├── .gitignore
├── APT
    ├── dtrack_lazarus_group.yar
    ├── micropsia_apt_c_23.yar
    ├── poshc2_apt_33.yar
    └── powerton_apt_33.yar
├── Behavioral
    └── steganography.yar
├── Broadbased
    ├── agent_tesla.yar
    ├── asyncrat.yar
    ├── ave_maria_warzone_rat.yar
    ├── azorult_plus_plus.yar
    ├── bitrat_unpacked.yar
    ├── blackremote_blackrat.yar
    ├── darktrack_rat.yar
    ├── dcrat.yar
    ├── engwultimate.yar
    ├── formbook.yar
    ├── frat.yar
    ├── infostealers.yar
    ├── kleptoparasite.yar
    ├── lockergoga.yar
    ├── megacortex.yar
    ├── metamorfo.yar
    ├── nanocore.yar
    ├── netwire.yar
    ├── parallax_rat.yar
    ├── quasarrat.yar
    ├── redline.yar
    ├── remcos.yar
    ├── ursnif_gozi_isfb.yar
    ├── venomrat.yar
    ├── wsh_rat.yar
    ├── xenorat.yar
    └── xworm.yar
├── LICENSE.md
└── README.md


/.gitignore:
--------------------------------------------------------------------------------
1 | .history/
2 | 


--------------------------------------------------------------------------------
/APT/dtrack_lazarus_group.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/APT/dtrack_lazarus_group.yar


--------------------------------------------------------------------------------
/APT/micropsia_apt_c_23.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/APT/micropsia_apt_c_23.yar


--------------------------------------------------------------------------------
/APT/poshc2_apt_33.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/APT/poshc2_apt_33.yar


--------------------------------------------------------------------------------
/APT/powerton_apt_33.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/APT/powerton_apt_33.yar


--------------------------------------------------------------------------------
/Behavioral/steganography.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Behavioral/steganography.yar


--------------------------------------------------------------------------------
/Broadbased/agent_tesla.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/agent_tesla.yar


--------------------------------------------------------------------------------
/Broadbased/asyncrat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/asyncrat.yar


--------------------------------------------------------------------------------
/Broadbased/ave_maria_warzone_rat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/ave_maria_warzone_rat.yar


--------------------------------------------------------------------------------
/Broadbased/azorult_plus_plus.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/azorult_plus_plus.yar


--------------------------------------------------------------------------------
/Broadbased/bitrat_unpacked.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/bitrat_unpacked.yar


--------------------------------------------------------------------------------
/Broadbased/blackremote_blackrat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/blackremote_blackrat.yar


--------------------------------------------------------------------------------
/Broadbased/darktrack_rat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/darktrack_rat.yar


--------------------------------------------------------------------------------
/Broadbased/dcrat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/dcrat.yar


--------------------------------------------------------------------------------
/Broadbased/engwultimate.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/engwultimate.yar


--------------------------------------------------------------------------------
/Broadbased/formbook.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/formbook.yar


--------------------------------------------------------------------------------
/Broadbased/frat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/frat.yar


--------------------------------------------------------------------------------
/Broadbased/infostealers.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/infostealers.yar


--------------------------------------------------------------------------------
/Broadbased/kleptoparasite.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/kleptoparasite.yar


--------------------------------------------------------------------------------
/Broadbased/lockergoga.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/lockergoga.yar


--------------------------------------------------------------------------------
/Broadbased/megacortex.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/megacortex.yar


--------------------------------------------------------------------------------
/Broadbased/metamorfo.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/metamorfo.yar


--------------------------------------------------------------------------------
/Broadbased/nanocore.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/nanocore.yar


--------------------------------------------------------------------------------
/Broadbased/netwire.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/netwire.yar


--------------------------------------------------------------------------------
/Broadbased/parallax_rat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/parallax_rat.yar


--------------------------------------------------------------------------------
/Broadbased/quasarrat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/quasarrat.yar


--------------------------------------------------------------------------------
/Broadbased/redline.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/redline.yar


--------------------------------------------------------------------------------
/Broadbased/remcos.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/remcos.yar


--------------------------------------------------------------------------------
/Broadbased/ursnif_gozi_isfb.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/ursnif_gozi_isfb.yar


--------------------------------------------------------------------------------
/Broadbased/venomrat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/venomrat.yar


--------------------------------------------------------------------------------
/Broadbased/wsh_rat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/wsh_rat.yar


--------------------------------------------------------------------------------
/Broadbased/xenorat.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/xenorat.yar


--------------------------------------------------------------------------------
/Broadbased/xworm.yar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/Broadbased/xworm.yar


--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/LICENSE.md


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jeFF0Falltrades/YARA-Signatures/HEAD/README.md


--------------------------------------------------------------------------------