certtools/malware_name_mapping

Name: malware_name_mapping

Owner: CERT-Tools

Description: A mapping of used malware names to commonly known family names

Created: 2018-02-28 16:05:29.0

Updated: 2018-05-22 12:38:55.0

Pushed: 2018-05-17 09:34:01.0

Homepage: null

Size: 90

Language: Python

GitHub Committers

UserMost Recent Commit# Commits

Other Committers

UserEmailMost Recent Commit# Commits

README

Malware Name Mapping

There are a lot of different malware names used in the IT security community for the same kind of malware. This repository holds regular expression to match those and derive a commonly used malware family name.

This mapping is used in reporting (as generic name) and for statistics purpose.

Format

Currently it is comma-separated. The meaning of the columns is:

  1. regular expression, starting with ^ and ending with $. It can/should be applied case-insensitive. The field is encapsulated in double quotes (").
  2. malware family name
  3. optional comment (origin of the rule, where the malware names occur etc)
Tests

To check the validity of the file, you can run ./test.sh. It shows all lines not matching the format.

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.