[***] Summary: [***] 9 new Open rules, 21 new Pro (8/12). Fynloski.A, Zegost, TROJ_PANDDOS, Spy.Zitmo.B. Thanks: Jake Warren, Kevin Ross, tdzmont [+++] Added rules: [+++] Open: 2018320 - ET TROJAN Win32/Sisproc (trojan.rules)
2018321 - ET TROJAN Win32/Zegost UA (trojan.rules)
2018322 - ET CURRENT_EVENTS Captcha Malware C2 SSL Certificate (current_events.rules)
2018323 - ET MALWARE W32/Linkular.Adware Sucessful Install Beacon (2) (malware.rules)
2018324 - ET MALWARE SoundCloud Downloader Install Beacon (malware.rules)
2018325 - ET TROJAN Bozok.RAT checkin (trojan.rules)
2018326 - ET WEB_SPECIFIC_APPS JCE Joomla Extension (web_specific_apps.rules)
2018327 - ET SCAN JCE Joomla Extension User-Agent (BOT) (scan.rules)
2018328 - ET TROJAN Win32/Kryptik.AZER C2 SSL Stolen Cert (trojan.rules) Pro: 2807883 - ETPRO TROJAN Backdoor.Win32/Fynloski.A CnC command (INBOUND) 1 (trojan.rules)
2807884 - ETPRO TROJAN Backdoor.Win32/Fynloski.A CnC command (INBOUND) 2 (trojan.rules)
2807885 - ETPRO TROJAN Backdoor.Win32/Fynloski.A CnC command (OUTBOUND) 2 (trojan.rules)
2807886 - ETPRO TROJAN TROJ_PANDDOS.DZ Checkin (Intel) (trojan.rules)
2807887 - ETPRO TROJAN TROJ_PANDDOS.DZ Checkin (AMD) (trojan.rules)
2807888 - ETPRO TROJAN Trojan.Win32.Bublik.aexq/Khan Fetching DDoS target MALFORMED (trojan.rules)
2807889 - ETPRO TROJAN Win32/Small.CE Checkin (trojan.rules)
2807890 - ETPRO MOBILE_MALWARE Android/Spy.Zitmo.B Checkin 3 (mobile_malware.rules)
2807891 - ETPRO TROJAN TrojanProxy.Wintu.B Checkin (trojan.rules)
2807892 - ETPRO TROJAN Trojan.Win32.IRCbot.ye Checkin (trojan.rules)
2807893 - ETPRO TROJAN Trojan-Dropper.Win32.Danseed.b Checkin (trojan.rules)
[///] Modified active rules: [///] 2014341 - ET POLICY Installshield One Click Install User-Agent Toys File (policy.rules)
2017662 - ET TROJAN Known Sinkhole Response Header (trojan.rules)
2018308 - ET CURRENT_EVENTS Possible CVE-2014-1761 Inbound SMTP 2 (current_events.rules)
2018309 - ET CURRENT_EVENTS Possible CVE-2014-1761 Inbound SMTP 3 (current_events.rules)
2018314 - ET CURRENT_EVENTS Possible CVE-2014-1761 Inbound SMTP 1 (current_events.rules)
2018316 - ET CURRENT_EVENTS Zeus GameOver Possible DGA NXDOMAIN Responses (current_events.rules)
2805735 - ETPRO TROJAN Backdoor Boomie.A Checkin Command 2 (trojan.rules)
2806785 - ETPRO TROJAN Agent.AANC 1 (trojan.rules)
2806786 - ETPRO TROJAN Agent.AANC 2 (trojan.rules)
2807003 - ETPRO TROJAN Loadmoney.A Checkin 5 (trojan.rules)
2807365 - ETPRO TROJAN Zeroaccess Variant 3 (trojan.rules)
2807547 - ETPRO TROJAN Downloader.Win32.Genome.fvmi Checkin (trojan.rules)
[---] Removed rules: [---] 2801343 - ETPRO TROJAN Backdoor.Win32.Paras.B Checkin (trojan.rules)
2803591 - ETPRO TROJAN Win32/Morix.B (trojan.rules)
2806043 - ETPRO TROJAN HackTool.Sniffer.WpePro Checkin (trojan.rules)

 

Date: 
Tuesday, March 25, 2014 - 22:00