Skip to content
Indicators of Compromises (IOC) of our various investigations
YARA Perl 6 Python Makefile
Branch: master
Clone or download
ESET Research
ESET Research Add IoCs for Machete
Latest commit 08e573b Aug 5, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
amavaldo Added IoCs for Amavaldo Jul 31, 2019
animalfarm Animal Farm (Dino) yara rules Aug 17, 2015
buhtrap Added IoCs for buhtrap Jul 11, 2019
danabot Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
dnsbirthday Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
gamarue Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
glupteba Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
greyenergy Add some missing hashes in samples.* files Jul 26, 2019
groundbait Add some missing hashes in samples.* files Jul 26, 2019
industroyer Add some missing hashes in samples.* files Jul 26, 2019
invisimole Add some missing hashes in samples.* files Jul 26, 2019
kasidet Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
keydnap Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
machete Add IoCs for Machete Aug 5, 2019
moose Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
mumblehard Add the other U-A pattern to Mumblehard's IoC Apr 6, 2016
nukesped_lazarus Add some missing hashes in samples.* files Jul 26, 2019
oceanlotus Add some missing hashes in samples.* files Jul 26, 2019
okrum_ke3chang Added IoCs for okrum_ke3chang Jul 18, 2019
potao Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
powerpool Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
rakos Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
rtm Add some missing hashes in samples.* files Jul 26, 2019
sednit Add some missing hashes in samples.* files Jul 26, 2019
sshdoor Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
stantinko Add some missing hashes in samples.* files Jul 26, 2019
telebots Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
turla Add some missing hashes in samples.* files Jul 26, 2019
windigo Add samples.{md5,sha1,sha256} for all existing samples listed Feb 11, 2019
winnti_group Prevent links to be created automatically by GitHub Asciidoc renderer Mar 19, 2019
LICENSE Update main copyright notice to 2018 Jan 9, 2018
Makefile readme, license and Makefile Mar 17, 2014
README.adoc Add description of samples.* files in README Feb 11, 2019
andromeda Added IoCs for Gamarue / Andromeda Dec 4, 2017

README.adoc

Malware Indicators of Compromise

Copyright © ESET 2014-2018

Here are indicators of compromise (IOCs) of our various investigations. We are doing this to help the broader security community fight malware wherever it might be.

  • .yar files are Yara rules

  • .rules files are Snort rules

  • samples.md5, samples.sha1 and samples.sha256 files are newline separated list of hexadecimal digests of malware samples

If you would like to contribute improved versions please send us a pull request.

If you’ve found false positives give us the details in an issue report and we’ll try to improve our IOCs.

These are licensed under the permissive BSD two-clause license. You are allowed to modify these and keep the changes to yourself even though it would be rude to do so.

You can’t perform that action at this time.