├── README.md
├── extra
    └── yara.vim
├── filetypes.yara
├── malware-families
    ├── 3102.yara
    ├── 9002.yara
    ├── UP007.yara
    ├── bangat.yara
    ├── boouset.yara
    ├── comfoo.yara
    ├── cookies.yara
    ├── cxpid.yara
    ├── enfal.yara
    ├── ezcob.yara
    ├── fakem.yara
    ├── favorite.yara
    ├── glasses.yara
    ├── iexpl0re.yara
    ├── imuler.yara
    ├── insta11.yara
    ├── keyboy.yara
    ├── luckycat.yara
    ├── lurk0+cctv0.yara
    ├── maccontrol.yara
    ├── malware-families.yara
    ├── mirage.yara
    ├── mongal.yara
    ├── msattacker.yara
    ├── naikon.yara
    ├── naspyupdate.yara
    ├── nettraveler.yara
    ├── nsfree.yara
    ├── olyx.yara
    ├── plugx.yara
    ├── pubsab.yara
    ├── quarian.yara
    ├── regsubdat.yara
    ├── remote.yara
    ├── rookie.yara
    ├── rooter.yara
    ├── safenet.yara
    ├── scarhikn.yara
    ├── surtr.yara
    ├── t5000.yara
    ├── vidgrab.yara
    ├── warp.yara
    ├── wimmie.yara
    ├── xtreme.yara
    └── yayih.yara
├── oleidentifiers.yara
└── payloads.yara


/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/README.md


--------------------------------------------------------------------------------
/extra/yara.vim:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/extra/yara.vim


--------------------------------------------------------------------------------
/filetypes.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/filetypes.yara


--------------------------------------------------------------------------------
/malware-families/3102.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/3102.yara


--------------------------------------------------------------------------------
/malware-families/9002.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/9002.yara


--------------------------------------------------------------------------------
/malware-families/UP007.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/UP007.yara


--------------------------------------------------------------------------------
/malware-families/bangat.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/bangat.yara


--------------------------------------------------------------------------------
/malware-families/boouset.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/boouset.yara


--------------------------------------------------------------------------------
/malware-families/comfoo.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/comfoo.yara


--------------------------------------------------------------------------------
/malware-families/cookies.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/cookies.yara


--------------------------------------------------------------------------------
/malware-families/cxpid.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/cxpid.yara


--------------------------------------------------------------------------------
/malware-families/enfal.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/enfal.yara


--------------------------------------------------------------------------------
/malware-families/ezcob.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/ezcob.yara


--------------------------------------------------------------------------------
/malware-families/fakem.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/fakem.yara


--------------------------------------------------------------------------------
/malware-families/favorite.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/favorite.yara


--------------------------------------------------------------------------------
/malware-families/glasses.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/glasses.yara


--------------------------------------------------------------------------------
/malware-families/iexpl0re.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/iexpl0re.yara


--------------------------------------------------------------------------------
/malware-families/imuler.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/imuler.yara


--------------------------------------------------------------------------------
/malware-families/insta11.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/insta11.yara


--------------------------------------------------------------------------------
/malware-families/keyboy.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/keyboy.yara


--------------------------------------------------------------------------------
/malware-families/luckycat.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/luckycat.yara


--------------------------------------------------------------------------------
/malware-families/lurk0+cctv0.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/lurk0+cctv0.yara


--------------------------------------------------------------------------------
/malware-families/maccontrol.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/maccontrol.yara


--------------------------------------------------------------------------------
/malware-families/malware-families.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/malware-families.yara


--------------------------------------------------------------------------------
/malware-families/mirage.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/mirage.yara


--------------------------------------------------------------------------------
/malware-families/mongal.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/mongal.yara


--------------------------------------------------------------------------------
/malware-families/msattacker.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/msattacker.yara


--------------------------------------------------------------------------------
/malware-families/naikon.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/naikon.yara


--------------------------------------------------------------------------------
/malware-families/naspyupdate.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/naspyupdate.yara


--------------------------------------------------------------------------------
/malware-families/nettraveler.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/nettraveler.yara


--------------------------------------------------------------------------------
/malware-families/nsfree.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/nsfree.yara


--------------------------------------------------------------------------------
/malware-families/olyx.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/olyx.yara


--------------------------------------------------------------------------------
/malware-families/plugx.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/plugx.yara


--------------------------------------------------------------------------------
/malware-families/pubsab.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/pubsab.yara


--------------------------------------------------------------------------------
/malware-families/quarian.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/quarian.yara


--------------------------------------------------------------------------------
/malware-families/regsubdat.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/regsubdat.yara


--------------------------------------------------------------------------------
/malware-families/remote.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/remote.yara


--------------------------------------------------------------------------------
/malware-families/rookie.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/rookie.yara


--------------------------------------------------------------------------------
/malware-families/rooter.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/rooter.yara


--------------------------------------------------------------------------------
/malware-families/safenet.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/safenet.yara


--------------------------------------------------------------------------------
/malware-families/scarhikn.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/scarhikn.yara


--------------------------------------------------------------------------------
/malware-families/surtr.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/surtr.yara


--------------------------------------------------------------------------------
/malware-families/t5000.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/t5000.yara


--------------------------------------------------------------------------------
/malware-families/vidgrab.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/vidgrab.yara


--------------------------------------------------------------------------------
/malware-families/warp.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/warp.yara


--------------------------------------------------------------------------------
/malware-families/wimmie.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/wimmie.yara


--------------------------------------------------------------------------------
/malware-families/xtreme.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/xtreme.yara


--------------------------------------------------------------------------------
/malware-families/yayih.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/malware-families/yayih.yara


--------------------------------------------------------------------------------
/oleidentifiers.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/oleidentifiers.yara


--------------------------------------------------------------------------------
/payloads.yara:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/citizenlab/malware-signatures/HEAD/payloads.yara


--------------------------------------------------------------------------------