Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/telekom-security/malware_analysis

This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
https://github.com/telekom-security/malware_analysis

cti malware malware-analysis malware-research reverse-engineering

Last synced: 3 months ago
JSON representation

This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.

Host: GitHub
URL: https://github.com/telekom-security/malware_analysis
Owner: telekom-security
Created: 2021-05-07T13:28:34.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2023-12-13T11:54:24.000Z (about 1 year ago)
Last Synced: 2024-08-03T22:16:01.896Z (6 months ago)
Topics: cti, malware, malware-analysis, malware-research, reverse-engineering
Language: Python
Homepage: https://www.telekom.com/en/blog
Size: 65.4 KB
Stars: 109
Watchers: 15
Forks: 16
Open Issues: 2
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # Telekom Security Malware Analysis Repository

This repository comprises scripts, signatures, and additional IOCs of our blog posts at the [telekom.com blog](https://www.telekom.com/en/blog) as well as of our [Twitter account](https://twitter.com/DTCERT).

- 2021-05-17: [Let’s set ice on fire: Hunting and detecting IcedID infections](https://www.telekom.com/en/blog/group/article/let-s-set-ice-on-fire-hunting-and-detecting-icedid-infections-627240) ([IcedID](https://github.com/telekom-security/malware_analysis/tree/main/icedid))

- 2021-07-14: [LOCKDATA Auction – Another leak marketplace showing the recent shift of ransomware operators](https://www.telekom.com/en/blog/group/article/lockdata-auction-631300) ([CryLock](https://github.com/telekom-security/malware_analysis/tree/main/crylock))

- 2021-09-14: [Flubot's Smishing Campaigns under the Microscope](https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368) ([Flubot/Teabot](https://github.com/telekom-security/malware_analysis/tree/main/flubot))

- 2021-10-29: [#YARA rule for hunting XOR encrypted #PlugX / #Korplug payloads](https://twitter.com/DTCERT/status/1454022175254618114?s=20)([PlugX](https://github.com/telekom-security/malware_analysis/tree/main/plugx))

- 2022-01-14: [#100DaysOfYara Detect Hacktools that modify RDP settings](https://twitter.com/DTCERT/status/1481925582019571712?s=20) ([Hacktools](https://github.com/telekom-security/malware_analysis/tree/main/hacktools))

- 2022-03-11: [SystemBC YARA rule and extractor](https://twitter.com/DTCERT/status/1502214236268900354) ([SystemBC](https://github.com/telekom-security/malware_analysis/tree/main/systembc))

- 2022-03-18: [#100DaysOfYara Detect Vatet Loader in backedoored Rufus](https://twitter.com/DTCERT/status/1504778715913408512)([Defray777])(https://github.com/telekom-security/malware_analysis/tree/main/defray777)

-  2022-09-02: [Raspberry Robin](https://twitter.com/DTCERT/status/1565664874633564162)([IOCs](https://github.com/telekom-security/malware_analysis/tree/main/raspberry_robin))