Skip to content

Commit

Permalink
Merge branch 'main' of github.com:MISP/misp-taxonomies
Browse files Browse the repository at this point in the history
  • Loading branch information
@adulau
adulau committed Feb 5, 2025
2 parents 24d7117 + d3f6eb1 commit 6231801
Showing 1 changed file with 149 additions and 5 deletions.
154 changes: 149 additions & 5 deletions runtime-packer/machinetag.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"namespace": "runtime-packer",
"description": "Runtime or software packer used to combine compressed or encrypted data with the decompression or decryption code. This code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.",
"version": 2,
"description": "Runtime or software packer used to combine compressed or encrypted data with the decompression or decryption code. This code can add additional obfuscations mechanisms including polymorphic-packer, virtualization or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.",
"version": 3,
"predicates": [
{
"value": "dex",
Expand Down Expand Up @@ -32,23 +32,59 @@
"value": "apk-protect",
"expanded": "APK Protect"
},
{
"value": "appcode-packer",
"expanded": "APPCode Packer"
},
{
"value": "appsealing",
"expanded": "AppSealing"
},
{
"value": "arxan",
"expanded": "Arxan"
},
{
"value": "bangcle",
"expanded": "Bangcle"
},
{
"value": "dexguard",
"expanded": "DexGuard"
},
{
"value": "dexprotector",
"expanded": "DexProtector"
},
{
"value": "jiagu",
"expanded": "Jiagu"
},
{
"value": "legu",
"expanded": "Legu"
},
{
"value": "proguard",
"expanded": "ProGuard"
}
]
},
{
"predicate": "elf",
"entry": [
{
"value": "burneye",
"expanded": "BurnEye"
},
{
"value": "bzexe",
"expanded": "BzExe"
},
{
"value": "elfuck",
"expanded": "ELFuck"
},
{
"value": "ezuri",
"expanded": "Ezuri"
Expand All @@ -57,6 +93,10 @@
"value": "gzexe",
"expanded": "GzExe"
},
{
"value": "m0dern_p4cker",
"expanded": "M0dern_P4cker"
},
{
"value": "midgetpack",
"expanded": "MidgetPack"
Expand All @@ -73,9 +113,17 @@
"value": "shiva",
"expanded": "Shiva"
},
{
"value": "silent_packer",
"expanded": "Silent_Packer"
},
{
"value": "upx",
"expanded": "UPX"
},
{
"value": "ward",
"expanded": "Ward"
}
]
},
Expand All @@ -87,13 +135,21 @@
"expanded": "ElecKey"
},
{
"value": "muncho",
"expanded": "Muncho"
"value": "laturi",
"expanded": "Laturi"
},
{
"value": "mpress",
"expanded": "MPRESS"
},
{
"value": "muncho",
"expanded": "Muncho"
},
{
"value": "pakr",
"expanded": "Pakr"
},
{
"value": "upx",
"expanded": "UPX"
Expand All @@ -111,10 +167,26 @@
"value": "acprotect",
"expanded": "ACProtect"
},
{
"value": "aegis",
"expanded": "Aegis Crypter"
},
{
"value": "ainexe",
"expanded": "AinEXE"
},
{
"value": "alienyze",
"expanded": "Alienyze"
},
{
"value": "amber",
"expanded": "Amber"
},
{
"value": "andromeda",
"expanded": "Andromeda"
},
{
"value": "apack",
"expanded": "aPack"
Expand All @@ -131,6 +203,10 @@
"value": "asprotect",
"expanded": "ASProtect"
},
{
"value": "atompepacker",
"expanded": "AtomPePacker"
},
{
"value": "autoit",
"expanded": "AutoIT"
Expand Down Expand Up @@ -159,6 +235,14 @@
"value": "confuserex",
"expanded": "ConfuserEx"
},
{
"value": "crinkler",
"expanded": "Crinkler"
},
{
"value": "crunch",
"expanded": "Crunch"
},
{
"value": "dotbundle",
"expanded": "dotBundle"
Expand All @@ -179,6 +263,10 @@
"value": "enigma-virtual-box",
"expanded": "Enigma Virtual Box"
},
{
"value": "eronana-packer",
"expanded": "Eronana Packer"
},
{
"value": "exe-bundle",
"expanded": "EXE Bundle"
Expand All @@ -197,7 +285,15 @@
},
{
"value": "fsg",
"expanded": "FSG"
"expanded": "Fast Small Good (FSG)"
},
{
"value": "gopacker",
"expanded": "GoPacker"
},
{
"value": "huan",
"expanded": "Huan"
},
{
"value": "hxor-packer",
Expand All @@ -215,6 +311,10 @@
"value": "liapp",
"expanded": "LIAPP"
},
{
"value": "maskpe",
"expanded": "MaskPE"
},
{
"value": "mew",
"expanded": "MEW"
Expand Down Expand Up @@ -247,6 +347,10 @@
"value": "obsidium",
"expanded": "Obsidium"
},
{
"value": "origami",
"expanded": "Origami"
},
{
"value": "packman",
"expanded": "Packman"
Expand All @@ -263,6 +367,10 @@
"value": "pepacker",
"expanded": "PE Packer"
},
{
"value": "perplex",
"expanded": "PErplex"
},
{
"value": "peshield",
"expanded": "PEShield"
Expand All @@ -275,6 +383,14 @@
"value": "petite",
"expanded": "PEtite"
},
{
"value": "petoy",
"expanded": "PE Toy"
},
{
"value": "pezor",
"expanded": "PEzor"
},
{
"value": "procrypt",
"expanded": "ProCrypt"
Expand All @@ -283,6 +399,18 @@
"value": "rlpack-basic",
"expanded": "RLPack Basic"
},
{
"value": "rpcrypt",
"expanded": "RPCrypt"
},
{
"value": "sepacker",
"expanded": "SEPacker"
},
{
"value": "simpledpack",
"expanded": "SimpleDpack"
},
{
"value": "smart-packer-pro",
"expanded": "Smart Packer Pro"
Expand All @@ -295,6 +423,10 @@
"value": "telock",
"expanded": "Telock"
},
{
"value": "theark",
"expanded": "TheArk"
},
{
"value": "themida",
"expanded": "Themida"
Expand All @@ -315,6 +447,18 @@
"value": "vmprotect",
"expanded": "VMProtect"
},
{
"value": "vprotect",
"expanded": "VProtect"
},
{
"value": "winupack",
"expanded": "WinUPack"
},
{
"value": "wwpack",
"expanded": "WWPack"
},
{
"value": "xcomp-xpack",
"expanded": "XComp/XPack"
Expand Down

0 comments on commit 6231801

Please sign in to comment.