Name: malware_name_mapping
Owner: CERT-Tools
Description: A mapping of used malware names to commonly known family names
Created: 2018-02-28 16:05:29.0
Updated: 2018-05-22 12:38:55.0
Pushed: 2018-05-17 09:34:01.0
Homepage: null
Size: 90
Language: Python
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
There are a lot of different malware names used in the IT security community for the same kind of malware. This repository holds regular expression to match those and derive a commonly used malware family name.
This mapping is used in reporting (as generic name) and for statistics purpose.
Currently it is comma-separated. The meaning of the columns is:
^
and ending with $
. It can/should be applied case-insensitive. The field is encapsulated in double quotes ("
).To check the validity of the file, you can run ./test.sh
. It shows all lines not matching the format.