Auto Template Signing [Fri Jun 21 10:04:41 UTC 2024] :robot:

projectdiscovery · Jun 21, 2024 · 56b7008 · 56b7008
1 parent ae64f16
commit 56b7008
Show file tree

Hide file tree

Showing 65 changed files with 94 additions and 29 deletions.
diff --git a/file/malware/hash/anthem-deeppanda-malware-hash.yaml b/file/malware/hash/anthem-deeppanda-malware-hash.yaml
@@ -19,3 +19,4 @@ file:
           - "sha256(raw) == 'ab58b6aa7dcc25d8f6e4b70a24e0ccede0d5f6129df02a9e61293c1d7d7640a2'"
           - "sha256(raw) == 'c6c3bb72896f8f0b9a5351614fd94e889864cf924b40a318c79560bbbcfa372f'"
         condition: or
+# digest: 490a00463044022009a7d212c5c5ec1ebca673e0f26314538a297fddc99b92d53587f28b2eeac3c802207abb951c36428ed3421a5d685870e46a576276a5b8cdb293b40abf767ced8589:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/applejeus-malware-hash.yaml b/file/malware/hash/applejeus-malware-hash.yaml
@@ -20,4 +20,5 @@ file:
           - "sha256(raw) == 'a0db8f8f13a27df1eacbc01505f311f6b14cf9b84fbc7e84cb764a13f001dbbb'"
           - "sha256(raw) == 'a241b6611afba8bb1de69044115483adb74f66ab4a80f7423e13c652422cb379'"
           - "sha256(raw) == '17e6189c19dedea678969e042c64de2a51dd9fba69ff521571d63fd92e48601b'"
-        condition: or
+        condition: or
+# digest: 4b0a00483046022100b9ffe0405c3e1b2f5a78f7d35de9fcebe05f08f84e56688356b9784e8d8eebc7022100b90a82c2f36e07835c7e7d7e198ce96fb361be2e9eed76e3cae80063fcc89a9d:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/avburner-malware-hash.yaml b/file/malware/hash/avburner-malware-hash.yaml
@@ -15,4 +15,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == '4b1b1a1293ccd2c0fd51075de9376ebb55ab64972da785153fcb0a4eb523a5eb'"
+          - "sha256(raw) == '4b1b1a1293ccd2c0fd51075de9376ebb55ab64972da785153fcb0a4eb523a5eb'"
+# digest: 4a0a00473045022100f8477adf4215907bc55dbf7776c940c9881f598394af92e08e20ee0fe90c223a022068b7ba7a4620b470215521a7504c1d8c9b10ea010a003de19217c37f3a23f7f2:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/backwash-malware-hash.yaml b/file/malware/hash/backwash-malware-hash.yaml
@@ -25,4 +25,5 @@ file:
           - "sha256(raw) == '72f7d4d3b9d2e406fa781176bd93e8deee0fb1598b67587e1928455b66b73911'"
           - "sha256(raw) == '4d913ecb91bf32fd828d2153342f5462ae6b84c1a5f256107efc88747f7ba16c'"
           - "sha256(raw) == '98e39573a3d355d7fdf3439d9418fdbf4e42c2e03051b5313d5c84f3df485627'"
-        condition: or
+        condition: or
+# digest: 4b0a00483046022100ae727b6d00154914ae43b7d0570a5e4abee33341a6b5786be48fe2bb027d8408022100d0ef741360e46aded1e0d7609864fb6d12c154d343233251799bc896550476e8:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/blackenergy-driver-amdide-hash.yaml b/file/malware/hash/blackenergy-driver-amdide-hash.yaml
@@ -24,3 +24,4 @@ file:
           - "sha256(raw) == 'cbc4b0aaa30b967a6e29df452c5d7c2a16577cede54d6d705ca1f095bd6d4988'"
           - "sha256(raw) == '1ce0dfe1a6663756a32c69f7494ad082d293d32fe656d7908fb445283ab5fa68'"
         condition: or
+# digest: 4b0a0048304602210092a22727336f846116818542136787558ac60bac32434cb43e885f8219611b1e022100efe63d7b61f6b6ead92326259bce806df50567cb9862d210c84b4bbadae50bb6:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/blackenergy-driver-malware-hash.yaml b/file/malware/hash/blackenergy-driver-malware-hash.yaml
@@ -24,3 +24,4 @@ file:
           - "sha256(raw) == '244dd8018177ea5a92c70a7be94334fa457c1aab8a1c1ea51580d7da500c3ad5'"
           - "sha256(raw) == 'edcd1722fdc2c924382903b7e4580f9b77603110e497393c9947d45d311234bf'"
         condition: or
+# digest: 4a0a004730450220182af1b18ad6459798f42c01ed4e25e60016e88d3ce86dd0346dd7e268c13f3a022100d62cbcdbb932d6f7d196c33119c356b0cbd4a98e2d69c823c981d83ee5043af7:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/blackenergy-killdisk-malware-hash.yaml b/file/malware/hash/blackenergy-killdisk-malware-hash.yaml
@@ -19,4 +19,5 @@ file:
           - "sha256(raw) == '5d2b1abc7c35de73375dd54a4ec5f0b060ca80a1831dac46ad411b4fe4eac4c6'"
           - "sha256(raw) == 'c7536ab90621311b526aefd56003ef8e1166168f038307ae960346ce8f75203d'"
           - "sha256(raw) == 'f52869474834be5a6b5df7f8f0c46cbc7e9b22fa5cb30bee0f363ec6eb056b95'"
-        condition: or
+        condition: or
+# digest: 4a0a0047304502202458980ebea305eb929ecde0f231be11033f344aa6579fd33fe4002bdb7dad5b022100dbbbe9b8f9f64dbaa08349d818b345c64550f8cfb123d517764b5cc29cfc0ff3:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/blackenergy-ssh-malware-hash.yaml b/file/malware/hash/blackenergy-ssh-malware-hash.yaml
@@ -15,4 +15,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == '0969daac4adc84ab7b50d4f9ffb16c4e1a07c6dbfc968bd6649497c794a161cd'"
+          - "sha256(raw) == '0969daac4adc84ab7b50d4f9ffb16c4e1a07c6dbfc968bd6649497c794a161cd'"
+# digest: 4b0a00483046022100881e31ce7ee7044a7376e7fdb54e451a8811f86ceba285ac316ae5a027d2cef7022100845173c43c2e7eb75d5d35f0639dd292f3f03faae0d199677a387a6149e8cb15:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/blackenergy-vbs-malware-hash.yaml b/file/malware/hash/blackenergy-vbs-malware-hash.yaml
@@ -18,3 +18,4 @@ file:
           - "sha256(raw) == 'b90f268b5e7f70af1687d9825c09df15908ad3a6978b328dc88f96143a64af0f'"
           - "sha256(raw) == '0969daac4adc84ab7b50d4f9ffb16c4e1a07c6dbfc968bd6649497c794a161cd'"
         condition: or
+# digest: 4b0a00483046022100dd35c8697b29b51ba6b14fcbe3a51a5ba8e9a1d6861a04871287a6985d575348022100e8881b7e0f6d91af1c12d0deb56e666fec5b4f0e8930010a1886d38fe5d23672:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/bluelight-malware-hash.yaml b/file/malware/hash/bluelight-malware-hash.yaml
@@ -18,4 +18,5 @@ file:
           - "sha256(raw) == '837eaf7b736583497afb8bbdb527f70577901eff04cc69d807983b233524bfed'"
           - "sha256(raw) == '7c40019c1d4cef2ffdd1dd8f388aaba537440b1bffee41789c900122d075a86d'"
           - "sha256(raw) == '94b71ee0861cc7cfbbae53ad2e411a76f296fd5684edf6b25ebe79bf6a2a600a'"
-        condition: or
+        condition: or
+# digest: 4b0a00483046022100bee4e8268cf26453045145f505f3aa37568f85c67d982701b3d3c06b750a3dc4022100adbefd57c061ddfe5ab00a929baa9e8eecf250eac26791bf3d0e80bf58544170:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/bluetermite-emdivi-malware-hash.yaml b/file/malware/hash/bluetermite-emdivi-malware-hash.yaml
@@ -30,4 +30,5 @@ file:
           - "sha256(raw) == '6a331c4e654dd8ddaa2c69d260aa5f4f76f243df8b5019d62d4db5ae5c965662'"
           - "sha256(raw) == '90d07ea2bb80ed52b007f57d0d9a79430cd50174825c43d5746a16ee4f94ea86'"
           - "sha256(raw) == 'a94bf485cebeda8e4b74bbe2c0a0567903a13c36b9bf60fab484a9b55207fe0d'"
-        condition: or
+        condition: or
+# digest: 4a0a00473045022100d921976429b755e2f6cc4781a3a9f484091fff45426fef48c161dec9fc213002022035ea8dcd09bf5fe2f185ef8eb60c9ac6c60c1f93be5df28e294140c3f6f196d4:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/bluetermite-emdivi-sfx-hash.yaml b/file/malware/hash/bluetermite-emdivi-sfx-hash.yaml
@@ -18,3 +18,4 @@ file:
           - "sha256(raw) == '7a3c81b2b3c14b9cd913692347019887b607c54152b348d6d3ccd3ecfd406196'"
           - "sha256(raw) == '8c3df4e4549db3ce57fc1f7b1b2dfeedb7ba079f654861ca0b608cbfa1df0f6b'"
         condition: or
+# digest: 4a0a004730450220237b93f547cec24240197d2e95af29b2221cdf84a36f5e6fb0576338ec036f98022100eb38116bfab516f16cdf0309ed52e6368c8072fbc240fc2b2ecd13b98997ed19:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/charmingcypress-malware-hash.yaml b/file/malware/hash/charmingcypress-malware-hash.yaml
@@ -14,4 +14,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == 'fdc5d6caaaa4fb14e62bd42544e8bb8e9b02220e687d5936a6838a7115334c51'"
+          - "sha256(raw) == 'fdc5d6caaaa4fb14e62bd42544e8bb8e9b02220e687d5936a6838a7115334c51'"
+# digest: 4b0a00483046022100d257198acc6cd79984bca30b43f87a0ab0379697637cdee94ba2baa75aca0d0b0221008348f7b8530f89d108d894f02326494d4ce63931469c49708cbdca332be5f61d:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/cheshirecat-malware-hash.yaml b/file/malware/hash/cheshirecat-malware-hash.yaml
@@ -20,3 +20,4 @@ file:
           - "sha256(raw) == '63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb'"
           - "sha256(raw) == 'c074aeef97ce81e8c68b7376b124546cabf40e2cd3aff1719d9daa6c3f780532'"
         condition: or
+# digest: 4a0a00473045022021e6a5ce1cbde7c589e8040bcf4c9ff635eae36b4030c206440580863737eed2022100b3db91ac75df21e9c8e77385d86e2d0c9099b698cb44cd9f0ee9c85aced3b886:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/cloudduke-malware-hash.yaml b/file/malware/hash/cloudduke-malware-hash.yaml
@@ -30,4 +30,5 @@ file:
           - "sha256(raw) == 'ee5eb9d57c3611e91a27bb1fc2d0aaa6bbfa6c69ab16e65e7123c7c49d46f145'"
           - "sha256(raw) == 'a713982d04d2048a575912a5fc37c93091619becd5b21e96f049890435940004'"
           - "sha256(raw) == '56ac764b81eb216ebed5a5ad38e703805ba3e1ca7d63501ba60a1fb52c7ebb6e'"
-        condition: or
+        condition: or
+# digest: 490a0046304402202a89b12c811db5885bcfc2b2d2e4ddeef1a3d4a6735b7e737e1fd34a2975c12b0220157129a18a197afbb9e1d6e91cdd45657c79f22ed4fd9881ffae2aa061b96175:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/codoso-gh0st-malware.yaml b/file/malware/hash/codoso-gh0st-malware.yaml
@@ -20,3 +20,4 @@ file:
           - "sha256(raw) == '7dc7cec2c3f7e56499175691f64060ebd955813002d4db780e68a8f6e7d0a8f8'"
           - "sha256(raw) == 'd7004910a87c90ade7e5ff6169f2b866ece667d2feebed6f0ec856fb838d2297'"
         condition: or
+# digest: 4a0a0047304502202ebd3119c13096fad713b242106abe1626d905bf5c030524c6af82dd1b9ae603022100d7635a3dd4876a4e5bb59d956e7d0b2a57b565afbc92279e54767a3cc947a57e:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/codoso-malware-hash.yaml b/file/malware/hash/codoso-malware-hash.yaml
@@ -24,3 +24,4 @@ file:
           - "sha256(raw) == 'd66106ec2e743dae1d71b60a602ca713b93077f56a47045f4fc9143aa3957090'"
           - "sha256(raw) == '3577845d71ae995762d4a8f43b21ada49d809f95c127b770aff00ae0b64264a3'"
         condition: or
+# digest: 4a0a004730450220308710bed21d5eb52e56a7561d04353c42bffe6291b6b826b50da6777de368310221009e0df4a7212395c0c75578001769a2240a27bab1c047e00858df537c057988cc:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/codoso-pgv-malware-hash.yaml b/file/malware/hash/codoso-pgv-malware-hash.yaml
@@ -21,4 +21,5 @@ file:
           - "sha256(raw) == '13bce64b3b5bdfd24dc6f786b5bee08082ea736be6536ef54f9c908fd1d00f75'"
           - "sha256(raw) == 'bc0b885cddf80755c67072c8b5961f7f0adcaeb67a1a5c6b3475614fd51696fe'"
           - "sha256(raw) == '4b16f6e8414d4192d0286b273b254fa1bd633f5d3d07ceebd03dfdfc32d0f17f'"
-        condition: or
+        condition: or
+# digest: 4a0a00473045022100880ccf3fafac7e58b750b727c22e2d7284b5c2de263a5f5157a2abce9d951e2b02205f7f4fda15882dc695ba9258038ab6b6a2d72a07b2fe7e2f6dc7a5e9dbab223d:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/codoso-plugx-malware-hash.yaml b/file/malware/hash/codoso-plugx-malware-hash.yaml
@@ -22,3 +22,4 @@ file:
           - "sha256(raw) == '74e1e83ac69e45a3bee78ac2fac00f9e897f281ea75ed179737e9b6fe39971e3'"
           - "sha256(raw) == '74e1e83ac69e45a3bee78ac2fac00f9e897f281ea75ed179737e9b6fe39971e3'"
         condition: or
+# digest: 4b0a00483046022100a28fe5e6a592e203aac91b31c5a900928317b3742110677293d6908b550c78dc022100f11027e271942369229d95f7aa2cbd9abcf5b4bfc0ef887e4e0af9dde1146fcd:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/disgomoji-malware-hash.yaml b/file/malware/hash/disgomoji-malware-hash.yaml
@@ -15,4 +15,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == '2abaae4f6794131108adf5b42e09ee5ce24769431a0e154feabe6052cfe70bf3'"
+          - "sha256(raw) == '2abaae4f6794131108adf5b42e09ee5ce24769431a0e154feabe6052cfe70bf3'"
+# digest: 4b0a00483046022100f4dd415de9758c33403ccdc3b73573fa19b2af5574765856c455437f5fe08b900221009cadd9822eb7d450cbea102040895e61f38ecdb8088f8bcc60f7e70c866dc0f5:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/dubnium-malware-hash.yaml b/file/malware/hash/dubnium-malware-hash.yaml
@@ -42,3 +42,4 @@ file:
           - "sha256(raw) == 'bd780f4d56214c78045454d31d83ae18ed209cc138e75d138e72976a7ef9803f'"
           - "sha256(raw) == 'e0918072d427d12b43f436bf0797a361996ae436047d4ef8277f11caf2dd481b'"
         condition: or
+# digest: 4b0a00483046022100fb949228730cf2df5b5a602f356052bd8ddaa764296876d3c14dcba0a985e3d702210080dfe0d200211647959d074d337ae352a0cb5af16e8aa10592364b7877d06368:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/dubnium-sshopenssl-malware-hash.yaml b/file/malware/hash/dubnium-sshopenssl-malware-hash.yaml
@@ -24,3 +24,4 @@ file:
           - "sha256(raw) == 'a25715108d2859595959879ff50085bc85969e9473ecc3d26dda24c4a17822c9'"
           - "sha256(raw) == 'e0918072d427d12b43f436bf0797a361996ae436047d4ef8277f11caf2dd481b'"
         condition: or
+# digest: 4a0a00473045022100814d6f96b726faace0737c580ac77347eec68358162a181b3f81a66845d56c7702207398cf01015d51ffc9c50f378aaf216f2f89694e1c847279dcba476322d43755:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/emissary-malware-hash.yaml b/file/malware/hash/emissary-malware-hash.yaml
@@ -30,4 +30,5 @@ file:
           - "sha256(raw) == '29d8dc863427c8e37b75eb738069c2172e79607acc7b65de6f8086ba36abf051'"
           - "sha256(raw) == '98fb1d2975babc18624e3922406545458642e01360746870deee397df93f50e0'"
           - "sha256(raw) == 'fbcb401cf06326ab4bb53fb9f01f1ca647f16f926811ea66984f1a1b8cf2f7bb'"
-        condition: or
+        condition: or
+# digest: 4b0a00483046022100c7db698f9fba6a6bcc96bd22a4e5c7ab462ce12f6486e676e96eae11860095ff022100beddf7aca317e4932871573e5320d018a47e64df0d0e2f9d778ca7bd69369cc1:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/evilbamboo-malware-hash.yaml b/file/malware/hash/evilbamboo-malware-hash.yaml
@@ -34,3 +34,4 @@ file:
           - "sha256(raw) == '7995c382263f8dbbfc37a9d62392aef8b4f89357d436b3dd94dea842f9574ecf'"
           - "sha256(raw) == 'efea95720853e0cd2d9d4e93a64a726cfe17efea7b17af7c4ae6d3a6acae5b30'"
         condition: or
+# digest: 4a0a0047304502206d8e6848dc4301823b8e130856dbe24d08992b76845f62f3714c1616a1132640022100b6f74f98ddbd5421cb7228f6f2a457ce927e5d388f36b2296286d137d7eb74ed:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/fakem-malware-hash.yaml b/file/malware/hash/fakem-malware-hash.yaml
@@ -29,3 +29,4 @@ file:
           - "sha256(raw) == '53cecc0d0f6924eacd23c49d0d95a6381834360fbbe2356778feb8dd396d723e'"
           - "sha256(raw) == '523ad50b498bfb5ab688d9b1958c8058f905b634befc65e96f9f947e40893e5b'"
         condition: or
+# digest: 4b0a00483046022100dfadd7cd1cea6ebbe1aa3f69f7625179ee00f5d1c2ccfd5d1e79e315886c3a81022100eb9016ec39cecbd2cd4b0c0dbd6d0c368d821f2881efb34ab5554ced703dd597:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/flipflop-malware-hash.yaml b/file/malware/hash/flipflop-malware-hash.yaml
@@ -18,4 +18,5 @@ file:
           - "sha256(raw) == 'ee42ddacbd202008bcc1312e548e1d9ac670dd3d86c999606a3a01d464a2a330'"
           - "sha256(raw) == 'b041efb8ba2a88a3d172f480efa098d72eef13e42af6aa5fb838e6ccab500a7c'"
           - "sha256(raw) == 'ad67aaa50fd60d02f1378b4155f69cffa9591eaeb80523489a2355512cc30e8c'"
-        condition: or
+        condition: or
+# digest: 4b0a00483046022100898dba3d21d00acd15b0d9328ff3c9b58792f741caff519072c7a6649f37a2bb022100980b0d759b9d2b8464858ecaa9bb3f65db5588bd5dccacf73ad8e95beb6ba0a7:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/furtim-malware-hash.yaml b/file/malware/hash/furtim-malware-hash.yaml
@@ -20,3 +20,4 @@ file:
           - "sha256(raw) == '766e49811c0bb7cce217e72e73a6aa866c15de0ba11d7dda3bd7e9ec33ed6963'"
           - "sha256(raw) == '4f39d3e70ed1278d5fa83ed9f148ca92383ec662ac34635f7e56cc42eeaee948'"
         condition: or
+# digest: 490a0046304402201cc666527fe4048ffb13776e5608001310f5f01ee9ca75e2627a6eb72fd527ea0220037ef8c644ec2d014e18264aa1d93968ae0aa1c6bd2cae7f28ea60a89d7ba2eb:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/gimmick-malware-hash.yaml b/file/malware/hash/gimmick-malware-hash.yaml
@@ -15,4 +15,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == '2a9296ac999e78f6c0bee8aca8bfa4d4638aa30d9c8ccc65124b1cbfc9caab5f'"
+          - "sha256(raw) == '2a9296ac999e78f6c0bee8aca8bfa4d4638aa30d9c8ccc65124b1cbfc9caab5f'"
+# digest: 4b0a004830460221009a442dbe1b3ff7ed49002fc578c8ad40e1c5a5855deaff427a05a0f1cd6ff4de022100953b763bcdad0701a73662bb7a3af2afa83bb5a161fc87762e19bea7b9293a24:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/godzilla-webshell-hash.yaml b/file/malware/hash/godzilla-webshell-hash.yaml
@@ -16,4 +16,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == '2786d2dc738529a34ecde10ffeda69b7f40762bf13e7771451f13a24ab7fc5fe'"
+          - "sha256(raw) == '2786d2dc738529a34ecde10ffeda69b7f40762bf13e7771451f13a24ab7fc5fe'"
+# digest: 4b0a00483046022100ef923e9e696242b4b131011cefeea985b6ff2d5a336f3d987fd240f9717ee34f022100f563f8d4f335a993968b3e542f5f944381f033939dcf870a4b823414fc9f1eab:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/greenbug-malware-hash.yaml b/file/malware/hash/greenbug-malware-hash.yaml
@@ -29,4 +29,5 @@ file:
           - "sha256(raw) == '44bdf5266b45185b6824898664fd0c0f2039cdcb48b390f150e71345cd867c49'"
           - "sha256(raw) == '7f16824e7ad9ee1ad2debca2a22413cde08f02ee9f0d08d64eb4cb318538be9c'"
           - "sha256(raw) == '82beaef407f15f3c5b2013cb25901c9fab27b086cadd35149794a25dce8abcb9'"
-        condition: or
+        condition: or
+# digest: 4a0a00473045022077930b63738553480367e50314899ea548fca78cf499bfa0b139e798e7af18e10221008a78bcf158ccf90ec42fc2fca2f4bab5b64c36395f1913f238cd66f65ac0307f:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/ico-malware-hash.yaml b/file/malware/hash/ico-malware-hash.yaml
@@ -22,3 +22,4 @@ file:
           - "sha256(raw) == '7986bbaee8940da11ce089383521ab420c443ab7b15ed42aed91fd31ce833896'"
           - "sha256(raw) == 'aa124a4b4df12b34e74ee7f6c683b2ebec4ce9a8edcf9be345823b4fdcf5d868'"
         condition: or
+# digest: 4a0a0047304502210080d59fa91d32936cfa59f88492591cf309cfe06721ee5455cf7a3d3d2659f7be022045f58959e4c91fa9a13f740e85981ffc1446d47d186a076d56a1d9333bc0a053:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/industroyer-malware-hash.yaml b/file/malware/hash/industroyer-malware-hash.yaml
@@ -26,3 +26,4 @@ file:
           - "sha256(raw) == '21c1fdd6cfd8ec3ffe3e922f944424b543643dbdab99fa731556f8805b0d5561'"
           - "sha256(raw) == '7907dd95c1d36cf3dc842a1bd804f0db511a0f68f4b3d382c23a3c974a383cad'"
         condition: or
+# digest: 4b0a0048304602210080c6157e9dddd2e4fe5922dd89a088a382a7a9dcabcf3ed2be3ff364360e98c1022100da6a030cb87f7367d5c71f98b05dfa0a58e549c124b8a9f0f51bb91e759a6739:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/ironPanda-htran-malware-hash.yaml b/file/malware/hash/ironPanda-htran-malware-hash.yaml
@@ -17,4 +17,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == '7903f94730a8508e9b272b3b56899b49736740cea5037ea7dbb4e690bcaf00e7'"
+          - "sha256(raw) == '7903f94730a8508e9b272b3b56899b49736740cea5037ea7dbb4e690bcaf00e7'"
+# digest: 4a0a00473045022100d46d3b9acc96f4f2d0e9d79c1fea714162bffb0316d45fedbb295bbc340ee9ff022046c6f4bb7568faccfca86380525231205674d4981d46dbb71997fe16c40acd17:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/ironpanda-dnstunclient-malware-hash.yaml b/file/malware/hash/ironpanda-dnstunclient-malware-hash.yaml
@@ -17,4 +17,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == 'a08db49e198068709b7e52f16d00a10d72b4d26562c0d82b4544f8b0fb259431'"
+          - "sha256(raw) == 'a08db49e198068709b7e52f16d00a10d72b4d26562c0d82b4544f8b0fb259431'"
+# digest: 4b0a004830460221009fec136cd6afff7b6e05ee7021c47aee0953b31c0030092762b41815389c523f022100b5cb901c2eee61091dea87d53fcdda19e9da866a39d257ac2de919a33104545e:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/ironpanda-malware-hash.yaml b/file/malware/hash/ironpanda-malware-hash.yaml
@@ -20,3 +20,4 @@ file:
           - "sha256(raw) == '5cd2af844e718570ae7ba9773a9075738c0b3b75c65909437c43201ce596a742'"
           - "sha256(raw) == '0d6da946026154416f49df2283252d01ecfb0c41c27ef3bc79029483adc2240c'"
         condition: or
+# digest: 490a0046304402200301d42c3766d7c293b5be428964594c852c2260bf2ff065cde79c007f542c6e022039dbb512053399446bd53d7648cef7c93c2d49e412421e21eaec413e308386a7:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/locky-ransomware-hash.yaml b/file/malware/hash/locky-ransomware-hash.yaml
@@ -17,4 +17,5 @@ file:
     matchers:
       - type: dsl
         dsl:
-          - "sha256(raw) == '5e945c1d27c9ad77a2b63ae10af46aee7d29a6a43605a9bfbf35cebbcff184d8'"
+          - "sha256(raw) == '5e945c1d27c9ad77a2b63ae10af46aee7d29a6a43605a9bfbf35cebbcff184d8'"
+# digest: 490a0046304402205302c66b95d066ed9cdc9d92c33deb5f2d674759f72d1ac5dfc687b47623b2b40220008fa3589f8df52fabb50eb4c2625e78c5b287edbe1d594de5306e78e162159b:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/minidionis-readerview-malware-hash.yaml b/file/malware/hash/minidionis-readerview-malware-hash.yaml
@@ -24,3 +24,4 @@ file:
           - "sha256(raw) == 'ed7abf93963395ce9c9cba83a864acb4ed5b6e57fd9a6153f0248b8ccc4fdb46'"
           - "sha256(raw) == '56ac764b81eb216ebed5a5ad38e703805ba3e1ca7d63501ba60a1fb52c7ebb6e'"
         condition: or
+# digest: 490a00463044022029fa96cb482d568ef5bf8d61cb9dbc4d963eceebc921fde94f9982cb64b935d402202293f5472d0f763fdece65b66eaf4689cbc5d2f5d808519ea4ec296396c593b1:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/minidionis-vbs-malware-hash.yaml b/file/malware/hash/minidionis-vbs-malware-hash.yaml
@@ -17,3 +17,4 @@ file:
       - type: dsl
         dsl:
           - "sha256(raw) == '97dd1ee3aca815eb655a5de9e9e8945e7ba57f458019be6e1b9acb5731fa6646'"
+# digest: 4b0a00483046022100da5188e98d74fb2871b54281c14edb11d3cd3a8a80be3458fe046c8a778eb4c5022100ee694e6a02206cbebc6d1e51e273197da0e84da2d689bf05bf7cb793ee0a79fd:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/naikon-apt-malware-hash.yaml b/file/malware/hash/naikon-apt-malware-hash.yaml
@@ -17,3 +17,4 @@ file:
           - "sha256(raw) == 'd5716c80cba8554eb79eecfb4aa3d99faf0435a1833ec5ef51f528146c758eba'"
           - "sha256(raw) == 'f5ab8e49c0778fa208baad660fe4fa40fc8a114f5f71614afbd6dcc09625cb96'"
         condition: or
+# digest: 490a00463044022076875f93e0837f92458a066ed23b9fbea85795d9bd3818b632f26b9830cdfe7f02200695449446fb36a39c556f565454dc45bdd1cf83850ce2f4eae8fc83426f858b:922c64590222798bb761d5b6d8e72950
diff --git a/file/malware/hash/neuron2-malware-hash.yaml b/file/malware/hash/neuron2-malware-hash.yaml
@@ -18,3 +18,4 @@ file:
           - "sha256(raw) == '51616b207fde2ff1360a1364ff58270e0d46cf87a4c0c21b374a834dd9676927'"
           - "sha256(raw) == '83d8922e7a8212f1a2a9015973e668d7999b90e7000c31f57be83803747df015'"
         condition: or
+# digest: 4a0a00473045022100b91242669db5c8dd0752bac8fb27f0341d9c54b95649fde172eddb7f11e42cb6022054904c777180e063b25b9ff387271f645a7b48bc1579bf75bae794434bfc6278:922c64590222798bb761d5b6d8e72950