Mobile rules based on Androguard are now deprecated. Folders were ren…

…amed. Index regenerated.
Yara-Rules · Jan 8, 2020 · eca2af0 · eca2af0
1 parent b979e00
commit eca2af0
Show file tree

Hide file tree

Showing 113 changed files with 233 additions and 352 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -1,41 +1,37 @@
 language: c
 sudo: required
-#dist: trusty
+
 before_install:
   - sudo apt-get -qq update
-  - sudo apt-get install jq
+  - sudo apt-get install -y \
+    automake \
+    libtool \
+    make \
+    gcc \
+    pkg-config \
+    flex \
+    bison \
+    libjansson-dev \
+    libmagic-dev \
+    libssl-dev \
+    jq
 # Yara
   - wget $(curl -s https://api.github.com/repos/VirusTotal/yara/releases/latest | jq -r ".tarball_url") -O yara.tar.gz
-  #- wget $(wget -O - https://api.github.com/repos/VirusTotal/yara/releases/9250110 | jq -r ".tarball_url") -O yara.tar.gz
   - mkdir yara
   - tar -C yara -xzvf yara.tar.gz --strip-components 1
-# Androguard for Yara
-  - wget https://raw.githubusercontent.com/Koodous/androguard-yara/master/androguard.c -O yara/libyara/modules/androguard.c
-  - wget https://raw.githubusercontent.com/Koodous/androguard-yara/master/dist/yara-3.7.0/libyara/modules/module_list -O yara/libyara/modules/module_list
-  - wget https://raw.githubusercontent.com/Koodous/androguard-yara/master/dist/yara-3.7.0/libyara/Makefile.am -O yara/libyara/Makefile.am
-# libjansson
-  - wget http://www.digip.org/jansson/releases/jansson-2.7.tar.gz
-  - tar -xzvf jansson-2.7.tar.gz
-  - cd jansson-2.7
-  - ./configure
-  - make
-  - sudo make install
-
 # Compile Yara
   - cd ../yara
   # Update per issue 176
-  - sed -i 's/#define RE_MAX_SPLIT_ID     128/#define RE_MAX_SPLIT_ID     255/g' libyara/re.c
+  - sed -i 's/#define RE_MAX_SPLIT_ID     128/#define RE_MAX_SPLIT_ID     255/g' libyara/include/yara/limits.h
   - ./bootstrap.sh
-  - ./configure --enable-cuckoo
+  - ./configure --enable-cuckoo --enable-magic --with-crypto
   - make
   - sudo make install
   - sudo ldconfig
   - cd ../
 
 script:
   - echo "test" > testfile
-  - echo "{}" > androguard_report.json
   - FALLO=0
-#  - for j in $(ls -d */); do for i in $(find $j -type f -name "*.yara" ; find $j -type f -name "*.yar"); do echo $i; yara -x androguard=androguard_report.json $i testfile; if [[ $? -ne 0 ]]; then FALLO=1; fi; done; done
-  - for i in $(ls *_index.yar); do echo $i; yara -w -x androguard=androguard_report.json $i testfile; if [[ $? -ne 0 ]]; then FALLO=1; fi; done
+  - for i in $(ls *_index.yar); do echo $i; yara -w $i testfile; if [[ $? -ne 0 ]]; then FALLO=1; fi; done
   - exit $FALLO
diff --git a/Antidebug_AntiVM_index.yar b/Antidebug_AntiVM_index.yar
@@ -1,5 +1,5 @@
 /*
 Generated by Yara-Rules
-On 26-11-2019
+On 08-01-2020
 */
-include "./Antidebug_AntiVM/antidebug_antivm.yar"
+include "./antidebug_antivm/antidebug_antivm.yar"
diff --git a/CVE_Rules_index.yar b/CVE_Rules_index.yar
@@ -1,18 +1,18 @@
 /*
 Generated by Yara-Rules
-On 26-11-2019
+On 08-01-2020
 */
-include "./CVE_Rules/CVE-2010-0805.yar"
-include "./CVE_Rules/CVE-2010-0887.yar"
-include "./CVE_Rules/CVE-2010-1297.yar"
-include "./CVE_Rules/CVE-2012-0158.yar"
-include "./CVE_Rules/CVE-2013-0074.yar"
-include "./CVE_Rules/CVE-2013-0422.yar"
-include "./CVE_Rules/CVE-2015-1701.yar"
-include "./CVE_Rules/CVE-2015-2426.yar"
-include "./CVE_Rules/CVE-2015-2545.yar"
-include "./CVE_Rules/CVE-2015-5119.yar"
-include "./CVE_Rules/CVE-2016-5195.yar"
-include "./CVE_Rules/CVE-2017-11882.yar"
-include "./CVE_Rules/CVE-2018-20250.yar"
-include "./CVE_Rules/CVE-2018-4878.yar"
+include "./cve_rules/CVE-2010-0805.yar"
+include "./cve_rules/CVE-2010-0887.yar"
+include "./cve_rules/CVE-2010-1297.yar"
+include "./cve_rules/CVE-2012-0158.yar"
+include "./cve_rules/CVE-2013-0074.yar"
+include "./cve_rules/CVE-2013-0422.yar"
+include "./cve_rules/CVE-2015-1701.yar"
+include "./cve_rules/CVE-2015-2426.yar"
+include "./cve_rules/CVE-2015-2545.yar"
+include "./cve_rules/CVE-2015-5119.yar"
+include "./cve_rules/CVE-2016-5195.yar"
+include "./cve_rules/CVE-2017-11882.yar"
+include "./cve_rules/CVE-2018-20250.yar"
+include "./cve_rules/CVE-2018-4878.yar"
diff --git a/Capabilities_index.yar b/Capabilities_index.yar
@@ -1,5 +1,5 @@
 /*
 Generated by Yara-Rules
-On 26-11-2019
+On 08-01-2020
 */
-include "./Capabilities/capabilities.yar"
+include "./capabilities/capabilities.yar"
diff --git a/Crypto_index.yar b/Crypto_index.yar
@@ -1,5 +1,5 @@
 /*
 Generated by Yara-Rules
-On 26-11-2019
+On 08-01-2020
 */
-include "./Crypto/crypto_signatures.yar"
+include "./crypto/crypto_signatures.yar"
diff --git a/Exploit-Kits_index.yar b/Exploit-Kits_index.yar
diff --git a/Malicious_Documents_index.yar b/Malicious_Documents_index.yar
diff --git a/Mobile_Malware_index.yar b/Mobile_Malware_index.yar
@@ -1,67 +1,4 @@
 /*
 Generated by Yara-Rules
-On 26-11-2019
+On 08-01-2020
 */
-include "./Mobile_Malware/Android_ASSDdeveloper.yar"
-include "./Mobile_Malware/Android_AVITOMMS.yar"
-include "./Mobile_Malware/Android_AliPay_smsStealer.yar"
-include "./Mobile_Malware/Android_Amtrckr_20160519.yar"
-include "./Mobile_Malware/Android_Backdoor.yar"
-include "./Mobile_Malware/Android_Backdoor_script.yar"
-include "./Mobile_Malware/Android_BadMirror.yar"
-include "./Mobile_Malware/Android_Banker_Acecard.yar"
-include "./Mobile_Malware/Android_BatteryBot_ClickFraud.yar"
-include "./Mobile_Malware/Android_Clicker_G.yar"
-include "./Mobile_Malware/Android_Copy9.yar"
-include "./Mobile_Malware/Android_DeathRing.yar"
-include "./Mobile_Malware/Android_Dectus_rswm.yar"
-include "./Mobile_Malware/Android_Dendroid_RAT.yar"
-include "./Mobile_Malware/Android_Dogspectus.yar"
-include "./Mobile_Malware/Android_FakeApps.yar"
-include "./Mobile_Malware/Android_FakeBank_Fanta.yar"
-include "./Mobile_Malware/Android_Godless.yar"
-include "./Mobile_Malware/Android_HackintTeam_Implant.yar"
-include "./Mobile_Malware/Android_Libyan_Scorpions.yar"
-include "./Mobile_Malware/Android_MalwareCertificates.yar"
-include "./Mobile_Malware/Android_Malware_Ramsonware.yar"
-include "./Mobile_Malware/Android_Malware_Tinhvan.yar"
-include "./Mobile_Malware/Android_Malware_Towelroot.yar"
-include "./Mobile_Malware/Android_Marcher_2.yar"
-include "./Mobile_Malware/Android_MazarBot_z.yar"
-include "./Mobile_Malware/Android_Metasploit.yar"
-include "./Mobile_Malware/Android_Metasploit_Payload.yar"
-include "./Mobile_Malware/Android_OmniRat.yar"
-include "./Mobile_Malware/Android_Overlayer.yar"
-include "./Mobile_Malware/Android_Pink_Locker.yar"
-include "./Mobile_Malware/Android_Polish_Bankbot.yar"
-include "./Mobile_Malware/Android_RuMMS.yar"
-include "./Mobile_Malware/Android_SMSFraud.yar"
-include "./Mobile_Malware/Android_SandroRat.yar"
-include "./Mobile_Malware/Android_SlemBunk.yar"
-include "./Mobile_Malware/Android_SpyAgent.yar"
-include "./Mobile_Malware/Android_SpyNote.yar"
-include "./Mobile_Malware/Android_Spynet.yar"
-include "./Mobile_Malware/Android_Spywaller.yar"
-include "./Mobile_Malware/Android_Switcher.yar"
-include "./Mobile_Malware/Android_Tachi.yar"
-include "./Mobile_Malware/Android_Tempting_Cedar_Spyware.yar"
-include "./Mobile_Malware/Android_Tordow.yar"
-include "./Mobile_Malware/Android_Triada_Banking.yar"
-include "./Mobile_Malware/Android_Trojan_Dendroid.yar"
-include "./Mobile_Malware/Android_Trojan_Droidjack.yar"
-include "./Mobile_Malware/Android_VikingOrder.yar"
-include "./Mobile_Malware/Android_VirusPolicia.yar"
-include "./Mobile_Malware/Android_adware.yar"
-include "./Mobile_Malware/Android_generic_adware.yar"
-include "./Mobile_Malware/Android_generic_smsfraud.yar"
-include "./Mobile_Malware/Android_malware_Advertising.yar"
-include "./Mobile_Malware/Android_malware_ChinesePorn.yar"
-include "./Mobile_Malware/Android_malware_Dropper.yar"
-include "./Mobile_Malware/Android_malware_Fake_MosKow.yar"
-include "./Mobile_Malware/Android_malware_HackingTeam.yar"
-include "./Mobile_Malware/Android_malware_SMSsender.yar"
-include "./Mobile_Malware/Android_malware_banker.yar"
-include "./Mobile_Malware/Android_malware_xbot007.yar"
-include "./Mobile_Malware/Android_mapin.yar"
-include "./Mobile_Malware/Android_pornClicker.yar"
-include "./Mobile_Malware/Android_sk_bankTr.yar"
diff --git a/Packers_index.yar b/Packers_index.yar
@@ -1,9 +1,9 @@
 /*
 Generated by Yara-Rules
-On 26-11-2019
+On 08-01-2020
 */
-include "./Packers/JJencode.yar"
-include "./Packers/Javascript_exploit_and_obfuscation.yar"
-include "./Packers/packer.yar"
-include "./Packers/packer_compiler_signatures.yar"
-include "./Packers/peid.yar"
+include "./packers/JJencode.yar"
+include "./packers/Javascript_exploit_and_obfuscation.yar"
+include "./packers/packer.yar"
+include "./packers/packer_compiler_signatures.yar"
+include "./packers/peid.yar"
diff --git a/README.md b/README.md
@@ -14,8 +14,6 @@ If you’re interested in sharing your Yara rules with us and the Security Commu
 
 Twitter account: https://twitter.com/yararules
 
-Mailing list : http://list.yararules.com/mailman/listinfo/yararules.com.signatures
-
 # Requirements
 
 Yara **version 3.0** or higher is required for most of our rules to work. This is mainly due to the use of the "pe" module introduced in that version.
@@ -24,7 +22,9 @@ You can check your installed version with `yara -v`
 
 Packages available in Ubuntu 14.04 LTS default repositories are too old.  You can alternatively install from source or use the packages available in the [Remnux repository](https://launchpad.net/~remnux/+archive/ubuntu/stable).
 
-Also, you will need [Androguard Module](https://github.com/Koodous/androguard-yara) if you want to use the rules in the 'mobile_malware' category.
+~~Also, you will need [Androguard Module](https://github.com/Koodous/androguard-yara) if you want to use the rules in the 'mobile_malware' category.~~
+
+We have deprecated mobile_malware rules that depend on Androguard Module because it seems an abandoned project.
 
 # Categories
 
@@ -36,7 +36,7 @@ In this section you will find Yara Rules aimed toward the detection of anti-debu
 
 In this section you will find Yara rules to detect capabilities that do not fit into any of the other categories.  They are useful to know for analysis but may not be malicious indicators on their own.
 
-## CVE_Rules
+## CVE Rules
 
 In this section you will find Yara Rules specialised toward the identification of specific Common Vulnerabilities and Exposures (CVEs)
 
@@ -72,14 +72,13 @@ In this section you will find Yara rules specialised toward the identification o
 
 In this section you will find Yara rules specialised toward the identification of well-known mobile malware.
 
-Many rules in this section use the Androguard module developed by the people over at https://koodous.com/.
+## Deprecated
 
-You can get it, along with installation instructions, at https://github.com/Koodous/androguard-yara
+In this section you will find Yara rules deprecated.
 
 # Contact
 
 Webpage: http://yararules.com
 
 Twitter account: https://twitter.com/yararules
 
-Mail list : http://list.yararules.com/mailman/listinfo/yararules.com.signatures
diff --git a/Webshells_index.yar b/Webshells_index.yar
@@ -1,12 +1,12 @@
 /*
 Generated by Yara-Rules
-On 26-11-2019
+On 08-01-2020
 */
-include "./Webshells/WShell_APT_Laudanum.yar"
-include "./Webshells/WShell_ASPXSpy.yar"
-include "./Webshells/WShell_PHP_Anuna.yar"
-include "./Webshells/WShell_PHP_in_images.yar"
-include "./Webshells/WShell_THOR_Webshells.yar"
-include "./Webshells/Wshell_ChineseSpam.yar"
-include "./Webshells/Wshell_fire2013.yar"
-include "./Webshells/WShell_Drupalgeddon2_icos.yar"
+include "./webshells/WShell_APT_Laudanum.yar"
+include "./webshells/WShell_ASPXSpy.yar"
+include "./webshells/WShell_Drupalgeddon2_icos.yar"
+include "./webshells/WShell_PHP_Anuna.yar"
+include "./webshells/WShell_PHP_in_images.yar"
+include "./webshells/WShell_THOR_Webshells.yar"
+include "./webshells/Wshell_ChineseSpam.yar"
+include "./webshells/Wshell_fire2013.yar"
diff --git a/Mobile_Malware/Android_ASSDdeveloper.yar → deprecated/Android_ASSDdeveloper.yar b/Mobile_Malware/Android_ASSDdeveloper.yar → deprecated/Android_ASSDdeveloper.yar
diff --git a/Mobile_Malware/Android_AVITOMMS.yar → deprecated/Android_AVITOMMS.yar b/Mobile_Malware/Android_AVITOMMS.yar → deprecated/Android_AVITOMMS.yar
diff --git a/Mobile_Malware/Android_AliPay_smsStealer.yar → deprecated/Android_AliPay_smsStealer.yar b/Mobile_Malware/Android_AliPay_smsStealer.yar → deprecated/Android_AliPay_smsStealer.yar
diff --git a/Mobile_Malware/Android_Amtrckr_20160519.yar → deprecated/Android_Amtrckr_20160519.yar b/Mobile_Malware/Android_Amtrckr_20160519.yar → deprecated/Android_Amtrckr_20160519.yar
diff --git a/Mobile_Malware/Android_Backdoor.yar → deprecated/Android_Backdoor.yar b/Mobile_Malware/Android_Backdoor.yar → deprecated/Android_Backdoor.yar
diff --git a/Mobile_Malware/Android_Backdoor_script.yar → deprecated/Android_Backdoor_script.yar b/Mobile_Malware/Android_Backdoor_script.yar → deprecated/Android_Backdoor_script.yar
diff --git a/Mobile_Malware/Android_BadMirror.yar → deprecated/Android_BadMirror.yar b/Mobile_Malware/Android_BadMirror.yar → deprecated/Android_BadMirror.yar
diff --git a/Mobile_Malware/Android_Banker_Acecard.yar → deprecated/Android_Banker_Acecard.yar b/Mobile_Malware/Android_Banker_Acecard.yar → deprecated/Android_Banker_Acecard.yar
diff --git a/...Malware/Android_BatteryBot_ClickFraud.yar → deprecated/Android_BatteryBot_ClickFraud.yar b/...Malware/Android_BatteryBot_ClickFraud.yar → deprecated/Android_BatteryBot_ClickFraud.yar
diff --git a/Mobile_Malware/Android_Clicker_G.yar → deprecated/Android_Clicker_G.yar b/Mobile_Malware/Android_Clicker_G.yar → deprecated/Android_Clicker_G.yar
diff --git a/Mobile_Malware/Android_Copy9.yar → deprecated/Android_Copy9.yar b/Mobile_Malware/Android_Copy9.yar → deprecated/Android_Copy9.yar
diff --git a/Mobile_Malware/Android_DeathRing.yar → deprecated/Android_DeathRing.yar b/Mobile_Malware/Android_DeathRing.yar → deprecated/Android_DeathRing.yar
diff --git a/Mobile_Malware/Android_Dectus_rswm.yar → deprecated/Android_Dectus_rswm.yar b/Mobile_Malware/Android_Dectus_rswm.yar → deprecated/Android_Dectus_rswm.yar
diff --git a/Mobile_Malware/Android_Dendroid_RAT.yar → deprecated/Android_Dendroid_RAT.yar b/Mobile_Malware/Android_Dendroid_RAT.yar → deprecated/Android_Dendroid_RAT.yar
diff --git a/Mobile_Malware/Android_Dogspectus.yar → deprecated/Android_Dogspectus.yar b/Mobile_Malware/Android_Dogspectus.yar → deprecated/Android_Dogspectus.yar
diff --git a/Mobile_Malware/Android_FakeApps.yar → deprecated/Android_FakeApps.yar b/Mobile_Malware/Android_FakeApps.yar → deprecated/Android_FakeApps.yar
diff --git a/Mobile_Malware/Android_FakeBank_Fanta.yar → deprecated/Android_FakeBank_Fanta.yar b/Mobile_Malware/Android_FakeBank_Fanta.yar → deprecated/Android_FakeBank_Fanta.yar
diff --git a/Mobile_Malware/Android_Godless.yar → deprecated/Android_Godless.yar b/Mobile_Malware/Android_Godless.yar → deprecated/Android_Godless.yar
diff --git a/...e_Malware/Android_HackintTeam_Implant.yar → deprecated/Android_HackintTeam_Implant.yar b/...e_Malware/Android_HackintTeam_Implant.yar → deprecated/Android_HackintTeam_Implant.yar
diff --git a/Mobile_Malware/Android_Libyan_Scorpions.yar → deprecated/Android_Libyan_Scorpions.yar b/Mobile_Malware/Android_Libyan_Scorpions.yar → deprecated/Android_Libyan_Scorpions.yar
diff --git a/...e_Malware/Android_MalwareCertificates.yar → deprecated/Android_MalwareCertificates.yar b/...e_Malware/Android_MalwareCertificates.yar → deprecated/Android_MalwareCertificates.yar
diff --git a/...le_Malware/Android_Malware_Ramsonware.yar → deprecated/Android_Malware_Ramsonware.yar b/...le_Malware/Android_Malware_Ramsonware.yar → deprecated/Android_Malware_Ramsonware.yar
diff --git a/Mobile_Malware/Android_Malware_Tinhvan.yar → deprecated/Android_Malware_Tinhvan.yar b/Mobile_Malware/Android_Malware_Tinhvan.yar → deprecated/Android_Malware_Tinhvan.yar
diff --git a/Mobile_Malware/Android_Malware_Towelroot.yar → deprecated/Android_Malware_Towelroot.yar b/Mobile_Malware/Android_Malware_Towelroot.yar → deprecated/Android_Malware_Towelroot.yar
diff --git a/Mobile_Malware/Android_Marcher_2.yar → deprecated/Android_Marcher_2.yar b/Mobile_Malware/Android_Marcher_2.yar → deprecated/Android_Marcher_2.yar
diff --git a/Mobile_Malware/Android_MazarBot_z.yar → deprecated/Android_MazarBot_z.yar b/Mobile_Malware/Android_MazarBot_z.yar → deprecated/Android_MazarBot_z.yar
diff --git a/Mobile_Malware/Android_Metasploit.yar → deprecated/Android_Metasploit.yar b/Mobile_Malware/Android_Metasploit.yar → deprecated/Android_Metasploit.yar
diff --git a/...le_Malware/Android_Metasploit_Payload.yar → deprecated/Android_Metasploit_Payload.yar b/...le_Malware/Android_Metasploit_Payload.yar → deprecated/Android_Metasploit_Payload.yar
diff --git a/Mobile_Malware/Android_OmniRat.yar → deprecated/Android_OmniRat.yar b/Mobile_Malware/Android_OmniRat.yar → deprecated/Android_OmniRat.yar
diff --git a/Mobile_Malware/Android_Overlayer.yar → deprecated/Android_Overlayer.yar b/Mobile_Malware/Android_Overlayer.yar → deprecated/Android_Overlayer.yar
diff --git a/Mobile_Malware/Android_Pink_Locker.yar → deprecated/Android_Pink_Locker.yar b/Mobile_Malware/Android_Pink_Locker.yar → deprecated/Android_Pink_Locker.yar
diff --git a/Mobile_Malware/Android_Polish_Bankbot.yar → deprecated/Android_Polish_Bankbot.yar b/Mobile_Malware/Android_Polish_Bankbot.yar → deprecated/Android_Polish_Bankbot.yar
diff --git a/Mobile_Malware/Android_RuMMS.yar → deprecated/Android_RuMMS.yar b/Mobile_Malware/Android_RuMMS.yar → deprecated/Android_RuMMS.yar
diff --git a/Mobile_Malware/Android_SMSFraud.yar → deprecated/Android_SMSFraud.yar b/Mobile_Malware/Android_SMSFraud.yar → deprecated/Android_SMSFraud.yar
diff --git a/Mobile_Malware/Android_SandroRat.yar → deprecated/Android_SandroRat.yar b/Mobile_Malware/Android_SandroRat.yar → deprecated/Android_SandroRat.yar
diff --git a/Mobile_Malware/Android_SlemBunk.yar → deprecated/Android_SlemBunk.yar b/Mobile_Malware/Android_SlemBunk.yar → deprecated/Android_SlemBunk.yar
diff --git a/Mobile_Malware/Android_SpyAgent.yar → deprecated/Android_SpyAgent.yar b/Mobile_Malware/Android_SpyAgent.yar → deprecated/Android_SpyAgent.yar
diff --git a/Mobile_Malware/Android_SpyNote.yar → deprecated/Android_SpyNote.yar b/Mobile_Malware/Android_SpyNote.yar → deprecated/Android_SpyNote.yar
diff --git a/Mobile_Malware/Android_Spynet.yar → deprecated/Android_Spynet.yar b/Mobile_Malware/Android_Spynet.yar → deprecated/Android_Spynet.yar
diff --git a/Mobile_Malware/Android_Spywaller.yar → deprecated/Android_Spywaller.yar b/Mobile_Malware/Android_Spywaller.yar → deprecated/Android_Spywaller.yar
diff --git a/Mobile_Malware/Android_Switcher.yar → deprecated/Android_Switcher.yar b/Mobile_Malware/Android_Switcher.yar → deprecated/Android_Switcher.yar
diff --git a/Mobile_Malware/Android_Tachi.yar → deprecated/Android_Tachi.yar b/Mobile_Malware/Android_Tachi.yar → deprecated/Android_Tachi.yar
diff --git a/...alware/Android_Tempting_Cedar_Spyware.yar → ...ecated/Android_Tempting_Cedar_Spyware.yar b/...alware/Android_Tempting_Cedar_Spyware.yar → ...ecated/Android_Tempting_Cedar_Spyware.yar
diff --git a/Mobile_Malware/Android_Tordow.yar → deprecated/Android_Tordow.yar b/Mobile_Malware/Android_Tordow.yar → deprecated/Android_Tordow.yar
diff --git a/Mobile_Malware/Android_Triada_Banking.yar → deprecated/Android_Triada_Banking.yar b/Mobile_Malware/Android_Triada_Banking.yar → deprecated/Android_Triada_Banking.yar
diff --git a/Mobile_Malware/Android_Trojan_Dendroid.yar → deprecated/Android_Trojan_Dendroid.yar b/Mobile_Malware/Android_Trojan_Dendroid.yar → deprecated/Android_Trojan_Dendroid.yar
diff --git a/Mobile_Malware/Android_Trojan_Droidjack.yar → deprecated/Android_Trojan_Droidjack.yar b/Mobile_Malware/Android_Trojan_Droidjack.yar → deprecated/Android_Trojan_Droidjack.yar
diff --git a/Mobile_Malware/Android_VikingOrder.yar → deprecated/Android_VikingOrder.yar b/Mobile_Malware/Android_VikingOrder.yar → deprecated/Android_VikingOrder.yar
diff --git a/Mobile_Malware/Android_VirusPolicia.yar → deprecated/Android_VirusPolicia.yar b/Mobile_Malware/Android_VirusPolicia.yar → deprecated/Android_VirusPolicia.yar
diff --git a/Mobile_Malware/Android_adware.yar → deprecated/Android_adware.yar b/Mobile_Malware/Android_adware.yar → deprecated/Android_adware.yar
diff --git a/Mobile_Malware/Android_fake_mario_app → deprecated/Android_fake_mario_app b/Mobile_Malware/Android_fake_mario_app → deprecated/Android_fake_mario_app
diff --git a/Mobile_Malware/Android_generic_adware.yar → deprecated/Android_generic_adware.yar b/Mobile_Malware/Android_generic_adware.yar → deprecated/Android_generic_adware.yar
diff --git a/Mobile_Malware/Android_generic_smsfraud.yar → deprecated/Android_generic_smsfraud.yar b/Mobile_Malware/Android_generic_smsfraud.yar → deprecated/Android_generic_smsfraud.yar
diff --git a/...e_Malware/Android_malware_Advertising.yar → deprecated/Android_malware_Advertising.yar b/...e_Malware/Android_malware_Advertising.yar → deprecated/Android_malware_Advertising.yar
diff --git a/...e_Malware/Android_malware_ChinesePorn.yar → deprecated/Android_malware_ChinesePorn.yar b/...e_Malware/Android_malware_ChinesePorn.yar → deprecated/Android_malware_ChinesePorn.yar
diff --git a/Mobile_Malware/Android_malware_Dropper.yar → deprecated/Android_malware_Dropper.yar b/Mobile_Malware/Android_malware_Dropper.yar → deprecated/Android_malware_Dropper.yar
diff --git a/...e_Malware/Android_malware_Fake_MosKow.yar → deprecated/Android_malware_Fake_MosKow.yar b/...e_Malware/Android_malware_Fake_MosKow.yar → deprecated/Android_malware_Fake_MosKow.yar
diff --git a/...e_Malware/Android_malware_HackingTeam.yar → deprecated/Android_malware_HackingTeam.yar b/...e_Malware/Android_malware_HackingTeam.yar → deprecated/Android_malware_HackingTeam.yar
diff --git a/Mobile_Malware/Android_malware_SMSsender.yar → deprecated/Android_malware_SMSsender.yar b/Mobile_Malware/Android_malware_SMSsender.yar → deprecated/Android_malware_SMSsender.yar
diff --git a/Mobile_Malware/Android_malware_banker.yar → deprecated/Android_malware_banker.yar b/Mobile_Malware/Android_malware_banker.yar → deprecated/Android_malware_banker.yar
diff --git a/Mobile_Malware/Android_malware_xbot007.yar → deprecated/Android_malware_xbot007.yar b/Mobile_Malware/Android_malware_xbot007.yar → deprecated/Android_malware_xbot007.yar
diff --git a/Mobile_Malware/Android_mapin.yar → deprecated/Android_mapin.yar b/Mobile_Malware/Android_mapin.yar → deprecated/Android_mapin.yar
diff --git a/Mobile_Malware/Android_pornClicker.yar → deprecated/Android_pornClicker.yar b/Mobile_Malware/Android_pornClicker.yar → deprecated/Android_pornClicker.yar
diff --git a/Mobile_Malware/Android_sk_bankTr.yar → deprecated/Android_sk_bankTr.yar b/Mobile_Malware/Android_sk_bankTr.yar → deprecated/Android_sk_bankTr.yar
diff --git a/email_index.yar b/email_index.yar
@@ -1,6 +1,6 @@
 /*
 Generated by Yara-Rules
-On 26-11-2019
+On 08-01-2020
 */
 include "./email/EMAIL_Cryptowall.yar"
 include "./email/attachment.yar"

diff --git a/Exploit-Kits/EK_Angler.yar → exploit_kits/EK_Angler.yar b/Exploit-Kits/EK_Angler.yar → exploit_kits/EK_Angler.yar
diff --git a/Exploit-Kits/EK_Blackhole.yar → exploit_kits/EK_Blackhole.yar b/Exploit-Kits/EK_Blackhole.yar → exploit_kits/EK_Blackhole.yar
diff --git a/Exploit-Kits/EK_BleedingLife.yar → exploit_kits/EK_BleedingLife.yar b/Exploit-Kits/EK_BleedingLife.yar → exploit_kits/EK_BleedingLife.yar
diff --git a/Exploit-Kits/EK_Crimepack.yar → exploit_kits/EK_Crimepack.yar b/Exploit-Kits/EK_Crimepack.yar → exploit_kits/EK_Crimepack.yar
diff --git a/Exploit-Kits/EK_Eleonore.yar → exploit_kits/EK_Eleonore.yar b/Exploit-Kits/EK_Eleonore.yar → exploit_kits/EK_Eleonore.yar
diff --git a/Exploit-Kits/EK_Fragus.yar → exploit_kits/EK_Fragus.yar b/Exploit-Kits/EK_Fragus.yar → exploit_kits/EK_Fragus.yar
diff --git a/Exploit-Kits/EK_Phoenix.yar → exploit_kits/EK_Phoenix.yar b/Exploit-Kits/EK_Phoenix.yar → exploit_kits/EK_Phoenix.yar
diff --git a/Exploit-Kits/EK_Sakura.yar → exploit_kits/EK_Sakura.yar b/Exploit-Kits/EK_Sakura.yar → exploit_kits/EK_Sakura.yar
diff --git a/Exploit-Kits/EK_ZeroAcces.yar → exploit_kits/EK_ZeroAcces.yar b/Exploit-Kits/EK_ZeroAcces.yar → exploit_kits/EK_ZeroAcces.yar
diff --git a/Exploit-Kits/EK_Zerox88.yar → exploit_kits/EK_Zerox88.yar b/Exploit-Kits/EK_Zerox88.yar → exploit_kits/EK_Zerox88.yar
diff --git a/Exploit-Kits/EK_Zeus.yar → exploit_kits/EK_Zeus.yar b/Exploit-Kits/EK_Zeus.yar → exploit_kits/EK_Zeus.yar
diff --git a/exploit_kits_index.yar b/exploit_kits_index.yar
@@ -0,0 +1,15 @@
+/*
+Generated by Yara-Rules
+On 08-01-2020
+*/
+include "./exploit_kits/EK_Angler.yar"
+include "./exploit_kits/EK_Blackhole.yar"
+include "./exploit_kits/EK_BleedingLife.yar"
+include "./exploit_kits/EK_Crimepack.yar"
+include "./exploit_kits/EK_Eleonore.yar"
+include "./exploit_kits/EK_Fragus.yar"
+include "./exploit_kits/EK_Phoenix.yar"
+include "./exploit_kits/EK_Sakura.yar"
+include "./exploit_kits/EK_ZeroAcces.yar"
+include "./exploit_kits/EK_Zerox88.yar"
+include "./exploit_kits/EK_Zeus.yar"