From d235301e7d782245f5f254f684217e104d872599 Mon Sep 17 00:00:00 2001
From: Robert Nixon <nixonrobert81@gmail.com>
Date: Thu, 8 Sep 2022 11:07:31 +0200
Subject: [PATCH] Added filetype txt and ppa

Seeing a lot of txt files that contain PowerShell scripts with encoded AgentTesla binary inside alongside PPA files.
---
 file-type/machinetag.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/file-type/machinetag.json b/file-type/machinetag.json
index 3ddffa5..242fe58 100755
--- a/file-type/machinetag.json
+++ b/file-type/machinetag.json
@@ -377,6 +377,11 @@
           "expanded": "document",
           "value": "doc"
         },
+        {
+          "colour": "#35b8f0",
+          "expanded": "document",
+          "value": "txt"
+        },
         {
           "colour": "#ccffeb",
           "expanded": "document",
@@ -607,6 +612,11 @@
           "expanded": "code",
           "value": "java-bytecode"
         },
+        {
+          "colour": "#2e73db",
+          "expanded": "code",
+          "value": "ppa"
+        },
         {
           "colour": "#004d2f",
           "expanded": "apple",