[***]            Summary:            [***]

3 new Open, 37 new Pro (3 + 34). MP4 Atom Parser, W32/DarkVNC, Various Phishing, Mobile.

Thanks: @attackdetection

[+++]          Added rules:          [+++]

Open:

2024699 - ET MALWARE [PTsecurity] Adware/Rukometa(LoadMoney) Fake PNG File (malware.rules)
2024700 - ET CURRENT_EVENTS HoeflerText Chrome Popup DriveBy Download Attempt 2 (current_events.rules)
2024701 - ET TROJAN [PTsecurity] JS.Trojan-Downloader.Nemucod.yo HTTP POST (:Exec:) (trojan.rules)

Pro:

2803025 - ETPRO USER_AGENTS Gabpath.com Adware Toolbar Installer User-Agent (user_agents.rules)
2803262 - ETPRO USER_AGENTS Windows Live Messenger User-Agent (user_agents.rules)
2803269 - ETPRO USER_AGENTS Dynamer.dtc/Keylog.km0/Uaneskeylogger.pl Keylogger User-Agent Oddity (user_agents.rules)
2803390 - ETPRO USER_AGENTS Suspicious user agent (TEN) (user_agents.rules)
2803499 - ETPRO USER_AGENTS Known Banload User-Agent (PR3) (user_agents.rules)
2803511 - ETPRO USER_AGENTS Suspicious user agent(MakeByLc) (user_agents.rules)
2803613 - ETPRO USER_AGENTS Trojan.Generic.6200998 User-Agent (WT) (user_agents.rules)
2803679 - ETPRO USER_AGENTS Win32/Adload.CV User-Agent (SS Security Services) (user_agents.rules)
2803703 - ETPRO USER_AGENTS Win32/Joiner.A User-Agent (Microsoft Windows - Output Audio Director) (user_agents.rules)
2803715 - ETPRO USER_AGENTS Adware.BrowserVillage User-Agent (BrowserVillage) (user_agents.rules)
2803732 - ETPRO USER_AGENTS Trojan-Downloader.Win32.Delf.aznp User-Agent (api.pc120.com) (user_agents.rules)
2827896 - ETPRO EXPLOIT .NET SOAP Code Injection (CVE-2017-8759) (exploit.rules)
2827897 - ETPRO EXPLOIT ETPRO EXPLOIT MP4 Atom Parser Vulnerability Inbound M1 (CVE-2017-11281) (exploit.rules)
2827898 - ETPRO EXPLOIT ETPRO EXPLOIT MP4 Atom Parser Vulnerability Inbound M2 (CVE-2017-11281) (exploit.rules)
2827901 - ETPRO MOBILE_MALWARE Android.Trojan.FakeApp.C CnC Beacon (mobile_malware.rules)
2827902 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 197 (mobile_malware.rules)
2827903 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 198 (mobile_malware.rules)
2827904 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 199 (mobile_malware.rules)
2827905 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 200 (mobile_malware.rules)
2827906 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 201 (mobile_malware.rules)
2827907 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin202 (mobile_malware.rules)
2827908 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 203 (mobile_malware.rules)
2827909 - ETPRO TROJAN W32/DarkVNC Checkin M2 (trojan.rules)
2827910 - ETPRO TROJAN Unknown MSIL/Spy.Agent Checkin (trojan.rules)
2827911 - ETPRO TROJAN MSIL/Unk.CoinMiner CnC Activity (trojan.rules)
2827912 - ETPRO CURRENT_EVENTS Successful My ADP Phish Sep 12 2017 (current_events.rules)
2827913 - ETPRO TROJAN Win32/Unk.Dropper Checkin (trojan.rules)
2827914 - ETPRO CURRENT_EVENTS Successful Paypal Phish Sep 12 2017 (current_events.rules)
2827915 - ETPRO TROJAN Win32/Unk.Dropper UA (trojan.rules)
2827916 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 204 (mobile_malware.rules)
2827917 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 205 (mobile_malware.rules)
2827918 - ETPRO CURRENT_EVENTS Wells Fargo Message Received Phishing Landing Sep 12 2017 (current_events.rules)
2827919 - ETPRO TROJAN Win32/Aenjaris!rfn Activity (trojan.rules)
2827920 - ETPRO TROJAN Observed Malicious SSL Cert (CoreBot CnC) (trojan.rules)

[///]     Modified active rules:     [///]

2024238 - ET CURRENT_EVENTS HoeflerText Chrome Popup DriveBy Download Attempt 1 (current_events.rules)
2024531 - ET TROJAN MSIL/August Stealer CnC Activity (trojan.rules)
2024665 - ET POLICY DNS Query to .onion proxy Domain (onion.top) (policy.rules)
2024691 - ET CURRENT_EVENTS RIG EK encrypted payload Sept 11 (1) (current_events.rules)
2803310 - ETPRO USER_AGENTS SmartCleaner Related FakeAV User-Agent (user_agents.rules)
2803324 - ETPRO USER_AGENTS GabPath Adware User-Agent (MNRecover) (user_agents.rules)
2803325 - ETPRO USER_AGENTS GabPath Adware User-Agent (MNUpdater) (user_agents.rules)
2803360 - ETPRO USER_AGENTS Flipopia Adware User-Agent (FPRecover) (user_agents.rules)
2803370 - ETPRO USER_AGENTS Suspicious User Agent (_Converter_) (user_agents.rules)
2814677 - ETPRO TROJAN AbaddonPOS Exfiltrating CC Numbers 1 (trojan.rules)
2825039 - ETPRO CURRENT_EVENTS Successful Credential Phish JS RePOST Feb 17 2017 (current_events.rules)
2827108 - ETPRO TROJAN Energetic Bear/Dragonfly Implant CnC Beacon (trojan.rules)
2827414 - ETPRO MALWARE MSIL/AdWare.Dotdo PUA CnC Checkin 1 (malware.rules)

[---]         Disabled rules:        [---]

2803646 - ETPRO WEB_SERVER Microsoft SharePoint Remote File Disclosure Access (web_server.rules)
2803647 - ETPRO EXPLOIT Citrix XenApp and XenDesktop XML Service Interface Stack Buffer Overflow (exploit.rules)
2803650 - ETPRO MALWARE Adware Win32/Oneday.B Checkin (malware.rules)
2803651 - ETPRO TROJAN Backdoor.Win32.Dalbot.A Checkin (trojan.rules)
2803654 - ETPRO TROJAN Sharepoint 2010 spsave Parameter XSS Injection Attempt (trojan.rules)
2803677 - ETPRO TROJAN Trojan.Win32.Mybios.A Checkin (trojan.rules)
2803680 - ETPRO TROJAN Win32.Zapchast.ffs Checkin (trojan.rules)
2803689 - ETPRO WEB_SPECIFIC_APPS FortiMail Messaging Security Appliance parameter XSS attempt (web_specific_apps.rules)
2803690 - ETPRO TROJAN Win32.Microjoin.gen Checkin Low Ports (trojan.rules)
2803695 - ETPRO TROJAN Win32.FakeScanti Checkin (trojan.rules)
2803701 - ETPRO TROJAN Win32/Hatigh.D Checkin (trojan.rules)
2803706 - ETPRO TROJAN BackDoor.DOQ.gen.y Checkin 1 (trojan.rules)
2803708 - ETPRO TROJAN BackDoor.DOQ.gen.y Checkin 3 (trojan.rules)
2803710 - ETPRO TROJAN Trojan-Downloader.Win32.Diple.A Checkin 2 (trojan.rules)
2803711 - ETPRO TROJAN Trojan-Downloader.Win32.Diple.A Checkin 3 (trojan.rules)
2803712 - ETPRO TROJAN Backdoor.Win32.Qinubot.A Checkin 1 (trojan.rules)
2803713 - ETPRO TROJAN Backdoor.Win32.Qinubot.A Checkin 2 (trojan.rules)
2803716 - ETPRO EXPLOIT EMC AutoStart Error Logging Stack Buffer Overflow (exploit.rules)
2803718 - ETPRO TROJAN Win32/Vundo.B Checkin (trojan.rules)
2803719 - ETPRO TROJAN TrojanSpy.Zbot.abrq Checkin (trojan.rules)
2803720 - ETPRO TROJAN Generic.122EAAF6 Checkin (trojan.rules)
2803722 - ETPRO TROJAN Trojan.Heur.VP.qmHfai8YuXnI (trojan.rules)
2803730 - ETPRO WEB_SERVER Microsoft SharePoint XML Handling Remote File Disclosure (Published Exploit) (web_server.rules)
2803731 - ETPRO TROJAN Win32/Obfuscator.XZ User-Agent (myInternet) (trojan.rules)
2803733 - ETPRO TROJAN TrojanProxy.Ukstories.e Checkin (trojan.rules)
2803734 - ETPRO TROJAN TrojanProxy.Ukstories.e User-Agent (mcsmss) (trojan.rules)
2803743 - ETPRO TROJAN Trojan.Win32.Buzus.hond Checkin 3 (trojan.rules)
2803751 - ETPRO TROJAN Backdoor.Win32.Ramagedos.A Checkin 2 (trojan.rules)
2803754 - ETPRO TROJAN Trojan.Win32.Banker.slrj Checkin 1 (trojan.rules)
2803755 - ETPRO TROJAN Trojan.Win32.Banker.slrj Checkin 2 (trojan.rules)
2803757 - ETPRO TROJAN Trojan.Win32.Rallovs.A Checkin (trojan.rules)
2803759 - ETPRO TROJAN Covert DNS Channel Query in ipgreat.com (trojan.rules)
2803761 - ETPRO TROJAN Backdoor.Win32.Zapchast.qz Checkin 1 (trojan.rules)
2803762 - ETPRO TROJAN Backdoor.Win32.Zapchast.qz Checkin 2 (trojan.rules)
2803771 - ETPRO TROJAN Backdoor.MacOS.Imuler.A Checkin 1 (trojan.rules)
2803772 - ETPRO TROJAN Backdoor.MacOS.Imuler.A Checkin 2 (trojan.rules)
2803773 - ETPRO TROJAN Trojan.Win32.Scar.dycw Checkin (trojan.rules)
2803782 - ETPRO TROJAN Trojan-Spy.W32/Banker.JGT Checkin (trojan.rules)
2803790 - ETPRO MALWARE Win32/Gabpath User-Agent (FPUpdater) (malware.rules)
2803791 - ETPRO TROJAN Win32/Plingky.A Checkin (trojan.rules)
2803792 - ETPRO TROJAN Trojan.Generic.KDV.367757 Checkin (trojan.rules)
2803794 - ETPRO TROJAN Trojan.Win32.OddJob.A Checkin 3 (trojan.rules)
2803798 - ETPRO TROJAN Worm.Win32.Ackantta.B via SMTP 2 (trojan.rules)
2803800 - ETPRO TROJAN Worm.Win32.Ackantta.B via SMTP 3 (trojan.rules)
2803805 - ETPRO TROJAN Win32/Hermes.B at mm User-Agent (Hermes) (trojan.rules)
2803808 - ETPRO TROJAN Worm.Win32/Chiviper.A Checkin (trojan.rules)
2803809 - ETPRO MALWARE Win32/Adware.GabPath.BM User-Agent (Blammi) (malware.rules)
2803813 - ETPRO TROJAN Win32/Rimod Checkin (trojan.rules)
2803824 - ETPRO TROJAN Trojan.Generic.KDV.274800 Checkin (trojan.rules)
2803828 - ETPRO TROJAN Trojan-Banker.Win32.Banbra.alyg Checkin (trojan.rules)
2803832 - ETPRO MALWARE Win32/Adware.GabPath.CB User-Agent (FPInstaller) (malware.rules)
2803834 - ETPRO TROJAN Win32/Isnup.B Checkin (trojan.rules)
2803835 - ETPRO TROJAN Generic.Banker.OT.89A60848 Checkin (trojan.rules)
2803839 - ETPRO MALWARE Adware.Win32/Gabpath User-Agent (BMRecover) (malware.rules)
2803847 - ETPRO WEB_SERVER Microsoft Forefront Unified Access Gateway XSS Attempt (web_server.rules)
2803848 - ETPRO WEB_SERVER Microsoft Forefront Unified Access Gateway XSS Attempt 2 (web_server.rules)
2803849 - ETPRO WEB_SERVER Microsoft Forefront Unified Access Gateway XSS Attempt 3 (web_server.rules)
2803856 - ETPRO TROJAN Trojan.Downloader.JOQI Checkin (trojan.rules)
2803857 - ETPRO TROJAN Trojan.Win32.BHO.bn Checkin (trojan.rules)
2803860 - ETPRO TROJAN Trojan.Win32.Cossta.pyo Checkin (trojan.rules)
2803862 - ETPRO TROJAN Win32/Tiptuf.A Checkin (trojan.rules)
2803865 - ETPRO TROJAN Trojan.Generic.6643598 Checkin (trojan.rules)
2803866 - ETPRO TROJAN Win32/Nosrawec.C Checkin (trojan.rules)
2803870 - ETPRO MALWARE Adware/Win32.Gamevance.hfco Install (malware.rules)
2803872 - ETPRO MALWARE AdWare.Win32.Gabpath User-Agent (OCInstaller) (malware.rules)
2803873 - ETPRO MALWARE AdWare.Win32.Gabpath User-Agent (Oncues) (malware.rules)
2803875 - ETPRO TROJAN Win32/Agent.KA Checkin (trojan.rules)
2803876 - ETPRO GAMES NEXON Online Gaming Connection (games.rules)
2803879 - ETPRO TROJAN Trj/CI.A Checkin (trojan.rules)
2803881 - ETPRO TROJAN Worm.AutoIt/Renocide.gen!C Checkin (trojan.rules)
2803884 - ETPRO TROJAN Trojan.Win32.Scar.evwl Checkin (trojan.rules)
2803885 - ETPRO TROJAN Win32/Calelk.C User-Agent (Informer) (trojan.rules)
2803886 - ETPRO TROJAN Win32/Dogrobot.G Checkin (trojan.rules)
2803887 - ETPRO TROJAN Win32/Vake.A Checkin (trojan.rules)
2803890 - ETPRO TROJAN Win32/Alureon.FL Checkin (trojan.rules)
2803891 - ETPRO TROJAN TrojanSpy.Win32/Banker.AAX Checkin (trojan.rules)
2803892 - ETPRO MALWARE AdWare.Win32.Eorezo Install (malware.rules)
2803893 - ETPRO TROJAN Trojan-Downloader.Win32.Bagle.eds Checkin (trojan.rules)
2803896 - ETPRO TROJAN TrojanDownloader.Win32/Carberp.A Checkin (trojan.rules)
2803897 - ETPRO TROJAN Possible Sasfis/Atraps.AVWU/AMTU.Proxy Contacting CnC via Yahoo Translate/Babelfish (trojan.rules)
2803898 - ETPRO TROJAN Possible Sasfis/Atraps.AVWU/AMTU.Proxy Contacting CnC via Yahoo Translate/Babelfish 2 (trojan.rules)
2803899 - ETPRO TROJAN Sasfis/Atraps.AVWU/AMTU.Proxy Contacting CnC via Google Translate (trojan.rules)
2803900 - ETPRO TROJAN Sasfis/Atraps.AVWU/AMTU.Proxy Contacting CnC via Googleusercontent Translate (trojan.rules)
2803901 - ETPRO TROJAN Sasfis/Atraps.AVWU/AMTU.Proxy Checkin (trojan.rules)
2803913 - ETPRO TROJAN Buzus/Graftor Checkin (trojan.rules)
2803920 - ETPRO TROJAN Trojan.Heur.DP.2GW.aiZeT.pG Checkin (trojan.rules)
2803927 - ETPRO TROJAN Win32/fkfldwrm.A Checkin (trojan.rules)
2803931 - ETPRO TROJAN W32/Gabpath.A.gen!Eldorado User-Agent (OCRecover) (trojan.rules)
2803933 - ETPRO TROJAN Scar.evje/Fraudtool.AvSoft DDoS Traffic (Munged UA) Inbound (trojan.rules)
2803934 - ETPRO TROJAN Backdoor.Win32.Sheldor.dt User-Agent (x3) (trojan.rules)
2803937 - ETPRO TROJAN Scar.evje/Fraudtool.AvSoft DDoS Bot Checkin 1 (trojan.rules)
2803938 - ETPRO TROJAN Scar.evje/Fraudtool.AvSoft DDoS Bot Checkin 2 (trojan.rules)
2803939 - ETPRO TROJAN Scar.evje/Fraudtool.AvSoft DDoS Traffic (Munged UA) Inbound 2 (trojan.rules)
2803940 - ETPRO TROJAN Scar.evje/Fraudtool.AvSoft DDoS Traffic (Munged UA) Outbound 2 (trojan.rules)
2803941 - ETPRO TROJAN Win32/Bofang.B Checkin (trojan.rules)
2803943 - ETPRO TROJAN Win32/BHO.KG Checkin (trojan.rules)
2803946 - ETPRO TROJAN Win32/VBInject.T Checkin (trojan.rules)
2803947 - ETPRO MALWARE Win32/Gabpath User-Agent (WhereSphere) (malware.rules)
2803948 - ETPRO TROJAN Win32/Trafog!rts Checkin (trojan.rules)
2803949 - ETPRO MALWARE Win32/Jinzie User-Agent (PopRocks) (malware.rules)
2803951 - ETPRO TROJAN Trojan.Win32.Jorik.IRCbot.ddj Joining IRC channel (trojan.rules)
2803954 - ETPRO MALWARE Win32.Malware.XGW at aSlsEHbG User-Agent (olesio) (malware.rules)
2803958 - ETPRO EXPLOIT HP Power Manager formExportDataLogs Buffer Overflow (exploit.rules)
2803960 - ETPRO TROJAN Trojan-PWS.Banker6 Checkin (trojan.rules)
2803962 - ETPRO TROJAN TrojanDownloader.Win32/VB.PX Checkin (trojan.rules)
2803965 - ETPRO SCADA IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS (scada.rules)
2803967 - ETPRO TROJAN Win32/VBInject.gen!EP CnC Traffic (trojan.rules)
2803973 - ETPRO TROJAN Trojan-Banker.Win32.Banker.blvx Checkin (trojan.rules)
2803975 - ETPRO EXPLOIT HP Data Protector Media Operations Directory Traversal (exploit.rules)
2803976 - ETPRO TROJAN Win32/Bafruz.C Checkin (trojan.rules)
2803981 - ETPRO TROJAN Win32/Banload.ACI Checkin (trojan.rules)
2803982 - ETPRO TROJAN Win32/Scar.G Checkin (trojan.rules)
2803983 - ETPRO ACTIVEX Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow (activex.rules)
2803984 - ETPRO MALWARE Adware.SponsorKeyword Install (malware.rules)
2803986 - ETPRO TROJAN Win32/Agent.CS Checkin (trojan.rules)
2803988 - ETPRO TROJAN Win32/Toshinc.A Checkin (trojan.rules)
2803994 - ETPRO TROJAN Backdoor.Win32/Rbot.gen Joining IRC channel (trojan.rules)
2803995 - ETPRO TROJAN Win32/Kryptik.UNM User-Agent (bansol) (trojan.rules)
2803996 - ETPRO TROJAN Trojan.Win32.Malex!IK Checkin (trojan.rules)
2803998 - ETPRO TROJAN Win32/Kryptik.UUO Checkin (trojan.rules)
2804000 - ETPRO TROJAN Worm.Win32/Skopvel.gen!A Checkin (trojan.rules)
2804002 - ETPRO TROJAN Win32/Rimecud.A User-Agent (stalone) (trojan.rules)
2804003 - ETPRO EXPLOIT Cisco Unified Communications Manager Directory Traversal (exploit.rules)
2804004 - ETPRO EXPLOIT Cisco Unified Communications Manager Request to sensitive file platformConfig.xml (exploit.rules)
2804005 - ETPRO EXPLOIT Cisco TFTP hardcoded file names Information Leak (exploit.rules)
2804007 - ETPRO TROJAN Trojan.Win32.Sefnit.L Checkin 2 (trojan.rules)
2804009 - ETPRO TROJAN Backdoor.Win32/Hanove.A User-Agent (SIMPLE) (trojan.rules)
2804010 - ETPRO TROJAN Backdoor.Win32/Hanove.A Checkin (trojan.rules)
2804012 - ETPRO TROJAN TrojanDropper.Win32/Dogrobot.E Checkin 1 (trojan.rules)
2804013 - ETPRO TROJAN TrojanDropper.Win32/Dogrobot.E Checkin 2 (trojan.rules)
2804020 - ETPRO TROJAN Trojan-Downloader.Win32.Generic Install (trojan.rules)
2804021 - ETPRO TROJAN Win32/Tibia.AB Checkin (trojan.rules)
2804023 - ETPRO TROJAN Win32/Rimecud.A User-Agent (chuck) (trojan.rules)
2804025 - ETPRO TROJAN Win32/Kryptik.UNM User-Agent (wolf) (trojan.rules)
2804029 - ETPRO TROJAN Win32/Mafod!rts Checkin (trojan.rules)
2804033 - ETPRO TROJAN Win32/Bancos.DV Reporting via SMTP 4 (trojan.rules)
2804034 - ETPRO TROJAN Win32/Bancos.DV Reporting via SMTP 5 (trojan.rules)
2804036 - ETPRO TROJAN Win32/Kryptik.UNM User-Agent (dieter) (trojan.rules)
2804037 - ETPRO TROJAN Generic.Malware.dld!!.9C8D00AA User-Agent (*!%) (trojan.rules)
2804038 - ETPRO TROJAN Generic.Malware.dld!!.9C8D00AA User-Agent (microsoft.com) (trojan.rules)
2804039 - ETPRO TROJAN Win32/VBInject.CK Checkin (trojan.rules)
2804040 - ETPRO TROJAN Trojan-Banker.Win32.Banbra Reporting via SMTP (trojan.rules)
2804042 - ETPRO TROJAN PSW.Banker6.KTO Checkin (trojan.rules)
2804045 - ETPRO TROJAN Orsam/Backdoor.Demtranc Checkin 2 (trojan.rules)
2804046 - ETPRO TROJAN Win32/Kryptik.UOM Checkin (trojan.rules)
2804048 - ETPRO TROJAN Win32/Malushka.A Checkin (trojan.rules)
2804049 - ETPRO TROJAN Win32/Malushka.A User-Agent (netboom) (trojan.rules)
2804052 - ETPRO TROJAN Win32/Kryptik.UOM Checkin (trojan.rules)
2804055 - ETPRO TROJAN Tapaoux Secondary Checkin (trojan.rules)
2804056 - ETPRO TROJAN Win32/Banload.ADT Checkin (trojan.rules)
2804057 - ETPRO TROJAN Win32/Rimecud.A User-Agent (solders) (trojan.rules)
2804058 - ETPRO TROJAN W32/Rimecud.gen.cr User-Agent (goci) (trojan.rules)
2804060 - ETPRO TROJAN Win32/Rimecud.A User-Agent (cadara) (trojan.rules)
2804068 - ETPRO TROJAN Trojan.Win32.Agent2.lpa User-Agent (Ali) (trojan.rules)
2804069 - ETPRO TROJAN Trojan.Win32.Agent2.lpa User-Agent (Exp) (trojan.rules)
2804071 - ETPRO TROJAN Trojan.Win32.StartPage.aqnj Checkin (trojan.rules)
2804072 - ETPRO TROJAN Constructor.Win32.Agent.fx CnC Traffic (trojan.rules)
2804075 - ETPRO SCADA Siemens Automation License Manager Service Exception attempt 1 (scada.rules)
2804076 - ETPRO SCADA Siemens Automation License Manager Service *_licensekey serialid code execution (scada.rules)
2804077 - ETPRO SCADA Siemens Automation License Manager Service Exception attempt 2 (scada.rules)
2804080 - ETPRO TROJAN Trojan-Dropper.Win32.Injector.uua Checkin (trojan.rules)
2804081 - ETPRO TROJAN Trojan-Dropper.Win32.Injector.uua User-Agent (google___) (trojan.rules)
2804084 - ETPRO TROJAN Win32/Banker.YB Checkin (trojan.rules)
2804085 - ETPRO TROJAN Trojan.Win32.Scar.febz Checkin (trojan.rules)
2804092 - ETPRO TROJAN Trojan-Banker.Win32.Agent.gbq Checkin (trojan.rules)
2804093 - ETPRO MALWARE FakeAlert!grb Install (malware.rules)
2804094 - ETPRO MALWARE AdWare.Win32.SideTab.n Install (malware.rules)
2804100 - ETPRO TROJAN Trojan.Heur.VP2.nm1 at aOacxkoi Checkin (trojan.rules)
2804102 - ETPRO ACTIVEX HP Protect Tools Device Access Manager for Windows arbitrary code execution (activex.rules)
2804104 - ETPRO MALWARE AdWare.Win32.EzSearch.g User-Agent (WindowEzSearch) - Likely Trojan (malware.rules)
2804114 - ETPRO MALWARE User-Agent (Mozila Firefox) (malware.rules)
2804115 - ETPRO MALWARE User-Agent (Mozilla/4.0 competible) (malware.rules)
2804120 - ETPRO TROJAN Banker.Win32.Banker.snph Checkin (trojan.rules)
2804122 - ETPRO TROJAN Generic Dropper!dxm!50461342D70E Install (trojan.rules)
2804127 - ETPRO TROJAN Trojan.Autoit.F Checkin (trojan.rules)
2804128 - ETPRO TROJAN Win32/Delf.H Checkin (trojan.rules)
2804142 - ETPRO TROJAN Win32/Paramis.A Checkin (trojan.rules)
2804162 - ETPRO TROJAN Win32/Spy.Bancos.OBT Checkin (trojan.rules)
2804163 - ETPRO TROJAN Win32/Banker.XO Checkin (trojan.rules)
2804165 - ETPRO TROJAN Yakes/Cryptor Dropper Checkin to load.php (trojan.rules)
2804167 - ETPRO INFO DYNAMIC_DNS HTTP Request to a *.ddns.me.uk Domain (info.rules)
2804168 - ETPRO INFO DYNAMIC_DNS HTTP Request to a *.ddns.mobi Domain (info.rules)
2804173 - ETPRO INFO DYNAMIC_DNS HTTP Request to a *.myDDNS.com Domain (info.rules)
2804176 - ETPRO INFO DYNAMIC_DNS Query to a *.ddns.mobi Domain (info.rules)
2804183 - ETPRO TROJAN Trojan-Downloader.Win32.AutoIt.sp Checkin (trojan.rules)
2804184 - ETPRO TROJAN Win32/Bividon.A Checkin (trojan.rules)
2804185 - ETPRO TROJAN Win32/Dluca.AN Checkin (trojan.rules)
2804215 - ETPRO TROJAN Trojan.Heur.DP.HGW at aiZGjxg Checkin (trojan.rules)
2804216 - ETPRO MALWARE AdWare.Win32.SmartSearch!IK User-Agent (SmartSearch) (malware.rules)
2804218 - ETPRO MALWARE AdWare.Win32.Wizpop User-Agent (WizSearch) (malware.rules)
2804219 - ETPRO MALWARE Adware.SearchGuard User-Agent (searchguard) (malware.rules)
2804221 - ETPRO TROJAN Trojan-Downloader.BAT.Banload.p Checkin (trojan.rules)
2804222 - ETPRO TROJAN Win32/Scar.L Checkin (trojan.rules)
2804224 - ETPRO TROJAN Trojan.Heur.DP.NGX at aelsfkk Checkin (trojan.rules)
2804225 - ETPRO TROJAN Win32/FtpSteal.gen!A Checkin (trojan.rules)
2804228 - ETPRO TROJAN Trojan-Banker.Win32.Qhost.miq Checkin (trojan.rules)
2804229 - ETPRO TROJAN W32.HLLP.Sality Checkin (trojan.rules)
2804230 - ETPRO TROJAN TROJ_DLOADE.AGO Checkin (trojan.rules)
2804237 - ETPRO TROJAN Win32/Zerok.A Checkin (trojan.rules)
2804240 - ETPRO TROJAN TrojanDownloader.Win32/Delf.NK (trojan.rules)
2804242 - ETPRO TROJAN Malex.gen/Malware.GSFYd.ADE75676 Bot Checkin (trojan.rules)
2804244 - ETPRO TROJAN Hupigon.GVOY/Xema Checkin (trojan.rules)
2804252 - ETPRO TROJAN Bat/sdel Checkin (trojan.rules)
2804253 - ETPRO TROJAN Zugo Malware Installer Checkin (trojan.rules)
2804256 - ETPRO TROJAN Backdoor.Win32/Jukbot.B CnC traffic (trojan.rules)
2804257 - ETPRO WEB_SERVER Jboss code execution via comment parameter (web_server.rules)
2804258 - ETPRO WEB_SERVER Jboss code execution via comment parameter 2 (web_server.rules)
2804259 - ETPRO WEB_SERVER Jboss code execution via comment parameter 3 (web_server.rules)
2804260 - ETPRO TROJAN TrojanDownloader.Win32/Bredolab.AJ Checkin (trojan.rules)
2804262 - ETPRO TROJAN Trojan-Banker.Win32.Banbra.anpq Checkin (trojan.rules)
2804263 - ETPRO TROJAN Win32/Karagany.A Checkin (trojan.rules)
2804266 - ETPRO TROJAN Trojan.Win32.Scar.fsah Checkin (trojan.rules)
2804267 - ETPRO TROJAN TR/Crypt.XPACK.Gen Checkin (trojan.rules)
2804269 - ETPRO MALWARE RogueAntiSpyware Install (malware.rules)
2804270 - ETPRO TROJAN Trojan-Downloader.Win32.Agent.gyda Checkin (trojan.rules)
2804273 - ETPRO TROJAN Win32/Bancos.ACM Checkin (trojan.rules)
2804277 - ETPRO EXPLOIT CTEK SkyRouter 4200 and 4300 Command Execution (exploit.rules)
2804279 - ETPRO TROJAN Backdoor.Win32/Smadow.gen!B Checkin (trojan.rules)
2804281 - ETPRO TROJAN W32.Harakit Checkin (trojan.rules)
2804283 - ETPRO TROJAN Backdoor.Hupigon Checkin (trojan.rules)
2804287 - ETPRO TROJAN Trojan.MulDrop3.23293 Checkin (trojan.rules)
2804289 - ETPRO TROJAN Trojan-Downloader.Win32.FraudLoad.zpaf Checkin (trojan.rules)
2804301 - ETPRO TROJAN Win32/TrojanDownloader.Banload.QOM Checkin (trojan.rules)
2804303 - ETPRO TROJAN Win32/Klovbot.B Checkin (trojan.rules)

[---]         Removed rules:         [---]

2024699 - ET TROJAN [PTsecurity] Adware/Rukometa(LoadMoney) Fake PNG File (trojan.rules)
2803025 - ETPRO MALWARE Gabpath.com Adware Toolbar Installer User-Agent (malware.rules)
2803262 - ETPRO CHAT Windows Live Messenger User-Agent (chat.rules)
2803269 - ETPRO TROJAN Dynamer.dtc/Keylog.km0/Uaneskeylogger.pl Keylogger User-Agent Oddity (trojan.rules)
2803390 - ETPRO TROJAN Suspicious user agent (TEN) (trojan.rules)
2803499 - ETPRO TROJAN Known Banload User-Agent (PR3) (trojan.rules)
2803511 - ETPRO TROJAN Suspicious user agent(MakeByLc) (trojan.rules)
2803613 - ETPRO TROJAN Trojan.Generic.6200998 User-Agent (WT) (trojan.rules)
2803679 - ETPRO TROJAN Win32/Adload.CV User-Agent (SS Security Services) (trojan.rules)
2803703 - ETPRO TROJAN Win32/Joiner.A User-Agent (Microsoft Windows - Output Audio Director) (trojan.rules)
2803715 - ETPRO MALWARE Adware.BrowserVillage User-Agent (BrowserVillage) (malware.rules)
2803732 - ETPRO TROJAN Trojan-Downloader.Win32.Delf.aznp User-Agent (api.pc120.com) (trojan.rules)

Date: 
Monday, September 11, 2017 - 22:00