[***] Summary: [***] 6 new Open signatures, 16 new Pro (6/10). CryptoDefense, Nuclear EK, InstallBrain, Hupigon. Thanks: Nathan Fowler, tdzmont, @EKWatcher [+++] Added rules: [+++] Open: 2008282 - ET MALWARE Antispywaremaster.com/Privacyprotector.com Fake AV Checkin (malware.rules)
2018393 - ET TROJAN plasmabot Checkin (trojan.rules)
2018394 - ET TROJAN Common Upatre Header Structure (trojan.rules)
2018395 - ET TROJAN Possible Kelihos.F EXE Download Common Structure 2 (trojan.rules)
2018396 - ET CURRENT_EVENTS BrowseTor .onion Proxy Service SSL Cert (current_events.rules)
2018397 - ET TROJAN CryptoDefense DNS Domain Lookup (trojan.rules) Pro: 2807952 - ETPRO MALWARE Win32/ZvuZona.B Checkin (malware.rules)
2807953 - ETPRO TROJAN Backdoor.Win32.Hupigon.occc Checkin (trojan.rules)
2807954 - ETPRO TROJAN Win32/Rirlged.gen!A Checkin (trojan.rules)
2807955 - ETPRO TROJAN Win32/Injector.Autoit.ZZ (trojan.rules)
2807956 - ETPRO TROJAN Win32/AntiAV.NIN Download (trojan.rules)
2807957 - ETPRO TROJAN Trojan-Dropper.Win32.Injector.kbly Checkin (trojan.rules)
2807958 - ETPRO MALWARE InstallBrain Checkin (malware.rules)
2807959 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.az Checkin (mobile_malware.rules)
2807960 - ETPRO TROJAN AutoIt/Clodow.gen!A (trojan.rules)
2807961 - ETPRO CURRENT_EVENTS Nuclear EK Landing Apr 16 2014 (current_events.rules)
[///] Modified active rules: [///] 2017598 - ET TROJAN Possible Kelihos.F EXE Download Common Structure (trojan.rules)
2017714 - ET TROJAN PlugX Checkin (trojan.rules)
2018362 - ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF (current_events.rules)
2018372 - ET CURRENT_EVENTS Malformed HeartBeat Request (current_events.rules)
2018373 - ET CURRENT_EVENTS Malformed HeartBeat Response (current_events.rules)
2018374 - ET CURRENT_EVENTS Malformed HeartBeat Request method 2 (current_events.rules)
2807273 - ETPRO TROJAN Trojan.Ransom.BV Checkin (trojan.rules)
2807950 - ETPRO TROJAN Win.Trojan.Hupigon-8559 Checkin (trojan.rules)
[---] Removed rules: [---] 2003548 - ET MALWARE Privacyprotector.com Fake Anti-Spyware Checkin (malware.rules)
2008282 - ET TROJAN Antispywaremaster.com Fake AV Checkin (trojan.rules)

 

Date: 
Tuesday, April 15, 2014 - 22:00