This repository contains sample dynmx signatures for detecting malware features in API call traces. The signatures can be used with the tool dynmx which can be found in this repository.
For the an in-detail description of the features of the dynmx signature DSL and the syntax, please refer to the corresponding master thesis Signature-Based Detection of Behavioural Malware Features with Windows API Calls.