[***] Summary: [***] 5 new Open rules 11 new pro (5/6). Goon/Infinity EK, Various IRC, TrojanDownloader.Agent. Thanks: Kevin Ross.
[+++] Added rules: [+++] Open: 2018334 - ET CURRENT_EVENTS PHISH Generic - Landing Page - saved from https comment and form (current_events.rules)
2018336 - ET TROJAN Asprox Fake Ximian Evolution X-Mailer Header (XimianEvolution1.4.6) (trojan.rules)
2018337 - ET CURRENT_EVENTS DRIVEBY Goon/Infinity EK Landing Mar 31 2014 (current_events.rules)
2018338 - ET MALWARE W32/DownloadAdmin.Adware CnC Beacon (malware.rules)
2018339 - ET MALWARE W32/DownloadAdmin.Adware Executable Download Request (malware.rules) Pro: 2807904 - ETPRO TROJAN Backdoor.Win32/Sdbot IRC User (trojan.rules)
2807905 - ETPRO TROJAN Trojan.Win32.Ircbot IRC LOGIN (trojan.rules)
2807906 - ETPRO TROJAN Backdoor.Win32.IRCBot.aerz Checkin (trojan.rules)
2807907 - ETPRO TROJAN Win32.Kespy.b IRC LOGIN (trojan.rules)
2807908 - ETPRO TROJAN Backdoor.Win32/Bdaejec.A Checkin (trojan.rules)
2807909 - ETPRO TROJAN Win32/TrojanDownloader.Agent.AJX Checkin (trojan.rules)
[///] Modified active rules: [///] 2014778 - ET TROJAN Bebloh connectivity check (trojan.rules)
2016768 - ET TROJAN Backdoor.Win32.Dorkbot.AR Join IRC channel (trojan.rules)
2804962 - ETPRO TROJAN Win32/Viking.GN ICMP Echo Request (trojan.rules)
2805419 - ETPRO MALWARE Uptodown.com Checkin (malware.rules)
2805803 - ETPRO TROJAN Taidoor Checkin 2 (trojan.rules)
2806507 - ETPRO TROJAN Win32/Injector.Autoit.P variant response (trojan.rules)
2806920 - ETPRO TROJAN Trojan.Rontokbro Checkin (trojan.rules)
2807385 - ETPRO TROJAN Win32.Hupigon Variant Payload Delivery (trojan.rules)
[---] Removed rules: [---] 2804544 - ETPRO TROJAN W32/Autorun.worm.aa Checkin (trojan.rules)
2806050 - ETPRO TROJAN W32/Zbot.ANM!tr Checkin (trojan.rules)

 

Date: 
Sunday, March 30, 2014 - 22:00