Malware Indicators of Compromise

 .-------------.
(  E  S | E  T  )  R e s e a r c h
 `-------------'

Copyright (C) ESET 2014-2020

Here are indicators of compromise (IOCs) of our various investigations. We are doing this to help the broader security community fight malware wherever it might be.

• .yar files are http://plusvic.github.io/yara/[Yara] rules
• .rules files are http://snort.org/[Snort] rules
• samples.md5, samples.sha1 and samples.sha256 files are newline separated list of hexadecimal digests of malware samples

If you would like to contribute improved versions please send us a pull request.

If you've found false positives give us the details in an issue report and we'll try to improve our IOCs.

These are licensed under the permissive BSD two-clause license. You are allowed to modify these and keep the changes to yourself even though it would be rude to do so.