[***] Summary: [***] 3 new Open, 9 new Pro (3/6). Thanks: Chris Wakelin. [+++] Added rules: [+++] Open: 2018379 - ET TROJAN Backdoor.Win32.Mecklow.A Checkin (trojan.rules)
2018380 - ET TROJAN Backdoor.Win32.Mecklow.A Checkin 2 (trojan.rules)
2018381 - ET TROJAN Suspicious User-Agent (hi) (trojan.rules) Pro: 2807942 - ETPRO TROJAN Win32/Tearspear.A Checkin (trojan.rules)
2807943 - ETPRO TROJAN Trojan-PSW.Win32.QQDragon.bq Checkin (trojan.rules)
2807944 - ETPRO TROJAN Win32.StartPage.aqin Checkin (trojan.rules)
2807945 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Moavt.c Checkin (mobile_malware.rules)
2807946 - ETPRO TROJAN Backdoor.Win32.Rukap Checkin 2 (trojan.rules)
2807947 - ETPRO TROJAN Win32/Chksyn.gen!A Checkin (trojan.rules)
[///] Modified active rules: [///] 2014002 - ET TROJAN Fake Variation of Mozilla 4.0 - Likely Trojan (trojan.rules)
2018375 - ET CURRENT_EVENTS TLS HeartBeat Request (Server Initiated) fb set (current_events.rules)
2018376 - ET CURRENT_EVENTS TLS HeartBeat Request (Client Initiated) fb set (current_events.rules)
2804051 - ETPRO TROJAN Win32/Kryptik.UOM User-Agent (USERAGENT) (trojan.rules)
2804583 - ETPRO MALWARE Generic AdClicker.p Install - SET (malware.rules)
2804584 - ETPRO MALWARE Generic AdClicker.p Install (malware.rules)
2804632 - ETPRO TROJAN Proxy.Win32.Agent.bvy Checkin (trojan.rules)
2804901 - ETPRO TROJAN Trojan-Clicker.Win32.VB.alu Checkin (trojan.rules)
2804982 - ETPRO TROJAN Win32/ServStart.A checkin 2 (trojan.rules)
2805009 - ETPRO TROJAN Gen.Win32.SMTP-Mailer.!GW@aG6DWHbc sending info via SMTP (trojan.rules)
2805220 - ETPRO MALWARE Win-Adware/KorAd.138208 Checkin (malware.rules)
2805719 - ETPRO TROJAN Trojan-Proxy.Win32.Small.ai Checkin (trojan.rules)
2806783 - ETPRO TROJAN Win32.Xtrat.A (CnC & Exe Source) (trojan.rules)
[---] Removed rules: [---] 2013218 - ET TROJAN Backdoor.Specfix Checkin (trojan.rules)
2802084 - ETPRO TROJAN Backdoor.Win32.Mecklow.A Checkin (trojan.rules)
2804753 - ETPRO TROJAN Win32/Wadolin.A Checkin (trojan.rules)
2804805 - ETPRO TROJAN Trojan-Downloader.Win32.Homa.exm Checkin (trojan.rules)
2804874 - ETPRO TROJAN W32/Delfloader.B.gen!Eldorado Checkin (trojan.rules)
2805080 - ETPRO TROJAN Backdoor.Win32.Mecklow.A Checkin 2 (port 443) (trojan.rules)
2805081 - ETPRO TROJAN Backdoor.Win32.Mecklow.A Checkin 2 (trojan.rules)
2805082 - ETPRO TROJAN Backdoor.Win32.Mecklow.A Checkin 3 (port 443) (trojan.rules)

 

Date: 
Wednesday, April 9, 2014 - 22:00