PyPI - txt2stix - Versions diffs - 0.0.4__py3-none-any.whl - Mend

txt2stix 0.0.4__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (119) hide show

txt2stix/__init__.py +33 -0
txt2stix/ai_extractor/__init__.py +15 -0
txt2stix/ai_extractor/anthropic.py +12 -0
txt2stix/ai_extractor/base.py +87 -0
txt2stix/ai_extractor/deepseek.py +19 -0
txt2stix/ai_extractor/gemini.py +18 -0
txt2stix/ai_extractor/openai.py +15 -0
txt2stix/ai_extractor/openrouter.py +20 -0
txt2stix/ai_extractor/prompts.py +164 -0
txt2stix/ai_extractor/utils.py +85 -0
txt2stix/attack_flow.py +101 -0
txt2stix/bundler.py +428 -0
txt2stix/common.py +23 -0
txt2stix/extractions.py +59 -0
txt2stix/includes/__init__.py +0 -0
txt2stix/includes/extractions/ai/config.yaml +1023 -0
txt2stix/includes/extractions/lookup/config.yaml +393 -0
txt2stix/includes/extractions/pattern/config.yaml +609 -0
txt2stix/includes/helpers/mimetype_filename_extension_list.csv +936 -0
txt2stix/includes/helpers/stix_relationship_types.txt +41 -0
txt2stix/includes/helpers/tlds.txt +1446 -0
txt2stix/includes/helpers/windows_registry_key_prefix.txt +12 -0
txt2stix/includes/lookups/_README.md +11 -0
txt2stix/includes/lookups/_generate_lookups.py +247 -0
txt2stix/includes/lookups/attack_pattern.txt +1 -0
txt2stix/includes/lookups/campaign.txt +1 -0
txt2stix/includes/lookups/country_iso3166_alpha2.txt +249 -0
txt2stix/includes/lookups/course_of_action.txt +1 -0
txt2stix/includes/lookups/disarm_id_v1_5.txt +345 -0
txt2stix/includes/lookups/disarm_name_v1_5.txt +347 -0
txt2stix/includes/lookups/extensions.txt +78 -0
txt2stix/includes/lookups/identity.txt +1 -0
txt2stix/includes/lookups/infrastructure.txt +1 -0
txt2stix/includes/lookups/intrusion_set.txt +1 -0
txt2stix/includes/lookups/malware.txt +2 -0
txt2stix/includes/lookups/mitre_atlas_id_v4_5_2.txt +116 -0
txt2stix/includes/lookups/mitre_atlas_name_v4_5_2.txt +117 -0
txt2stix/includes/lookups/mitre_attack_enterprise_aliases_v16_0.txt +1502 -0
txt2stix/includes/lookups/mitre_attack_enterprise_id_v16_0.txt +1656 -0
txt2stix/includes/lookups/mitre_attack_enterprise_name_v16_0.txt +1765 -0
txt2stix/includes/lookups/mitre_attack_ics_aliases_v16_0.txt +141 -0
txt2stix/includes/lookups/mitre_attack_ics_id_v16_0.txt +254 -0
txt2stix/includes/lookups/mitre_attack_ics_name_v16_0.txt +293 -0
txt2stix/includes/lookups/mitre_attack_mobile_aliases_v16_0.txt +159 -0
txt2stix/includes/lookups/mitre_attack_mobile_id_v16_0.txt +277 -0
txt2stix/includes/lookups/mitre_attack_mobile_name_v16_0.txt +296 -0
txt2stix/includes/lookups/mitre_capec_id_v3_9.txt +559 -0
txt2stix/includes/lookups/mitre_capec_name_v3_9.txt +560 -0
txt2stix/includes/lookups/mitre_cwe_id_v4_15.txt +939 -0
txt2stix/includes/lookups/mitre_cwe_name_v4_15.txt +939 -0
txt2stix/includes/lookups/threat_actor.txt +1 -0
txt2stix/includes/lookups/tld.txt +1422 -0
txt2stix/includes/lookups/tool.txt +1 -0
txt2stix/includes/tests/test_cases.yaml +695 -0
txt2stix/indicator.py +860 -0
txt2stix/lookups.py +68 -0
txt2stix/pattern/__init__.py +13 -0
txt2stix/pattern/extractors/__init__.py +0 -0
txt2stix/pattern/extractors/base_extractor.py +167 -0
txt2stix/pattern/extractors/card/README.md +34 -0
txt2stix/pattern/extractors/card/__init__.py +15 -0
txt2stix/pattern/extractors/card/amex_card_extractor.py +52 -0
txt2stix/pattern/extractors/card/diners_card_extractor.py +47 -0
txt2stix/pattern/extractors/card/discover_card_extractor.py +48 -0
txt2stix/pattern/extractors/card/jcb_card_extractor.py +43 -0
txt2stix/pattern/extractors/card/master_card_extractor.py +63 -0
txt2stix/pattern/extractors/card/union_card_extractor.py +38 -0
txt2stix/pattern/extractors/card/visa_card_extractor.py +46 -0
txt2stix/pattern/extractors/crypto/__init__.py +3 -0
txt2stix/pattern/extractors/crypto/btc_extractor.py +38 -0
txt2stix/pattern/extractors/directory/__init__.py +10 -0
txt2stix/pattern/extractors/directory/unix_directory_extractor.py +40 -0
txt2stix/pattern/extractors/directory/unix_file_path_extractor.py +42 -0
txt2stix/pattern/extractors/directory/windows_directory_path_extractor.py +47 -0
txt2stix/pattern/extractors/directory/windows_file_path_extractor.py +42 -0
txt2stix/pattern/extractors/domain/__init__.py +8 -0
txt2stix/pattern/extractors/domain/domain_extractor.py +39 -0
txt2stix/pattern/extractors/domain/hostname_extractor.py +36 -0
txt2stix/pattern/extractors/domain/sub_domain_extractor.py +49 -0
txt2stix/pattern/extractors/hashes/__init__.py +16 -0
txt2stix/pattern/extractors/hashes/md5_extractor.py +16 -0
txt2stix/pattern/extractors/hashes/sha1_extractor.py +14 -0
txt2stix/pattern/extractors/hashes/sha224_extractor.py +18 -0
txt2stix/pattern/extractors/hashes/sha2_256_exactor.py +14 -0
txt2stix/pattern/extractors/hashes/sha2_512_exactor.py +13 -0
txt2stix/pattern/extractors/hashes/sha3_256_exactor.py +15 -0
txt2stix/pattern/extractors/hashes/sha3_512_exactor.py +16 -0
txt2stix/pattern/extractors/helper.py +64 -0
txt2stix/pattern/extractors/ip/__init__.py +14 -0
txt2stix/pattern/extractors/ip/ipv4_cidr_extractor.py +49 -0
txt2stix/pattern/extractors/ip/ipv4_extractor.py +18 -0
txt2stix/pattern/extractors/ip/ipv4_port_extractor.py +42 -0
txt2stix/pattern/extractors/ip/ipv6_cidr_extractor.py +18 -0
txt2stix/pattern/extractors/ip/ipv6_extractor.py +16 -0
txt2stix/pattern/extractors/ip/ipv6_port_extractor.py +46 -0
txt2stix/pattern/extractors/others/__init__.py +22 -0
txt2stix/pattern/extractors/others/asn_extractor.py +14 -0
txt2stix/pattern/extractors/others/cpe_extractor.py +29 -0
txt2stix/pattern/extractors/others/cve_extractor.py +14 -0
txt2stix/pattern/extractors/others/email_extractor.py +21 -0
txt2stix/pattern/extractors/others/filename_extractor.py +17 -0
txt2stix/pattern/extractors/others/iban_extractor.py +15 -0
txt2stix/pattern/extractors/others/mac_address_extractor.py +13 -0
txt2stix/pattern/extractors/others/phonenumber_extractor.py +41 -0
txt2stix/pattern/extractors/others/user_agent_extractor.py +20 -0
txt2stix/pattern/extractors/others/windows_registry_key_extractor.py +18 -0
txt2stix/pattern/extractors/url/__init__.py +7 -0
txt2stix/pattern/extractors/url/url_extractor.py +22 -0
txt2stix/pattern/extractors/url/url_file_extractor.py +21 -0
txt2stix/pattern/extractors/url/url_path_extractor.py +74 -0
txt2stix/retriever.py +126 -0
txt2stix/stix.py +1 -0
txt2stix/txt2stix.py +336 -0
txt2stix/utils.py +86 -0
txt2stix-0.0.4.dist-info/METADATA +190 -0
txt2stix-0.0.4.dist-info/RECORD +119 -0
txt2stix-0.0.4.dist-info/WHEEL +4 -0
txt2stix-0.0.4.dist-info/entry_points.txt +2 -0
txt2stix-0.0.4.dist-info/licenses/LICENSE +202 -0

txt2stix/includes/lookups/mitre_attack_enterprise_aliases_v16_0.txt ADDED Viewed

@@ -0,0 +1,1502 @@
+Operation Dream Job
+Operation North Star
+Operation Interception
+KV Botnet Activity
+Frankenstein
+Operation Sharpshooter
+Operation Honeybee
+Triton Safety Instrumented System Attack
+Operation Dust Storm
+2015 Ukraine Electric Power Attack
+Operation Spalax
+Cutting Edge
+C0018
+Water Curupira Pikabot Distribution
+C0021
+C0015
+Operation Ghost
+HomeLand Justice
+C0032
+SolarWinds Compromise
+Pikabot Distribution February 2024
+FunnyDream
+Operation CuckooBees
+C0033
+2016 Ukraine Electric Power Attack
+C0010
+APT41 DUST
+Night Dragon
+Versa Director Zero Day Exploitation
+Operation Wocao
+C0011
+C0017
+C0026
+C0027
+2022 Ukraine Electric Power Attack
+CostaRicto
+APT38
+NICKEL GLADSTONE
+BeagleBoyz
+Bluenoroff
+Stardust Chollima
+Sapphire Sleet
+COPERNICIUM
+Indrik Spider
+Evil Corp
+Manatee Tempest
+DEV-0243
+UNC2165
+NEODYMIUM
+Elderwood
+Elderwood Gang
+Beijing Group
+Sneaky Panda
+SideCopy
+GALLIUM
+Granite Typhoon
+APT17
+Deputy Dog
+APT3
+Gothic Panda
+Pirpi
+UPS Team
+Buckeye
+Threat Group-0110
+TG-0110
+Mustard Tempest
+DEV-0206
+TA569
+GOLD PRELUDE
+UNC1543
+GCMAN
+Kimsuky
+Black Banshee
+Velvet Chollima
+Emerald Sleet
+THALLIUM
+APT43
+TA427
+EXOTIC LILY
+TA577
+admin@338
+Volt Typhoon
+BRONZE SILHOUETTE
+Vanguard Panda
+DEV-0391
+UNC3236
+Voltzite
+Insidious Taurus
+Patchwork
+Hangover Group
+Dropping Elephant
+Chinastrats
+MONSOON
+Operation Hangover
+APT41
+Wicked Panda
+Brass Typhoon
+BARIUM
+Dragonfly
+TEMP.Isotope
+DYMALLOY
+Berserk Bear
+TG-4192
+Crouching Yeti
+IRON LIBERTY
+Energetic Bear
+Ghost Blizzard
+BROMINE
+Evilnum
+Gorgon Group
+menuPass
+Cicada
+POTASSIUM
+Stone Panda
+APT10
+Red Apollo
+CVNX
+HOGFISH
+BRONZE RIVERSIDE
+APT32
+SeaLotus
+OceanLotus
+APT-C-00
+Canvas Cyclone
+BISMUTH
+HAFNIUM
+Operation Exchange Marauder
+Silk Typhoon
+MuddyWater
+Earth Vetala
+MERCURY
+Static Kitten
+Seedworm
+TEMP.Zagros
+Mango Sandstorm
+TA450
+Strider
+ProjectSauron
+Naikon
+FIN6
+Magecart Group 6
+ITG08
+Skeleton Spider
+TAAL
+Camouflage Tempest
+Gamaredon Group
+IRON TILDEN
+Primitive Bear
+ACTINIUM
+Armageddon
+Shuckworm
+DEV-0157
+Aqua Blizzard
+Moafee
+Gallmaker
+Leafminer
+Raspite
+TeamTNT
+FIN7
+GOLD NIAGARA
+ITG14
+Carbon Spider
+ELBRUS
+Sangria Tempest
+Sandworm Team
+ELECTRUM
+Telebots
+IRON VIKING
+BlackEnergy (Group)
+Quedagh
+Voodoo Bear
+IRIDIUM
+Seashell Blizzard
+FROZENBARENTS
+APT44
+Machete
+APT-C-43
+El Machete
+APT18
+TG-0416
+Dynamite Panda
+Threat Group-0416
+Andariel
+Silent Chollima
+PLUTONIUM
+Onyx Sleet
+CURIUM
+Crimson Sandstorm
+TA456
+Tortoise Shell
+Yellow Liderc
+Sidewinder
+T-APT-04
+Rattlesnake
+Mustang Panda
+TA416
+RedDelta
+BRONZE PRESIDENT
+ZIRCONIUM
+APT31
+Violet Typhoon
+Rocke
+Scattered Spider
+Roasted 0ktapus
+Octo Tempest
+Storm-0875
+APT39
+ITG07
+Chafer
+Remix Kitten
+TA2541
+Akira
+GOLD SAHARA
+PUNK SPIDER
+APT37
+InkySquid
+ScarCruft
+Reaper
+Group123
+TEMP.Reaper
+Ricochet Chollima
+Moses Staff
+DEV-0500
+Marigold Sandstorm
+OilRig
+COBALT GYPSY
+IRN2
+APT34
+Helix Kitten
+Evasive Serpens
+Hazel Sandstorm
+EUROPIUM
+ITG13
+Windigo
+Higaisa
+Carbanak
+Anunak
+Tropic Trooper
+Pirate Panda
+KeyBoy
+Orangeworm
+Suckfly
+Putter Panda
+APT2
+MSUpdater
+POLONIUM
+Plaid Rain
+TA459
+Aquatic Panda
+Aoqin Dragon
+Ferocious Kitten
+The White Company
+Ke3chang
+APT15
+Mirage
+Vixen Panda
+GREF
+Playful Dragon
+RoyalAPT
+NICKEL
+Nylon Typhoon
+Saint Bear
+Storm-0587
+TA471
+UAC-0056
+Lorec53
+APT1
+Comment Crew
+Comment Group
+Comment Panda
+DarkHydrus
+Confucius
+Confucius APT
+BlackTech
+Palmerworm
+Leviathan
+MUDCARP
+Kryptonite Panda
+Gadolinium
+BRONZE MOHAWK
+TEMP.Jumper
+APT40
+TEMP.Periscope
+Gingham Typhoon
+MoustachedBouncer
+Group5
+Blue Mockingbird
+Winter Vivern
+TA473
+UAC-0114
+SilverTerrier
+Turla
+IRON HUNTER
+Group 88
+Waterbug
+WhiteBear
+Snake
+Krypton
+Venomous Bear
+Secret Blizzard
+BELUGASTURGEON
+Poseidon Group
+TA505
+Hive0065
+Spandex Tempest
+CHIMBORAZO
+BITTER
+T-APT-17
+DarkVishnya
+RedCurl
+APT-C-23
+Mantis
+Arid Viper
+Desert Falcon
+TAG-63
+Grey Karkadann
+Big Bang APT
+Two-tailed Scorpion
+FIN5
+Mofang
+Lotus Blossom
+DRAGONFISH
+Spring Dragon
+RADIUM
+Raspberry Typhoon
+Stealth Falcon
+APT29
+IRON RITUAL
+IRON HEMLOCK
+NobleBaron
+Dark Halo
+NOBELIUM
+UNC2452
+YTTRIUM
+The Dukes
+Cozy Bear
+CozyDuke
+SolarStorm
+Blue Kitsune
+UNC3524
+Midnight Blizzard
+Dark Caracal
+Cinnamon Tempest
+DEV-0401
+Emperor Dragonfly
+BRONZE STARLIGHT
+Chimera
+Cleaver
+Threat Group 2889
+TG-2889
+Silent Librarian
+TA407
+COBALT DICKENS
+BRONZE BUTLER
+REDBALDKNIGHT
+Tick
+TA551
+GOLD CABIN
+Shathak
+TEMP.Veles
+XENOTIME
+Equation
+BackdoorDiplomacy
+Star Blizzard
+SEABORGIUM
+Callisto Group
+TA446
+COLDRIVER
+Darkhotel
+DUBNIUM
+Zigzag Hail
+Axiom
+Group 72
+TA578
+Deep Panda
+Shell Crew
+WebMasters
+KungFu Kittens
+PinkPanther
+Black Vine
+Ember Bear
+UNC2589
+Bleeding Bear
+DEV-0586
+Cadet Blizzard
+Frozenvista
+LazyScripter
+Windshift
+Bahamut
+Volatile Cedar
+Lebanese Cedar
+ToddyCat
+Whitefly
+LuminousMoth
+Agrius
+Pink Sandstorm
+AMERICIUM
+Agonizing Serpens
+BlackShadow
+APT28
+IRON TWILIGHT
+SNAKEMACKEREL
+Swallowtail
+Group 74
+Sednit
+Sofacy
+Pawn Storm
+Fancy Bear
+STRONTIUM
+Tsar Team
+Threat Group-4127
+TG-4127
+Forest Blizzard
+FROZENLAKE
+Malteiro
+Metador
+APT5
+Mulberry Typhoon
+MANGANESE
+BRONZE FLEETWOOD
+Keyhole Panda
+UNC2630
+Fox Kitten
+UNC757
+Parisite
+Pioneer Kitten
+RUBIDIUM
+Lemon Sandstorm
+RTM
+APT12
+IXESHE
+DynCalc
+Numbered Panda
+DNSCALC
+APT-C-36
+Blind Eagle
+Scarlet Mimic
+Winnti Group
+Blackfly
+Tonto Team
+Earth Akhlut
+BRONZE HUNTLEY
+CactusPete
+Karma Panda
+GOLD SOUTHFIELD
+Pinchy Spider
+Lazarus Group
+Labyrinth Chollima
+HIDDEN COBRA
+Guardians of Peace
+ZINC
+NICKEL ACADEMY
+Diamond Sleet
+INC Ransom
+GOLD IONIC
+Earth Lusca
+TAG-22
+Charcoal Typhoon
+CHROMIUM
+ControlX
+FIN4
+Silence
+Whisper Spider
+Sowbug
+Threat Group-1314
+TG-1314
+Thrip
+APT16
+LAPSUS$
+DEV-0537
+Strawberry Tempest
+BlackOasis
+Cobalt Group
+GOLD KINGSWOOD
+Cobalt Gang
+Cobalt Spider
+CopyKittens
+Wizard Spider
+UNC1878
+TEMP.MixMaster
+Grim Spider
+FIN12
+GOLD BLACKBURN
+ITG23
+Periwinkle Tempest
+DEV-0193
+Molerats
+Operation Molerats
+Gaza Cybergang
+Transparent Tribe
+COPPER FIELDSTONE
+APT36
+Mythic Leopard
+ProjectM
+IndigoZebra
+Moonstone Sleet
+Storm-1789
+Inception
+Inception Framework
+Cloud Atlas
+Play
+PROMETHIUM
+StrongPity
+APT30
+HEXANE
+Lyceum
+Siamesekitten
+Spirlin
+DragonOK
+Daggerfly
+Evasive Panda
+BRONZE HIGHLAND
+Rancor
+WIRTE
+PLATINUM
+Magic Hound
+TA453
+COBALT ILLUSION
+Charming Kitten
+ITG18
+Phosphorus
+Newscaster
+APT35
+Mint Sandstorm
+Ajax Security Team
+Operation Woolen-Goldfish
+AjaxTM
+Rocket Kitten
+Flying Kitten
+Operation Saffron Rose
+Threat Group-3390
+Earth Smilodon
+TG-3390
+Emissary Panda
+BRONZE UNION
+APT27
+Iron Tiger
+LuckyMouse
+APT33
+HOLMIUM
+Elfin
+Peach Sandstorm
+FIN10
+FIN8
+Syssphinx
+FIN13
+Elephant Beetle
+APT19
+Codoso
+C0d0so0
+Codoso Team
+Sunshop Group
+PittyTiger
+Nomadic Octopus
+DustSquad
+HDoor
+Custom HDoor
+TrickBot
+Totbrick
+TSPY_TRICKLOAD
+PowerDuke
+EKANS
+SNAKEHOSE
+BLINDINGCAN
+Ninja
+Pikabot
+Wiarp
+RCSession
+Spark
+QuietSieve
+SynAck
+Bumblebee
+MURKYTOP
+AcidRain
+GRIFFON
+Exaramel for Windows
+Amadey
+RDFSNIFFER
+Proxysvc
+Orz
+AIRBREAK
+Torisma
+NOKKI
+yty
+Backdoor.Oldrea
+Havex
+DOGCALL
+Stuxnet
+W32.Stuxnet
+Downdelph
+Delphacy
+RotaJakiro
+AvosLocker
+SEASHARPEE
+Get2
+POWRUNER
+KOPILUWAK
+RobbinHood
+VersaMem
+TDTESS
+Chinoxy
+SharpStage
+COATHANGER
+Sardonic
+Smoke Loader
+Dofoil
+WindTail
+Misdat
+FLIPSIDE
+Linux Rabbit
+adbupd
+Emissary
+Exaramel for Linux
+KEYMARBLE
+BUBBLEWRAP
+Backdoor.APT.FakeWinHTTPHelper
+HAWKBALL
+PS1
+Ursnif
+Gozi-ISFB
+PE_URSNIF
+Dreambot
+ThreatNeedle
+ZLib
+RedLeaves
+BUGJUICE
+Miner-C
+POWERSOURCE
+DNSMessenger
+LITTLELAMB.WOOLTEA
+Felismus
+Zeus Panda
+GeminiDuke
+CARROTBAT
+Matryoshka
+FrameworkPOS
+Trinity
+GravityRAT
+WEBC2
+Prestige
+Bankshot
+Trojan Manuscript
+SharpDisco
+HAPPYWORK
+xCaon
+PLAINTEE
+Pony
+WinMM
+Nebulae
+Janicab
+AuditCred
+Roptimizer
+Lurid
+Enfal
+Kasidet
+OceanSalt
+Playcrypt
+Brave Prince
+RainyDay
+Ecipekac
+HEAVYHAND
+SigLoader
+DESLoader
+AppleSeed
+BUSHWALK
+macOS.OSAMiner
+LOWBALL
+NETWIRE
+TinyTurla
+PyDCrypt
+HyperStack
+iKitten
+OSX/MacDownloader
+HAMMERTOSS
+HammerDuke
+NetDuke
+OLDBAIT
+Sasfis
+Bad Rabbit
+Win32/Diskcoder.D
+CosmicDuke
+TinyBaron
+BotgenStudios
+NemesisGemina
+EvilGrab
+EnvyScout
+SslMM
+IMAPLoader
+GreyEnergy
+Aria-body
+Emotet
+Geodo
+SNUGRIDE
+Olympic Destroyer
+Crimson
+MSIL/Crimson
+Tomiris
+TEARDROP
+DUSTTRAP
+Turian
+BADHATCH
+Pyark
+PowerLess
+Action RAT
+Avenger
+DUSTPAN
+Prikormka
+Gootloader
+PingPull
+WellMess
+Dacls
+DropBook
+Woody RAT
+Mafalda
+KARAE
+Squirrelwaffle
+ELMER
+PolyglotDuke
+Umbreon
+AuTo Stealer
+Hildegard
+Agent.btz
+SLOWDRIFT
+SHUTTERSPEED
+SombRAT
+FlawedGrace
+FLASHFLOOD
+FlawedAmmyy
+Snip3
+FYAnti
+DILLJUICE stage2
+Rifdoor
+SUGARUSH
+LoFiSe
+HOPLIGHT
+Cuckoo Stealer
+GuLoader
+WastedLocker
+RegDuke
+ProLock
+Moneybird
+InvisiMole
+P.A.S. Webshell
+Fobushell
+QUIETEXIT
+Naid
+Apostle
+Volgmer
+WINERACK
+WhisperGate
+FruitFly
+ZeroT
+Keydnap
+OSX/Keydnap
+RDAT
+Hacking Team UEFI Rootkit
+Skidmap
+Okrum
+Regin
+Bonadan
+SamSam
+Samas
+Neoichor
+Conti
+Raspberry Robin
+Mispadu
+RemoteCMD
+Diavol
+Raindrop
+Doki
+TEXTMATE
+Siloscape
+BlackCat
+ALPHV
+Noberus
+Fysbis
+IcedID
+VERMIN
+UBoatRAT
+Nightdoor
+MarkiRAT
+PowerShower
+Kazuar
+NavRAT
+DarkComet
+DarkKomet
+Fynloski
+Krademok
+FYNLOS
+NETEAGLE
+POORAIM
+HUI Loader
+CHIMNEYSWEEP
+Ragnar Locker
+FatDuke
+Lucifer
+BlackEnergy
+Black Energy
+zwShell
+GLASSTOKEN
+DCSrv
+DRATzarus
+BOOSTWRITE
+Rising Sun
+ASPXSpy
+ASPXTool
+NotPetya
+ExPetr
+Diskcoder.C
+GoldenEye
+Petrwrap
+Nyetya
+ShimRat
+Chrommme
+BADFLICK
+ObliqueRAT
+SHOTPUT
+Backdoor.APT.CookieCutter
+Avaddon
+Conficker
+Kido
+Downadup
+SocGholish
+FakeUpdates
+Flagpro
+Hi-Zor
+SpicyOmelette
+XAgentOSX
+OSX.Sofacy
+Green Lambert
+China Chopper
+CALENDAR
+LockerGoga
+Chaos
+ISMInjector
+PUNCHBUGGY
+ShellTea
+GoldMax
+SUNSHUTTLE
+HELLOKITTY
+CostaBricks
+Cheerscrypt
+LIGHTWIRE
+POSHSPY
+MiniDuke
+HyperBro
+Anchor
+Anchor_DNS
+Pteranodon
+Pterodo
+DarkTortilla
+ROKRAT
+CORESHELL
+SOURFACE
+RunningRAT
+VPNFilter
+Babuk
+Babyk
+Vasa Locker
+DarkWatchman
+Dyre
+Dyzap
+Dyreza
+BlackMould
+Javali
+PACEMAKER
+LunarLoader
+BBSRAT
+PlugX
+Thoper
+TVT
+DestroyRAT
+Sogu
+Kaba
+Korplug
+Reaver
+Bisonal
+MultiLayer Wiper
+S-Type
+SeaDuke
+SeaDaddy
+SeaDesk
+BS2005
+DustySky
+NeD Worm
+Duqu
+Truvasys
+Remsec
+Backdoor.Remsec
+Industroyer2
+Sykipot
+Explosive
+Xbash
+Rover
+Epic
+Tavdig
+Wipbot
+WorldCupSec
+TadjMakhal
+LightNeuron
+Peppy
+KEYPLUG
+KEYPLUG.LINUX
+Cuba
+DEATHRANSOM
+Clambling
+DarkGate
+Mongall
+NanHaiShu
+SVCReady
+ThiefQuest
+MacRansom.K
+EvilQuest
+FoggyWeb
+NGLite
+XTunnel
+Trojan.Shunnael
+X-Tunnel
+XAPS
+Hydraq
+Roarur
+MdmBot
+HomeUnix
+Homux
+HidraQ
+HydraQ
+McRat
+Aurora
+9002 RAT
+SHARPSTATS
+Ferocious
+HOMEFRY
+CreepyDrive
+Caterpillar WebShell
+Netwalker
+Elise
+BKDR_ESILE
+Page
+USBferry
+WannaCry
+WanaCry
+WanaCrypt
+WanaCrypt0r
+WCry
+Gazer
+TSCookie
+Latrodectus
+IceNova
+Unidentified 111
+Saint Bot
+Pay2Key
+Chaes
+Briba
+CharmPower
+TYPEFRAME
+3PARA RAT
+Bundlore
+OSX.Bundlore
+P8RAT
+HEAVYPOT
+GreetCake
+EVILNUM
+KOMPROGO
+SMOKEDHAM
+Mori
+QUADAGENT
+TAINTEDSCRIBE
+Sys10
+pngdowner
+Royal
+BendyBear
+Uroburos
+Metamorfo
+Casbaneiro
+Spica
+Trojan.Karagany
+xFrost
+Karagany
+Bandook
+PipeMon
+SYNful Knock
+TINYTYPHON
+KONNI
+T9000
+Winnti for Linux
+RAPIDPULSE
+gh0st RAT
+Mydoor
+Moudoor
+Shamoon
+Disttrack
+Skeleton Key
+DnsSystem
+MoleNet
+CORALDECK
+JHUHUGIT
+Trojan.Sofacy
+Seduploader
+JKEYSKW
+GAMEFISH
+SofacyCarberp
+SPACESHIP
+BLUELIGHT
+KGH_SPY
+down_new
+Ixeshe
+Micropsia
+Kerrdown
+RARSTONE
+VBShower
+BPFDoor
+JustForFun
+Backdoor.Linux.BPFDOOR
+Backdoor.Solaris.BPFDOOR.ZAJE
+Black Basta
+ZeroCleare
+ZEROCLEAR
+Catchamas
+StoneDrill
+DROPSHOT
+OopsIE
+4H RAT
+RogueRobin
+Attor
+DealersChoice
+SQLRat
+LitePower
+MegaCortex
+StreamEx
+BoxCaon
+NightClub
+Crutch
+SDBbot
+Mosquito
+Redaman
+QUIETCANARY
+Tunnus
+Derusbi
+PHOTO
+SodaMaster
+DARKTOWN
+dfls
+DelfsCake
+Hikit
+Grandoreiro
+WellMail
+LiteDuke
+Starloader
+Sakula
+Sakurel
+VIPER
+VaporRage
+RawPOS
+FIENDCRY
+DUEBREW
+DRIFTWOOD
+Sibot
+ZxxZ
+Tarrask
+Drovorub
+Shark
+Bazar
+KEGTAP
+Team9
+Bazaloader
+PULSECHECK
+Kobalos
+BadPatch
+MESSAGETAP
+RATANKBA
+SUGARDUMP
+SOUNDBITE
+BADCALL
+hcdLoader
+Nidiran
+Backdoor.Nidiran
+MoonWind
+Ryuk
+Cryptoistic
+HermeticWiper
+Trojan.Killdisk
+DriveSlayer
+ABK
+Pysa
+Mespinoza
+Final1stspy
+MgBot
+ccf32
+Zebrocy
+Zekapab
+Pandora
+FinFisher
+FinSpy
+SpeakUp
+LunarMail
+WARPWIRE
+CrossRAT
+OwaAuth
+Cadelspy
+Cobalt Strike
+SUNBURST
+Solorigate
+EvilBunny
+Wingbird
+Cobian RAT
+HotCroissant
+ServHelper
+JCry
+Unknown Logger
+REvil
+Sodin
+Sodinokibi
+RIPTIDE
+Valak
+Samurai
+PinchDuke
+Milan
+James
+USBStealer
+USB Stealer
+Win32/USBStealer
+OSX_OCEANLOTUS.D
+Backdoor.MacOS.OCEANLOTUS.F
+CCBkdr
+OnionDuke
+Taidoor
+Cherry Picker
+SUPERNOVA
+P2P ZeuS
+Peer-to-Peer ZeuS
+Gameover ZeuS
+Kivars
+CaddyWiper
+Cyclops Blink
+PoisonIvy
+Breut
+Poison Ivy
+Darkmoon
+Seasalt
+NativeZone
+NanoCore
+TajMahal
+PLEAD
+Raccoon Stealer
+IPsec Helper
+Daserf
+Muirim
+Nioupale
+GoldFinder
+Carbon
+LoJax
+Cardinal RAT
+DanBot
+BISCUIT
+Calisto
+Pisloader
+GoldenSpy
+Gold Dragon
+RGDoor
+Ramsay
+FakeM
+Carberp
+FRAMESTING
+HARDRAIN
+NKAbuse
+Pillowmint
+TrailBlazer
+Revenge RAT
+MacMa
+OSX.CDDS
+DazzleSpy
+ROADSWEEP
+SUNSPOT
+More_eggs
+SKID
+Terra Loader
+SysUpdate
+HyperSSL
+Soldier
+FOCUSFJORD
+TinyZBot
+OutSteel
+BackConfig
+PowGoop
+Kwampirs
+Nerex
+BoomBox
+DEADEYE
+DEADEYE.EMBED
+DEADEYE.APPEND
+PUNCHTRACK
+PSVC
+Proton
+Trojan.Mebromi
+InnaputRAT
+WIREFIRE
+GIFTEDVISITOR
+Kessel
+GrimAgent
+LookBack
+STEADYPULSE
+Clop
+NetTraveler
+YAHOYAH
+Lokibot
+CallMe
+ROCKBOOT
+CloudDuke
+MiniDionis
+CloudLook
+Egregor
+PoetRAT
+CHOPSTICK
+Backdoor.SofacyX
+SPLM
+Xagent
+X-Agent
+webhp
+FELIXROOT
+GreyEnergy mini
+ZxShell
+Sensocode
+SLIGHTPULSE
+NDiskMonitor
+CoinTicker
+DDKONG
+Penquin
+Penquin 2.0
+Penquin_x64
+BabyShark
+LATEOP
+Cannon
+CreepySnail
+build_downer
+Melcoz
+Winnti for Windows
+PowerPunch
+BONDUPDATER
+BLACKCOFFEE
+BFG Agonizer
+Ebury
+Kinsing
+PITSTOP
+Meteor
+njRAT
+Njw0rm
+LV
+Bladabindi
+ZIPLINE
+Maze
+BOOTRASH
+ComRAT
+TURNEDUP
+ChChes
+Scorpion
+HAYMAKER
+PowerStallion
+ANDROMEDA
+Manjusaka
+IceApple
+JPIN
+metaMain
+SideTwist
+KOCTOPUS
+MechaFlounder
+Psylo
+Heyoka Backdoor
+HTTPBrowser
+Token Control
+HttpDump
+Mis-Type
+LunarWeb
+XCSSET
+OSX.DubRobber
+Disco
+Dipsind
+Octopus
+KillDisk
+Win32/KillDisk.NBI
+Win32/KillDisk.NBH
+Win32/KillDisk.NBD
+Win32/KillDisk.NBC
+Win32/KillDisk.NBB
+AppleJeus
+SoreFang
+STARWHALE
+CANOPY
+MirageFox
+Industroyer
+CRASHOVERRIDE
+Win32/Industroyer
+DownPaper
+Socksbot
+Pcexter
+HIDEDRV
+CozyCar
+CozyBear
+Cozer
+EuroAPT
+Kevin
+Agent Tesla
+Pasam
+httpclient
+POWERSTATS
+Powermud
+POWERTON
+ECCENTRICBANDWAGON
+BADNEWS
+Linfo
+Goopy
+ShadowPad
+POISONPLUG.SHADOW
+Remexi
+Astaroth
+Guildma
+QakBot
+Pinkslipbot
+QuackBot
+QBot
+SYSCON
+CookieMiner
+Hancitor
+Chanitor
+Gelsemium
+Gelsevirine
+Gelsenicine
+Gelsemine
+jRAT
+JSocket
+AlienSpy
+Frutas
+Sockrat
+Unrecom
+jFrutas
+Adwind
+jBiFrost
+Trojan.Maljava
+Helminth
+Dridex
+Bugat v5
+BBK
+Komplex
+OSX/Shlayer
+Zshlayer
+Crossrider
+Denis
+INC Ransomware
+DEADWOOD
+GLOOXMAIL
+Trojan.GTALK
+Dok
+Retefe
+Waterbear
+FIVEHANDS
+Comnie
+Vasport
+AutoIt backdoor
+JSS Loader
+PHOREAL
+OSInfo
+MacSpy
+Lizar
+Tirion
+Dtrack
+H1N1
+SLOWPULSE
+Seth-Locker
+LoudMiner
+Azorult
+BitPaymer
+wp_encrypt
+FriedEx
+BACKSPACE
+Lecna
+Zox
+Gresim
+ZoxRPC
+ZoxPNG
+UPPERCUT
+ANEL
+ADVSTORESHELL
+AZZY
+EVILTOSS
+NETUI
+Sedreco
+StrifeWater
+Mivast
+HiddenWasp
+WarzoneRAT
+Warzone
+Ave Maria
+Net Crawler
+NetC
+SLOTHFULMEDIA
+JackOfHearts
+QueenOfClubs
+FALLCHILL
+Small Sieve
+GRAMDOOR
+Flame
+Flamer
+sKyWIper
+HermeticWizard
+Net
+net.exe
+RemoteUtilities
+Covenant
+NPPSPY
+BloodHound
+certutil
+certutil.exe
+at
+at.exe
+ShimRatReporter
+Sliver
+SILENTTRINITY
+PowerSploit
+Pacu
+Windows Credential Editor
+WCE
+Impacket
+ipconfig
+AADInternals
+Tasklist
+ngrok
+Lslsass
+Arp
+arp.exe
+spwebmember
+Empire
+EmPyre
+PowerShell Empire
+FRP
+dsquery
+dsquery.exe
+PcShare
+RawDisk
+netstat
+PoshC2
+Fgdump
+CSPY Downloader
+Rclone
+MimiPenguin
+netsh
+netsh.exe
+CARROTBALL
+BITSAdmin
+meek
+AsyncRAT
+ROADTools
+Brute Ratel C4
+BRc4
+Peirates
+Remcos
+Systeminfo
+Out1
+ConnectWise
+ScreenConnect
+Imminent Monitor
+Ruler
+Winexe
+MCMD
+Nltest
+MailSniper
+pwdump
+Responder
+Donut
+Mimikatz
+gsecdump
+IronNetInjector
+Invoke-PSImage
+NBTscan
+LaZagne
+Ping
+cmd
+cmd.exe
+esentutl
+esentutl.exe
+CrackMapExec
+Koadic
+schtasks
+schtasks.exe
+Cachedump
+Expand
+Pupy
+Reg
+reg.exe
+ftp
+ftp.exe
+Mythic
+HTRAN
+HUC Packet Transmit Tool
+SDelete
+QuasarRAT
+xRAT
+Rubeus
+Tor
+AdFind
+Wevtutil
+PsExec
+Twitoor
+Bouncing Golf