ├── Windows_Hacktool_SharpDump.yar │ ├── Windows_Hacktool_SharpHound.yar │ ├── Windows_Hacktool_SharpLAPS.yar │ ├── Windows_Hacktool_SharpMove.yar │ ├── Windows_Hacktool_SharpRDP.yar │ ├── Windows_Hacktool_SharpShares.yar │ ├── Windows_Hacktool_SharpStay.yar │ ├── Windows_Hacktool_SharpUp.yar │ ├── Windows_Hacktool_SharpView.yar │ ├── Windows_Hacktool_SharpWMI.yar │ ├── Windows_Hacktool_WinPEAS_ng.yar │ ├── Windows_PUP_Veriato.yar │ ├── Windows_Ransomware_Avoslocker.yar │ ├── Windows_Ransomware_Bitpaymer.yar │ ├── Windows_Ransomware_BlackBasta.yar │ ├── Windows_Ransomware_Blackmatter.yar │ ├── Windows_Ransomware_Clop.yar │ ├── Windows_Ransomware_Conti.yar │ ├── Windows_Ransomware_Cuba.yar │ ├── Windows_Ransomware_Darkside.yar │ ├── Windows_Ransomware_Dharma.yar │ ├── Windows_Ransomware_Doppelpaymer.yar │ ├── Windows_Ransomware_Egregor.yar │ ├── Windows_Ransomware_Generic.yar │ ├── Windows_Ransomware_Grief.yar │ ├── Windows_Ransomware_Haron.yar │ ├── Windows_Ransomware_Hellokitty.yar │ ├── Windows_Ransomware_Helloxd.yar │ ├── Windows_Ransomware_Hive.yar │ ├── Windows_Ransomware_Lockbit.yar │ ├── Windows_Ransomware_Lockfile.yar │ ├── Windows_Ransomware_Magniber.yar │ ├── Windows_Ransomware_Makop.yar │ ├── Windows_Ransomware_Maui.yar │ ├── Windows_Ransomware_Maze.yar │ ├── Windows_Ransomware_Mespinoza.yar │ ├── Windows_Ransomware_Mountlocker.yar │ ├── Windows_Ransomware_Nightsky.yar │ ├── Windows_Ransomware_Pandora.yar │ ├── Windows_Ransomware_Phobos.yar │ ├── Windows_Ransomware_Ragnarok.yar │ ├── Windows_Ransomware_Ransomexx.yar │ ├── Windows_Ransomware_Rook.yar │ ├── Windows_Ransomware_Royal.yar │ ├── Windows_Ransomware_Ryuk.yar │ ├── Windows_Ransomware_Snake.yar │ ├── Windows_Ransomware_Sodinokibi.yar │ ├── Windows_Ransomware_Stop.yar │ ├── Windows_Ransomware_Thanos.yar │ ├── Windows_Ransomware_WannaCry.yar │ ├── Windows_Ransomware_WhisperGate.yar │ ├── Windows_Rootkit_R77.yar │ ├── Windows_Shellcode_Generic.yar │ ├── Windows_Trojan_A310logger.yar │ ├── Windows_Trojan_AgentTesla.yar │ ├── Windows_Trojan_Amadey.yar │ ├── Windows_Trojan_ArkeiStealer.yar │ ├── Windows_Trojan_Asyncrat.yar │ ├── Windows_Trojan_AveMaria.yar │ ├── Windows_Trojan_Azorult.yar │ ├── Windows_Trojan_Babylonrat.yar │ ├── Windows_Trojan_Backoff.yar │ ├── Windows_Trojan_Bandook.yar │ ├── Windows_Trojan_Bazar.yar │ ├── Windows_Trojan_Beam.yar │ ├── Windows_Trojan_Bitrat.yar │ ├── Windows_Trojan_BlackShades.yar │ ├── Windows_Trojan_Blister.yar │ ├── Windows_Trojan_BruteRatel.yar │ ├── Windows_Trojan_Buerloader.yar │ ├── Windows_Trojan_Bughatch.yar │ ├── Windows_Trojan_Bumblebee.yar │ ├── Windows_Trojan_CaesarKbd.yar │ ├── Windows_Trojan_Carberp.yar │ ├── Windows_Trojan_Clipbanker.yar │ ├── Windows_Trojan_CobaltStrike.yar │ ├── Windows_Trojan_Cryptbot.yar │ ├── Windows_Trojan_CyberGate.yar │ ├── Windows_Trojan_DBatLoader.yar │ ├── Windows_Trojan_DCRat.yar │ ├── Windows_Trojan_Danabot.yar │ ├── Windows_Trojan_DarkVNC.yar │ ├── Windows_Trojan_Darkcomet.yar │ ├── Windows_Trojan_Deimos.yar │ ├── Windows_Trojan_DiamondFox.yar │ ├── Windows_Trojan_Diceloader.yar │ ├── Windows_Trojan_Donutloader.yar │ ├── Windows_Trojan_DoorMe.yar │ ├── Windows_Trojan_DoubleBack.yar │ ├── Windows_Trojan_Dridex.yar │ ├── Windows_Trojan_Emotet.yar │ ├── Windows_Trojan_Farfli.yar │ ├── Windows_Trojan_Fickerstealer.yar │ ├── Windows_Trojan_Formbook.yar │ ├── Windows_Trojan_Garble.yar │ ├── Windows_Trojan_Generic.yar │ ├── Windows_Trojan_Gh0st.yar │ ├── Windows_Trojan_Glupteba.yar │ ├── Windows_Trojan_Gozi.yar │ ├── Windows_Trojan_Guloader.yar │ ├── Windows_Trojan_Hancitor.yar │ ├── Windows_Trojan_Hawkeye.yar │ ├── Windows_Trojan_IcedID.yar │ ├── Windows_Trojan_JesterStealer.yar │ ├── Windows_Trojan_Jupyter.yar │ ├── Windows_Trojan_Kronos.yar │ ├── Windows_Trojan_Limerat.yar │ ├── Windows_Trojan_Lokibot.yar │ ├── Windows_Trojan_Lucifer.yar │ ├── Windows_Trojan_Lurker.yar │ ├── Windows_Trojan_MassLogger.yar │ ├── Windows_Trojan_Matanbuchus.yar │ ├── Windows_Trojan_Merlin.yar │ ├── Windows_Trojan_Metasploit.yar │ ├── Windows_Trojan_MicroBackdoor.yar │ ├── Windows_Trojan_Nanocore.yar │ ├── Windows_Trojan_NapListener.yar │ ├── Windows_Trojan_Netwire.yar │ ├── Windows_Trojan_Njrat.yar │ ├── Windows_Trojan_Octopus.yar │ ├── Windows_Trojan_OnlyLogger.yar │ ├── Windows_Trojan_OskiStealer.yar │ ├── Windows_Trojan_Pandastealer.yar │ ├── Windows_Trojan_Parallax.yar │ ├── Windows_Trojan_Phoreal.yar │ ├── Windows_Trojan_Pingpull.yar │ ├── Windows_Trojan_PipeDance.yar │ ├── Windows_Trojan_Pony.yar │ ├── Windows_Trojan_PrivateLoader.yar │ ├── Windows_Trojan_ProtectS.yar │ ├── Windows_Trojan_Qbot.yar │ ├── Windows_Trojan_Quasarrat.yar │ ├── Windows_Trojan_Raccoon.yar │ ├── Windows_Trojan_RedLineStealer.yar │ ├── Windows_Trojan_Remcos.yar │ ├── Windows_Trojan_Remotemanipulator.yar │ ├── Windows_Trojan_Revcoderat.yar │ ├── Windows_Trojan_Revengerat.yar │ ├── Windows_Trojan_SVCReady.yar │ ├── Windows_Trojan_ServHelper.yar │ ├── Windows_Trojan_ShadowPad.yar │ ├── Windows_Trojan_SiestaGraph.yar │ ├── Windows_Trojan_Smokeloader.yar │ ├── Windows_Trojan_SnakeKeylogger.yar │ ├── Windows_Trojan_SomniRecord.yar │ ├── Windows_Trojan_Squirrelwaffle.yar │ ├── Windows_Trojan_StormKitty.yar │ ├── Windows_Trojan_SuddenIcon.yar │ ├── Windows_Trojan_SysJoker.yar │ ├── Windows_Trojan_SystemBC.yar │ ├── Windows_Trojan_Tofsee.yar │ ├── Windows_Trojan_Trickbot.yar │ ├── Windows_Trojan_Vidar.yar │ ├── Windows_Trojan_WhisperGate.yar │ ├── Windows_Trojan_Xpertrat.yar │ ├── Windows_Trojan_XtremeRAT.yar │ ├── Windows_Trojan_Zeus.yar │ ├── Windows_Trojan_Zloader.yar │ ├── Windows_VulnDriver_ATSZIO.yar │ ├── Windows_VulnDriver_Amifldrv.yar │ ├── Windows_VulnDriver_ArPot.yar │ ├── Windows_VulnDriver_AsIo.yar │ ├── Windows_VulnDriver_Asrock.yar │ ├── Windows_VulnDriver_Atillk.yar │ ├── Windows_VulnDriver_BSMI.yar │ ├── Windows_VulnDriver_Biostar.yar │ ├── Windows_VulnDriver_Cpuz.yar │ ├── Windows_VulnDriver_DBUtil.yar │ ├── Windows_VulnDriver_DirectIo.yar │ ├── Windows_VulnDriver_Elby.yar │ ├── Windows_VulnDriver_EneIo.yar │ ├── Windows_VulnDriver_Fidpci.yar │ ├── Windows_VulnDriver_GDrv.yar │ ├── Windows_VulnDriver_GlckIo.yar │ ├── Windows_VulnDriver_Gvci.yar │ ├── Windows_VulnDriver_HpPortIo.yar │ ├── Windows_VulnDriver_Iqvw.yar │ ├── Windows_VulnDriver_LLAccess.yar │ ├── Windows_VulnDriver_Lha.yar │ ├── Windows_VulnDriver_MarvinHW.yar │ ├── Windows_VulnDriver_Mhyprot.yar │ ├── Windows_VulnDriver_MicroStar.yar │ ├── Windows_VulnDriver_MsIo.yar │ ├── Windows_VulnDriver_MtcBsv.yar │ ├── Windows_VulnDriver_PowerProfiler.yar │ ├── Windows_VulnDriver_PowerTool.yar │ ├── Windows_VulnDriver_ProcExp.yar │ ├── Windows_VulnDriver_ProcId.yar │ ├── Windows_VulnDriver_RtCore.yar │ ├── Windows_VulnDriver_Rtkio.yar │ ├── Windows_VulnDriver_Ryzen.yar │ ├── Windows_VulnDriver_Sandra.yar │ ├── Windows_VulnDriver_Segwin.yar │ ├── Windows_VulnDriver_Speedfan.yar │ ├── Windows_VulnDriver_TmComm.yar │ ├── Windows_VulnDriver_ToshibaBios.yar │ ├── Windows_VulnDriver_VBox.yar │ ├── Windows_VulnDriver_Viragt.yar │ ├── Windows_VulnDriver_Vmdrv.yar │ ├── Windows_VulnDriver_WinFlash.yar │ ├── Windows_VulnDriver_WinIo.yar │ ├── Windows_VulnDriver_XTier.yar │ ├── Windows_VulnDriver_Zam.yar │ ├── Windows_Wiper_CaddyWiper.yar │ ├── Windows_Wiper_DoubleZero.yar │ ├── Windows_Wiper_HermeticWiper.yar │ └── Windows_Wiper_IsaacWiper.yar └── reversinglabs │ ├── backdoor │ └── Win64.Backdoor.Minodo.yara │ ├── certificate │ └── blocklist.yara │ ├── downloader │ └── Win32.Downloader.dlMarlboro.yara │ ├── exploit │ └── Win32.Exploit.CVE20200601.yara │ ├── infostealer │ ├── Win32.Infostealer.MultigrainPOS.yara │ ├── Win32.Infostealer.ProjectHookPOS.yara │ └── Win32.Infostealer.StealC.yara │ ├── pua │ └── Win32.PUA.Domaiq.yara │ ├── ransomware │ ├── ByteCode.MSIL.Ransomware.Apis.yara │ ├── ByteCode.MSIL.Ransomware.ChupaCabra.yara │ ├── ByteCode.MSIL.Ransomware.Cring.yara │ ├── ByteCode.MSIL.Ransomware.Dusk.yara │ ├── ByteCode.MSIL.Ransomware.EAF.yara │ ├── ByteCode.MSIL.Ransomware.Eternity.yara │ ├── ByteCode.MSIL.Ransomware.Fantom.yara │ ├── ByteCode.MSIL.Ransomware.GhosTEncryptor.yara │ ├── ByteCode.MSIL.Ransomware.Ghostbin.yara │ ├── ByteCode.MSIL.Ransomware.GoodWill.yara │ ├── ByteCode.MSIL.Ransomware.HarpoonLocker.yara │ ├── ByteCode.MSIL.Ransomware.Hog.yara │ ├── ByteCode.MSIL.Ransomware.Invert.yara │ ├── ByteCode.MSIL.Ransomware.Janelle.yara │ ├── ByteCode.MSIL.Ransomware.Khonsari.yara │ ├── ByteCode.MSIL.Ransomware.McBurglar.yara │ ├── ByteCode.MSIL.Ransomware.Moisha.yara │ ├── ByteCode.MSIL.Ransomware.Namaste.yara │ ├── ByteCode.MSIL.Ransomware.Oct.yara │ ├── ByteCode.MSIL.Ransomware.Pacman.yara │ ├── ByteCode.MSIL.Ransomware.PoliceRecords.yara │ ├── ByteCode.MSIL.Ransomware.Povlsomware.yara │ ├── ByteCode.MSIL.Ransomware.Retis.yara │ ├── ByteCode.MSIL.Ransomware.TaRRaK.yara │ ├── ByteCode.MSIL.Ransomware.Thanos.yara │ ├── ByteCode.MSIL.Ransomware.TimeCrypt.yara │ ├── ByteCode.MSIL.Ransomware.TimeTime.yara │ ├── ByteCode.MSIL.Ransomware.Venom.yara │ ├── ByteCode.MSIL.Ransomware.WildFire.yara │ ├── ByteCode.MSIL.Ransomware.WormLocker.yara │ ├── ByteCode.MSIL.Ransomware.ZeroLocker.yara │ ├── Bytecode.MSIL.Ransomware.CobraLocker.yara │ ├── Linux.Ransomware.GwisinLocker.yara │ ├── Linux.Ransomware.KillDisk.yara │ ├── Linux.Ransomware.LuckyJoe.yara │ ├── Linux.Ransomware.RedAlert.yara │ ├── Win32.Ransomware.5ss5c.yara │ ├── Win32.Ransomware.ASN1Encoder.yara │ ├── Win32.Ransomware.Acepy.yara │ ├── Win32.Ransomware.Afrodita.yara │ ├── Win32.Ransomware.Ako.yara │ ├── Win32.Ransomware.Alcatraz.yara │ ├── Win32.Ransomware.AnteFrigus.yara │ ├── Win32.Ransomware.Archiveus.yara │ ├── Win32.Ransomware.Armage.yara │ ├── Win32.Ransomware.Atlas.yara │ ├── Win32.Ransomware.Avaddon.yara │ ├── Win32.Ransomware.AvosLocker.yara │ ├── Win32.Ransomware.BKRansomware.yara │ ├── Win32.Ransomware.Babuk.yara │ ├── Win32.Ransomware.BadBlock.yara │ ├── Win32.Ransomware.Badbeeteam.yara │ ├── Win32.Ransomware.Balaclava.yara │ ├── Win32.Ransomware.Bam2021.yara │ ├── Win32.Ransomware.BananaCrypt.yara │ ├── Win32.Ransomware.BandarChor.yara │ ├── Win32.Ransomware.BitCrypt.yara │ ├── Win32.Ransomware.BlackBasta.yara │ ├── Win32.Ransomware.BlackCat.yara │ ├── Win32.Ransomware.BlackMoon.yara │ ├── Win32.Ransomware.Blitzkrieg.yara │ ├── Win32.Ransomware.BlueLocker.yara │ ├── Win32.Ransomware.BrainCrypt.yara │ ├── Win32.Ransomware.Buran.yara │ ├── Win32.Ransomware.ChiChi.yara │ ├── Win32.Ransomware.Cincoo.yara │ ├── Win32.Ransomware.Clop.yara │ ├── Win32.Ransomware.Conti.yara │ ├── Win32.Ransomware.Cryakl.yara │ ├── Win32.Ransomware.Crypmic.yara │ ├── Win32.Ransomware.Crypren.yara │ ├── Win32.Ransomware.CryptoBit.yara │ ├── Win32.Ransomware.CryptoFortress.yara │ ├── Win32.Ransomware.CryptoJoker.yara │ ├── Win32.Ransomware.CryptoLocker.yara │ ├── Win32.Ransomware.CryptoWall.yara │ ├── Win32.Ransomware.Crysis.yara │ ├── Win32.Ransomware.Cuba.yara │ ├── Win32.Ransomware.DMALocker.yara │ ├── Win32.Ransomware.DMR.yara │ ├── Win32.Ransomware.DarkSide.yara │ ├── Win32.Ransomware.DearCry.yara │ ├── Win32.Ransomware.Defray.yara │ ├── Win32.Ransomware.Delphimorix.yara │ ├── Win32.Ransomware.DenizKizi.yara │ ├── Win32.Ransomware.DesuCrypt.yara │ ├── Win32.Ransomware.Dharma.yara │ ├── Win32.Ransomware.DirtyDecrypt.yara │ ├── Win32.Ransomware.District.yara │ ├── Win32.Ransomware.DogeCrypt.yara │ ├── Win32.Ransomware.Dragon.yara │ ├── Win32.Ransomware.Dualshot.yara │ ├── Win32.Ransomware.Encoded01.yara │ ├── Win32.Ransomware.Erica.yara │ ├── Win32.Ransomware.FCT.yara │ ├── Win32.Ransomware.FLKR.yara │ ├── Win32.Ransomware.FarAttack.yara │ ├── Win32.Ransomware.FenixLocker.yara │ ├── Win32.Ransomware.Ferrlock.yara │ ├── Win32.Ransomware.Flamingo.yara │ ├── Win32.Ransomware.FuxSocy.yara │ ├── Win32.Ransomware.GPGQwerty.yara │ ├── Win32.Ransomware.GandCrab.yara │ ├── Win32.Ransomware.GarrantyDecrypt.yara │ ├── Win32.Ransomware.Gibon.yara │ ├── Win32.Ransomware.GlobeImposter.yara │ ├── Win32.Ransomware.Gomer.yara │ ├── Win32.Ransomware.Good.yara │ ├── Win32.Ransomware.Gpcode.yara │ ├── Win32.Ransomware.GusCrypter.yara │ ├── Win32.Ransomware.HDDCryptor.yara │ ├── Win32.Ransomware.HDMR.yara │ ├── Win32.Ransomware.HakunaMatata.yara │ ├── Win32.Ransomware.Henry.yara │ ├── Win32.Ransomware.HentaiOniichan.yara │ ├── Win32.Ransomware.Hermes.yara │ ├── Win32.Ransomware.Horsedeal.yara │ ├── Win32.Ransomware.HowAreYou.yara │ ├── Win32.Ransomware.HydraCrypt.yara │ ├── Win32.Ransomware.IFN643.yara │ ├── Win32.Ransomware.InfoDot.yara │ ├── Win32.Ransomware.JSWorm.yara │ ├── Win32.Ransomware.Jamper.yara │ ├── Win32.Ransomware.Jemd.yara │ ├── Win32.Ransomware.Jormungand.yara │ ├── Win32.Ransomware.JuicyLemon.yara │ ├── Win32.Ransomware.Kangaroo.yara │ ├── Win32.Ransomware.KawaiiLocker.yara │ ├── Win32.Ransomware.KillDisk.yara │ ├── Win32.Ransomware.Knot.yara │ ├── Win32.Ransomware.Kovter.yara │ ├── Win32.Ransomware.Koxic.yara │ ├── Win32.Ransomware.Kraken.yara │ ├── Win32.Ransomware.Ladon.yara │ ├── Win32.Ransomware.LeChiffre.yara │ ├── Win32.Ransomware.LockBit.yara │ ├── Win32.Ransomware.Lolkek.yara │ ├── Win32.Ransomware.LooCipher.yara │ ├── Win32.Ransomware.Lorenz.yara │ ├── Win32.Ransomware.MRAC.yara │ ├── Win32.Ransomware.MZP.yara │ ├── Win32.Ransomware.Mafia.yara │ ├── Win32.Ransomware.Magniber.yara │ ├── Win32.Ransomware.Major.yara │ ├── Win32.Ransomware.Makop.yara │ ├── Win32.Ransomware.Maktub.yara │ ├── Win32.Ransomware.Marlboro.yara │ ├── Win32.Ransomware.MarsJoke.yara │ ├── Win32.Ransomware.Matsnu.yara │ ├── Win32.Ransomware.MedusaLocker.yara │ ├── Win32.Ransomware.Meow.yara │ ├── Win32.Ransomware.Monalisa.yara │ ├── Win32.Ransomware.Montserrat.yara │ ├── Win32.Ransomware.Motocos.yara │ ├── Win32.Ransomware.MountLocker.yara │ ├── Win32.Ransomware.NB65.yara │ ├── Win32.Ransomware.NanoLocker.yara │ ├── Win32.Ransomware.Nefilim.yara │ ├── Win32.Ransomware.Nemty.yara │ ├── Win32.Ransomware.Networm.yara │ ├── Win32.Ransomware.NotPetya.yara │ ├── Win32.Ransomware.Oni.yara │ ├── Win32.Ransomware.OphionLocker.yara │ ├── Win32.Ransomware.Ouroboros.yara │ ├── Win32.Ransomware.Outsider.yara │ ├── Win32.Ransomware.PXJ.yara │ ├── Win32.Ransomware.Paradise.yara │ ├── Win32.Ransomware.Pay2Key.yara │ ├── Win32.Ransomware.Petya.yara │ ├── Win32.Ransomware.Plague17.yara │ ├── Win32.Ransomware.PrincessLocker.yara │ ├── Win32.Ransomware.Prometey.yara │ ├── Win32.Ransomware.RagnarLocker.yara │ ├── Win32.Ransomware.Ragnarok.yara │ ├── Win32.Ransomware.Ransoc.yara │ ├── Win32.Ransomware.RansomPlus.yara │ ├── Win32.Ransomware.Ransomexx.yara │ ├── Win32.Ransomware.Redeemer.yara │ ├── Win32.Ransomware.RegretLocker.yara │ ├── Win32.Ransomware.RetMyData.yara │ ├── Win32.Ransomware.Reveton.yara │ ├── Win32.Ransomware.Revil.yara │ ├── Win32.Ransomware.Rokku.yara │ ├── Win32.Ransomware.Ryuk.yara │ ├── Win32.Ransomware.Sage.yara │ ├── Win32.Ransomware.Sanwai.yara │ ├── Win32.Ransomware.Sarbloh.yara │ ├── Win32.Ransomware.Satan.yara │ ├── Win32.Ransomware.Satana.yara │ ├── Win32.Ransomware.Saturn.yara │ ├── Win32.Ransomware.Sepsis.yara │ ├── Win32.Ransomware.Serpent.yara │ ├── Win32.Ransomware.SevenSevenSeven.yara │ ├── Win32.Ransomware.ShadowCryptor.yara │ ├── Win32.Ransomware.Sherminator.yara │ ├── Win32.Ransomware.Sifrelendi.yara │ ├── Win32.Ransomware.Sifreli.yara │ ├── Win32.Ransomware.Sigrun.yara │ ├── Win32.Ransomware.Skystars.yara │ ├── Win32.Ransomware.Spora.yara │ ├── Win32.Ransomware.TBLocker.yara │ ├── Win32.Ransomware.TargetCompany.yara │ ├── Win32.Ransomware.TechandStrat.yara │ ├── Win32.Ransomware.TeleCrypt.yara │ ├── Win32.Ransomware.Termite.yara │ ├── Win32.Ransomware.Teslacrypt.yara │ ├── Win32.Ransomware.Teslarvng.yara │ ├── Win32.Ransomware.Thanatos.yara │ ├── Win32.Ransomware.TorrentLocker.yara │ ├── Win32.Ransomware.VHDLocker.yara │ ├── Win32.Ransomware.VegaLocker.yara │ ├── Win32.Ransomware.Velso.yara │ ├── Win32.Ransomware.WannaCry.yara │ ├── Win32.Ransomware.WaspLocker.yara │ ├── Win32.Ransomware.Wastedlocker.yara │ ├── Win32.Ransomware.WinWord64.yara │ ├── Win32.Ransomware.WsIR.yara │ ├── Win32.Ransomware.Xorist.yara │ ├── Win32.Ransomware.Zeoticus.yara │ ├── Win32.Ransomware.Zeppelin.yara │ ├── Win32.Ransomware.ZeroCrypt.yara │ ├── Win32.Ransomware.Zhen.yara │ ├── Win32.Ransomware.Zoldon.yara │ ├── Win64.Ransomware.Ako.yara │ ├── Win64.Ransomware.AntiWar.yara │ ├── Win64.Ransomware.AwesomeScott.yara │ ├── Win64.Ransomware.BlackBasta.yara │ ├── Win64.Ransomware.Curator.yara │ ├── Win64.Ransomware.DST.yara │ ├── Win64.Ransomware.HermeticRansom.yara │ ├── Win64.Ransomware.HotCoffee.yara │ ├── Win64.Ransomware.Nokoyawa.yara │ ├── Win64.Ransomware.Pandora.yara │ ├── Win64.Ransomware.RedRoman.yara │ ├── Win64.Ransomware.Rook.yara │ ├── Win64.Ransomware.SeedLocker.yara │ ├── Win64.Ransomware.Seth.yara │ ├── Win64.Ransomware.Solaso.yara │ ├── Win64.Ransomware.Vovalex.yara │ ├── Win64.Ransomware.WhiteBlackCrypt.yara │ └── Win64.Ransomware.Wintenzz.yara │ ├── trojan │ ├── Win32.Trojan.CaddyWiper.yara │ ├── Win32.Trojan.Dridex.yara │ ├── Win32.Trojan.Emotet.yara │ ├── Win32.Trojan.HermeticWiper.yara │ ├── Win32.Trojan.IsaacWiper.yara │ └── Win32.Trojan.TrickBot.yara │ └── virus │ ├── Linux.Virus.Vit.yara │ ├── Win32.Virus.Awfull.yara │ ├── Win32.Virus.Cmay.yara │ ├── Win32.Virus.DeadCode.yara │ ├── Win32.Virus.Elerad.yara │ ├── Win32.Virus.Greenp.yara │ ├── Win32.Virus.Mocket.yara │ └── Win32.Virus.Negt.yara └── yara_scanner.exe /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/README.md -------------------------------------------------------------------------------- /door_scanner/config.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/door_scanner/config.json -------------------------------------------------------------------------------- /door_scanner/door_scanner_2022_10_20.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/door_scanner/door_scanner_2022_10_20.exe -------------------------------------------------------------------------------- /door_scanner/door_scanner_2022_8_26.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/door_scanner/door_scanner_2022_8_26.exe -------------------------------------------------------------------------------- /door_scanner/door_scanner_2023_8_3.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/door_scanner/door_scanner_2023_8_3.exe -------------------------------------------------------------------------------- /door_scanner/offline_scan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/door_scanner/offline_scan.py -------------------------------------------------------------------------------- /memory_scanner/config.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/config.json -------------------------------------------------------------------------------- /memory_scanner/memory_scanner.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/memory_scanner.exe -------------------------------------------------------------------------------- /memory_scanner/memory_scanner_2024_5_27.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/memory_scanner_2024_5_27.exe -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Multi_EICAR.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Multi_EICAR.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Multi_Ransomware_BlackCat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Multi_Ransomware_BlackCat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Multi_Ransomware_Luna.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Multi_Ransomware_Luna.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Multi_Trojan_Coreimpact.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Multi_Trojan_Coreimpact.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Multi_Trojan_Sliver.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Multi_Trojan_Sliver.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Backdoor_DragonCastling.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Backdoor_DragonCastling.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Backdoor_Goldbackdoor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Backdoor_Goldbackdoor.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Backdoor_TeamViewer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Backdoor_TeamViewer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Cryptominer_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Cryptominer_Generic.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Exploit_Dcom.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Exploit_Dcom.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Exploit_Eternalblue.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Exploit_Eternalblue.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Exploit_Log4j.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Exploit_Log4j.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_BlackBone.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_BlackBone.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_Capcom.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_Capcom.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_CheatEngine.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_CheatEngine.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_CpuLocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_CpuLocker.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_Dcsyncer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_Dcsyncer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_Gmer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_Gmer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_Havoc.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_Havoc.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_LeiGod.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_LeiGod.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_Mimikatz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_Mimikatz.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_Nighthawk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_Nighthawk.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_PhysMem.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_PhysMem.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_ProcessHacker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_ProcessHacker.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_RWEverything.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_RWEverything.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_Rubeus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_Rubeus.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SafetyKatz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SafetyKatz.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_Seatbelt.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_Seatbelt.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharPersist.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharPersist.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpAppLocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpAppLocker.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpChromium.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpChromium.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpDump.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpDump.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpHound.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpHound.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpLAPS.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpLAPS.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpMove.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpMove.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpRDP.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpRDP.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpShares.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpShares.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpStay.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpStay.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpUp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpUp.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpView.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpView.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpWMI.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_SharpWMI.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Hacktool_WinPEAS_ng.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Hacktool_WinPEAS_ng.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_PUP_Veriato.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_PUP_Veriato.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Avoslocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Avoslocker.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Bitpaymer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Bitpaymer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_BlackBasta.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_BlackBasta.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Blackmatter.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Blackmatter.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Clop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Clop.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Conti.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Conti.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Cuba.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Cuba.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Darkside.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Darkside.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Dharma.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Dharma.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Doppelpaymer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Doppelpaymer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Egregor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Egregor.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Generic.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Grief.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Grief.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Haron.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Haron.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Hellokitty.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Hellokitty.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Helloxd.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Helloxd.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Hive.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Hive.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Lockbit.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Lockbit.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Lockfile.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Lockfile.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Magniber.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Magniber.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Makop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Makop.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Maui.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Maui.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Maze.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Maze.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Mespinoza.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Mespinoza.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Mountlocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Mountlocker.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Nightsky.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Nightsky.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Pandora.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Pandora.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Phobos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Phobos.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Ragnarok.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Ragnarok.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Ransomexx.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Ransomexx.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Rook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Rook.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Royal.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Royal.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Ryuk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Ryuk.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Snake.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Snake.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Sodinokibi.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Sodinokibi.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Stop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Stop.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_Thanos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_Thanos.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_WannaCry.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_WannaCry.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Ransomware_WhisperGate.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Ransomware_WhisperGate.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Rootkit_R77.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Rootkit_R77.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Shellcode_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Shellcode_Generic.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_A310logger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_A310logger.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_AgentTesla.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_AgentTesla.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Amadey.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Amadey.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_ArkeiStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_ArkeiStealer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Asyncrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Asyncrat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_AveMaria.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_AveMaria.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Azorult.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Azorult.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Babylonrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Babylonrat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Backoff.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Backoff.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Bandook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Bandook.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Bazar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Bazar.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Beam.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Beam.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Bitrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Bitrat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_BlackShades.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_BlackShades.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Blister.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Blister.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_BruteRatel.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_BruteRatel.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Buerloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Buerloader.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Bughatch.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Bughatch.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Bumblebee.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Bumblebee.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_CaesarKbd.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_CaesarKbd.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Carberp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Carberp.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Clipbanker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Clipbanker.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_CobaltStrike.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_CobaltStrike.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Cryptbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Cryptbot.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_CyberGate.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_CyberGate.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_DBatLoader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_DBatLoader.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_DCRat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_DCRat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Danabot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Danabot.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_DarkVNC.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_DarkVNC.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Darkcomet.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Darkcomet.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Deimos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Deimos.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_DiamondFox.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_DiamondFox.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Diceloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Diceloader.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Donutloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Donutloader.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_DoorMe.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_DoorMe.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_DoubleBack.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_DoubleBack.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Dridex.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Dridex.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Emotet.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Emotet.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Farfli.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Farfli.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Fickerstealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Fickerstealer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Formbook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Formbook.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Garble.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Garble.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Generic.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Gh0st.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Gh0st.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Glupteba.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Glupteba.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Gozi.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Gozi.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Guloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Guloader.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Hancitor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Hancitor.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Hawkeye.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Hawkeye.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_IcedID.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_IcedID.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_JesterStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_JesterStealer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Jupyter.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Jupyter.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Kronos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Kronos.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Limerat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Limerat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Lokibot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Lokibot.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Lucifer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Lucifer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Lurker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Lurker.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_MassLogger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_MassLogger.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Matanbuchus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Matanbuchus.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Merlin.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Merlin.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Metasploit.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Metasploit.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_MicroBackdoor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_MicroBackdoor.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Nanocore.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Nanocore.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_NapListener.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_NapListener.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Netwire.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Netwire.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Njrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Njrat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Octopus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Octopus.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_OnlyLogger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_OnlyLogger.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_OskiStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_OskiStealer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Pandastealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Pandastealer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Parallax.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Parallax.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Phoreal.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Phoreal.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Pingpull.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Pingpull.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_PipeDance.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_PipeDance.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Pony.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Pony.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_PrivateLoader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_PrivateLoader.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_ProtectS.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_ProtectS.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Qbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Qbot.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Quasarrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Quasarrat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Raccoon.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Raccoon.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_RedLineStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_RedLineStealer.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Remcos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Remcos.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Revcoderat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Revcoderat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Revengerat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Revengerat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_SVCReady.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_SVCReady.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_ServHelper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_ServHelper.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_ShadowPad.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_ShadowPad.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_SiestaGraph.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_SiestaGraph.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Smokeloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Smokeloader.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_SnakeKeylogger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_SnakeKeylogger.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_SomniRecord.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_SomniRecord.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Squirrelwaffle.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Squirrelwaffle.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_StormKitty.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_StormKitty.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_SuddenIcon.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_SuddenIcon.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_SysJoker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_SysJoker.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_SystemBC.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_SystemBC.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Tofsee.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Tofsee.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Trickbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Trickbot.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Vidar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Vidar.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_WhisperGate.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_WhisperGate.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Xpertrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Xpertrat.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_XtremeRAT.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_XtremeRAT.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Zeus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Zeus.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Trojan_Zloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Trojan_Zloader.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ATSZIO.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ATSZIO.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Amifldrv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Amifldrv.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ArPot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ArPot.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_AsIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_AsIo.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Asrock.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Asrock.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Atillk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Atillk.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_BSMI.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_BSMI.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Biostar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Biostar.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Cpuz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Cpuz.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_DBUtil.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_DBUtil.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_DirectIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_DirectIo.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Elby.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Elby.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_EneIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_EneIo.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Fidpci.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Fidpci.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_GDrv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_GDrv.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_GlckIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_GlckIo.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Gvci.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Gvci.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_HpPortIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_HpPortIo.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Iqvw.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Iqvw.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_LLAccess.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_LLAccess.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Lha.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Lha.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_MarvinHW.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_MarvinHW.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Mhyprot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Mhyprot.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_MicroStar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_MicroStar.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_MsIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_MsIo.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_MtcBsv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_MtcBsv.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_PowerTool.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_PowerTool.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ProcExp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ProcExp.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ProcId.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ProcId.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_RtCore.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_RtCore.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Rtkio.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Rtkio.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Ryzen.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Ryzen.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Sandra.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Sandra.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Segwin.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Segwin.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Speedfan.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Speedfan.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_TmComm.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_TmComm.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ToshibaBios.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_ToshibaBios.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_VBox.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_VBox.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Viragt.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Viragt.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Vmdrv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Vmdrv.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_WinFlash.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_WinFlash.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_WinIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_WinIo.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_XTier.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_XTier.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Zam.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_VulnDriver_Zam.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Wiper_CaddyWiper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Wiper_CaddyWiper.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Wiper_DoubleZero.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Wiper_DoubleZero.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Wiper_HermeticWiper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Wiper_HermeticWiper.yar -------------------------------------------------------------------------------- /memory_scanner/yara_rules/es_rules/Windows_Wiper_IsaacWiper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/memory_scanner/yara_rules/es_rules/Windows_Wiper_IsaacWiper.yar -------------------------------------------------------------------------------- /wx.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/wx.png -------------------------------------------------------------------------------- /yara_scanner/config.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/config.json -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Multi_AttackSimulation_Blindspot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Multi_AttackSimulation_Blindspot.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Multi_EICAR.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Multi_EICAR.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Multi_Ransomware_BlackCat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Multi_Ransomware_BlackCat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Multi_Ransomware_Luna.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Multi_Ransomware_Luna.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Multi_Trojan_Coreimpact.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Multi_Trojan_Coreimpact.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Multi_Trojan_Sliver.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Multi_Trojan_Sliver.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Backdoor_DragonCastling.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Backdoor_DragonCastling.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Backdoor_Goldbackdoor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Backdoor_Goldbackdoor.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Backdoor_TeamViewer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Backdoor_TeamViewer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Cryptominer_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Cryptominer_Generic.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Exploit_Dcom.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Exploit_Dcom.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Exploit_Eternalblue.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Exploit_Eternalblue.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Exploit_Log4j.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Exploit_Log4j.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_BlackBone.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_BlackBone.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_Capcom.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_Capcom.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_CheatEngine.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_CheatEngine.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_CpuLocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_CpuLocker.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_DarkLoadLibrary.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_DarkLoadLibrary.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_Dcsyncer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_Dcsyncer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_Gmer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_Gmer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_Havoc.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_Havoc.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_LeiGod.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_LeiGod.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_Mimikatz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_Mimikatz.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_Nighthawk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_Nighthawk.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_PhysMem.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_PhysMem.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_ProcessHacker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_ProcessHacker.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_RWEverything.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_RWEverything.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_Rubeus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_Rubeus.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SafetyKatz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SafetyKatz.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_Seatbelt.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_Seatbelt.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharPersist.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharPersist.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpAppLocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpAppLocker.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpChromium.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpChromium.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpDump.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpDump.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpHound.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpHound.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpLAPS.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpLAPS.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpMove.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpMove.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpRDP.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpRDP.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpShares.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpShares.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpStay.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpStay.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpUp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpUp.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpView.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpView.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpWMI.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_SharpWMI.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Hacktool_WinPEAS_ng.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Hacktool_WinPEAS_ng.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_PUP_Veriato.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_PUP_Veriato.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Avoslocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Avoslocker.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Bitpaymer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Bitpaymer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_BlackBasta.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_BlackBasta.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Blackmatter.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Blackmatter.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Clop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Clop.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Conti.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Conti.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Cuba.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Cuba.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Darkside.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Darkside.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Dharma.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Dharma.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Doppelpaymer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Doppelpaymer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Egregor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Egregor.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Generic.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Grief.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Grief.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Haron.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Haron.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Hellokitty.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Hellokitty.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Helloxd.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Helloxd.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Hive.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Hive.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Lockbit.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Lockbit.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Lockfile.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Lockfile.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Magniber.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Magniber.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Makop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Makop.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Maui.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Maui.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Maze.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Maze.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Mespinoza.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Mespinoza.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Mountlocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Mountlocker.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Nightsky.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Nightsky.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Pandora.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Pandora.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Phobos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Phobos.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Ragnarok.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Ragnarok.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Ransomexx.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Ransomexx.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Rook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Rook.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Royal.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Royal.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Ryuk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Ryuk.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Snake.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Snake.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Sodinokibi.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Sodinokibi.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Stop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Stop.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_Thanos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_Thanos.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_WannaCry.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_WannaCry.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Ransomware_WhisperGate.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Ransomware_WhisperGate.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Rootkit_R77.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Rootkit_R77.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Shellcode_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Shellcode_Generic.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_A310logger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_A310logger.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_AgentTesla.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_AgentTesla.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Amadey.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Amadey.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_ArkeiStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_ArkeiStealer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Asyncrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Asyncrat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_AveMaria.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_AveMaria.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Azorult.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Azorult.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Babylonrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Babylonrat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Backoff.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Backoff.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Bandook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Bandook.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Bazar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Bazar.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Beam.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Beam.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Bitrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Bitrat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_BlackShades.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_BlackShades.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Blister.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Blister.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_BruteRatel.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_BruteRatel.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Buerloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Buerloader.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Bughatch.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Bughatch.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Bumblebee.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Bumblebee.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_CaesarKbd.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_CaesarKbd.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Carberp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Carberp.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Clipbanker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Clipbanker.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_CobaltStrike.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_CobaltStrike.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Cryptbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Cryptbot.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_CyberGate.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_CyberGate.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_DBatLoader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_DBatLoader.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_DCRat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_DCRat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Danabot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Danabot.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_DarkVNC.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_DarkVNC.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Darkcomet.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Darkcomet.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Deimos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Deimos.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_DiamondFox.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_DiamondFox.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Diceloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Diceloader.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Donutloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Donutloader.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_DoorMe.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_DoorMe.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_DoubleBack.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_DoubleBack.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Dridex.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Dridex.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Emotet.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Emotet.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Farfli.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Farfli.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Fickerstealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Fickerstealer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Formbook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Formbook.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Garble.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Garble.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Generic.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Gh0st.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Gh0st.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Glupteba.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Glupteba.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Gozi.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Gozi.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Guloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Guloader.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Hancitor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Hancitor.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Hawkeye.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Hawkeye.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_IcedID.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_IcedID.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_JesterStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_JesterStealer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Jupyter.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Jupyter.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Kronos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Kronos.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Limerat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Limerat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Lokibot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Lokibot.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Lucifer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Lucifer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Lurker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Lurker.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_MassLogger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_MassLogger.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Matanbuchus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Matanbuchus.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Merlin.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Merlin.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Metasploit.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Metasploit.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_MicroBackdoor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_MicroBackdoor.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Nanocore.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Nanocore.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_NapListener.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_NapListener.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Netwire.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Netwire.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Njrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Njrat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Octopus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Octopus.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_OnlyLogger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_OnlyLogger.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_OskiStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_OskiStealer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Pandastealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Pandastealer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Parallax.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Parallax.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Phoreal.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Phoreal.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Pingpull.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Pingpull.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_PipeDance.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_PipeDance.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Pony.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Pony.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_PrivateLoader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_PrivateLoader.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_ProtectS.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_ProtectS.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Qbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Qbot.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Quasarrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Quasarrat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Raccoon.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Raccoon.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_RedLineStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_RedLineStealer.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Remcos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Remcos.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Remotemanipulator.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Remotemanipulator.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Revcoderat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Revcoderat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Revengerat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Revengerat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_SVCReady.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_SVCReady.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_ServHelper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_ServHelper.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_ShadowPad.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_ShadowPad.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_SiestaGraph.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_SiestaGraph.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Smokeloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Smokeloader.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_SnakeKeylogger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_SnakeKeylogger.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_SomniRecord.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_SomniRecord.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Squirrelwaffle.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Squirrelwaffle.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_StormKitty.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_StormKitty.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_SuddenIcon.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_SuddenIcon.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_SysJoker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_SysJoker.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_SystemBC.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_SystemBC.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Tofsee.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Tofsee.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Trickbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Trickbot.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Vidar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Vidar.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_WhisperGate.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_WhisperGate.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Xpertrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Xpertrat.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_XtremeRAT.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_XtremeRAT.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Zeus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Zeus.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Trojan_Zloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Trojan_Zloader.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ATSZIO.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ATSZIO.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Amifldrv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Amifldrv.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ArPot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ArPot.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_AsIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_AsIo.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Asrock.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Asrock.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Atillk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Atillk.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_BSMI.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_BSMI.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Biostar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Biostar.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Cpuz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Cpuz.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_DBUtil.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_DBUtil.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_DirectIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_DirectIo.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Elby.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Elby.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_EneIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_EneIo.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Fidpci.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Fidpci.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_GDrv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_GDrv.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_GlckIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_GlckIo.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Gvci.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Gvci.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_HpPortIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_HpPortIo.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Iqvw.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Iqvw.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_LLAccess.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_LLAccess.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Lha.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Lha.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_MarvinHW.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_MarvinHW.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Mhyprot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Mhyprot.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_MicroStar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_MicroStar.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_MsIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_MsIo.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_MtcBsv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_MtcBsv.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_PowerProfiler.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_PowerProfiler.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_PowerTool.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_PowerTool.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ProcExp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ProcExp.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ProcId.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ProcId.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_RtCore.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_RtCore.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Rtkio.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Rtkio.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Ryzen.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Ryzen.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Sandra.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Sandra.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Segwin.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Segwin.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Speedfan.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Speedfan.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_TmComm.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_TmComm.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ToshibaBios.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_ToshibaBios.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_VBox.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_VBox.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Viragt.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Viragt.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Vmdrv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Vmdrv.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_WinFlash.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_WinFlash.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_WinIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_WinIo.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_XTier.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_XTier.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Zam.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_VulnDriver_Zam.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Wiper_CaddyWiper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Wiper_CaddyWiper.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Wiper_DoubleZero.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Wiper_DoubleZero.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Wiper_HermeticWiper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Wiper_HermeticWiper.yar -------------------------------------------------------------------------------- /yara_scanner/yara_rules/es_rules/Windows_Wiper_IsaacWiper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_rules/es_rules/Windows_Wiper_IsaacWiper.yar -------------------------------------------------------------------------------- /yara_scanner/yara_scanner.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner/yara_scanner.exe -------------------------------------------------------------------------------- /yara_scanner_beta/config.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/config.json -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2010-0805.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2010-0805.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2010-0887.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2010-0887.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2010-1297.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2010-1297.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2012-0158.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2012-0158.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2013-0074.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2013-0074.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2013-0422.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2013-0422.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2015-1701.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2015-1701.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2015-2426.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2015-2426.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2015-2545.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2015-2545.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2015-5119.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2015-5119.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2016-5195.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2016-5195.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2017-11882.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2017-11882.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2018-20250.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2018-20250.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2018-4878.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/cve_rules/CVE-2018-4878.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Angler.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Angler.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Blackhole.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Blackhole.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Crimepack.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Crimepack.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Eleonore.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Eleonore.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Fragus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Fragus.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Phoenix.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Phoenix.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Sakura.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Sakura.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_ZeroAcces.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_ZeroAcces.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Zerox88.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Zerox88.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Zeus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/exploit_kits/EK_Zeus.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/webshells/WShell_ASPXSpy.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/webshells/WShell_ASPXSpy.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/webshells/WShell_PHP_Anuna.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/webshells/WShell_PHP_Anuna.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/Yara-Rules/webshells/Wshell_fire2013.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/Yara-Rules/webshells/Wshell_fire2013.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Multi_EICAR.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Multi_EICAR.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Multi_Ransomware_BlackCat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Multi_Ransomware_BlackCat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Multi_Ransomware_Luna.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Multi_Ransomware_Luna.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Multi_Trojan_Coreimpact.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Multi_Trojan_Coreimpact.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Multi_Trojan_Sliver.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Multi_Trojan_Sliver.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Backdoor_TeamViewer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Backdoor_TeamViewer.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Cryptominer_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Cryptominer_Generic.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Exploit_Dcom.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Exploit_Dcom.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Exploit_Eternalblue.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Exploit_Eternalblue.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Exploit_Log4j.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Exploit_Log4j.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_BlackBone.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_BlackBone.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Capcom.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Capcom.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_CheatEngine.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_CheatEngine.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_CpuLocker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_CpuLocker.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Dcsyncer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Dcsyncer.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Gmer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Gmer.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Havoc.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Havoc.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_LeiGod.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_LeiGod.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Mimikatz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Mimikatz.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Nighthawk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Nighthawk.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_PhysMem.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_PhysMem.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Rubeus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Rubeus.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SafetyKatz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SafetyKatz.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Seatbelt.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_Seatbelt.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharPersist.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharPersist.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpDump.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpDump.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpHound.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpHound.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpLAPS.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpLAPS.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpMove.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpMove.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpRDP.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpRDP.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpShares.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpShares.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpStay.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpStay.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpUp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpUp.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpView.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpView.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpWMI.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Hacktool_SharpWMI.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_PUP_Veriato.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_PUP_Veriato.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Clop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Clop.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Conti.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Conti.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Cuba.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Cuba.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Dharma.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Dharma.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Egregor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Egregor.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Generic.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Grief.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Grief.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Haron.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Haron.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Helloxd.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Helloxd.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Hive.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Hive.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Lockbit.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Lockbit.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Makop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Makop.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Maui.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Maui.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Maze.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Maze.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Pandora.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Pandora.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Phobos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Phobos.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Rook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Rook.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Royal.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Royal.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Ryuk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Ryuk.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Snake.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Snake.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Stop.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Stop.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Thanos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Ransomware_Thanos.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Rootkit_R77.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Rootkit_R77.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Shellcode_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Shellcode_Generic.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_A310logger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_A310logger.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_AgentTesla.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_AgentTesla.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Amadey.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Amadey.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Asyncrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Asyncrat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_AveMaria.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_AveMaria.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Azorult.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Azorult.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Babylonrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Babylonrat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Backoff.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Backoff.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bandook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bandook.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bazar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bazar.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Beam.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Beam.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bitrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bitrat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_BlackShades.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_BlackShades.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Blister.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Blister.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_BruteRatel.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_BruteRatel.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Buerloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Buerloader.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bughatch.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bughatch.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bumblebee.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Bumblebee.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_CaesarKbd.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_CaesarKbd.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Carberp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Carberp.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Clipbanker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Clipbanker.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Cryptbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Cryptbot.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_CyberGate.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_CyberGate.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DBatLoader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DBatLoader.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DCRat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DCRat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Danabot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Danabot.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DarkVNC.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DarkVNC.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Darkcomet.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Darkcomet.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Deimos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Deimos.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DiamondFox.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DiamondFox.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Diceloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Diceloader.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Donutloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Donutloader.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DoorMe.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DoorMe.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DoubleBack.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_DoubleBack.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Dridex.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Dridex.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Emotet.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Emotet.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Farfli.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Farfli.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Formbook.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Formbook.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Garble.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Garble.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Generic.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Generic.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Gh0st.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Gh0st.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Glupteba.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Glupteba.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Gozi.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Gozi.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Guloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Guloader.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Hancitor.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Hancitor.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Hawkeye.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Hawkeye.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_IcedID.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_IcedID.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Jupyter.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Jupyter.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Kronos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Kronos.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Limerat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Limerat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Lokibot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Lokibot.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Lucifer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Lucifer.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Lurker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Lurker.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_MassLogger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_MassLogger.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Matanbuchus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Matanbuchus.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Merlin.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Merlin.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Metasploit.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Metasploit.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Nanocore.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Nanocore.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_NapListener.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_NapListener.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Netwire.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Netwire.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Njrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Njrat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Octopus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Octopus.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_OnlyLogger.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_OnlyLogger.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_OskiStealer.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_OskiStealer.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Parallax.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Parallax.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Phoreal.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Phoreal.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Pingpull.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Pingpull.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_PipeDance.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_PipeDance.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Pony.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Pony.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_ProtectS.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_ProtectS.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Qbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Qbot.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Quasarrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Quasarrat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Raccoon.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Raccoon.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Remcos.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Remcos.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Revcoderat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Revcoderat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Revengerat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Revengerat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SVCReady.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SVCReady.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_ServHelper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_ServHelper.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_ShadowPad.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_ShadowPad.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SiestaGraph.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SiestaGraph.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Smokeloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Smokeloader.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SomniRecord.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SomniRecord.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_StormKitty.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_StormKitty.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SuddenIcon.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SuddenIcon.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SysJoker.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SysJoker.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SystemBC.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_SystemBC.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Tofsee.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Tofsee.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Trickbot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Trickbot.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Vidar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Vidar.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_WhisperGate.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_WhisperGate.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Xpertrat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Xpertrat.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_XtremeRAT.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_XtremeRAT.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Zeus.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Zeus.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Zloader.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Trojan_Zloader.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_ATSZIO.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_ATSZIO.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_ArPot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_ArPot.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_AsIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_AsIo.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Asrock.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Asrock.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Atillk.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Atillk.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_BSMI.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_BSMI.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Biostar.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Biostar.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Cpuz.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Cpuz.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_DBUtil.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_DBUtil.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Elby.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Elby.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_EneIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_EneIo.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Fidpci.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Fidpci.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_GDrv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_GDrv.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_GlckIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_GlckIo.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Gvci.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Gvci.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Iqvw.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Iqvw.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Lha.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Lha.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Mhyprot.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Mhyprot.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_MsIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_MsIo.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_MtcBsv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_MtcBsv.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_ProcExp.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_ProcExp.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_ProcId.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_ProcId.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_RtCore.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_RtCore.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Rtkio.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Rtkio.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Ryzen.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Ryzen.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Sandra.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Sandra.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Segwin.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Segwin.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_TmComm.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_TmComm.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_VBox.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_VBox.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Viragt.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Viragt.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Vmdrv.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Vmdrv.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_WinIo.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_WinIo.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_XTier.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_XTier.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Zam.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_VulnDriver_Zam.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Wiper_CaddyWiper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Wiper_CaddyWiper.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Wiper_DoubleZero.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Wiper_DoubleZero.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/es_rules/Windows_Wiper_IsaacWiper.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/es_rules/Windows_Wiper_IsaacWiper.yar -------------------------------------------------------------------------------- /yara_scanner_beta/yara_rules/reversinglabs/pua/Win32.PUA.Domaiq.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_rules/reversinglabs/pua/Win32.PUA.Domaiq.yara -------------------------------------------------------------------------------- /yara_scanner_beta/yara_scanner.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RoomaSec/RmTools/HEAD/yara_scanner_beta/yara_scanner.exe --------------------------------------------------------------------------------