[***] Summary: [***]

13 new Open signatures, 28 new Pro (13+15). Upatre, Various Android, SmSPay.C, Sweet Orange EK.

Thanks: Jake Warren, Nathan Fowler, Kevin Ross, @EKWatcher, @jaimeblascob.

[+++] Added rules: [+++]

Open:

2018775 - ET TROJAN Backdoor.Win32.Androm.dtrv CnC Server Fake Server Header (trojan.rules)
2018776 - ET CURRENT_EVENTS Possible Upatre SSL Cert thelabelnashville.com (current_events.rules)
2018777 - ET CURRENT_EVENTS Possible Upatre SSL Cert cactussports.com (current_events.rules)
2018778 - ET CURRENT_EVENTS Possible Upatre SSL Cert yellowdevilgear.com (current_events.rules)
2018779 - ET CURRENT_EVENTS Possible Upatre SSL Cert michaelswinecellar.com (current_events.rules)
2018780 - ET CURRENT_EVENTS Possible Upatre SSL Cert migsparkle.com (current_events.rules)
2018781 - ET MOBILE_MALWARE AndroidOS.Simplocker Checkin (mobile_malware.rules)
2018782 - ET SCAN Internet Scanning Project HTTP scan (scan.rules)
2018783 - ET CURRENT_EVENTS Likely Evil XMLDOM Detection of Local File (current_events.rules)
2018784 - ET TROJAN Win32/Neurevt Check-in 4 (trojan.rules)
2018785 - ET CURRENT_EVENTS Possible ShellCode Passed as Argument to FlashVars (current_events.rules)
2018786 - ET CURRENT_EVENTS Sweet Orange EK CDN Landing Page (current_events.rules)
2018787 - ET TROJAN Unknown Locker DL URI Struct Jul 25 2014 (trojan.rules)

Pro:

2808431 - ETPRO TROJAN Backdoor.Ratenjay!gen2 Checkin (trojan.rules)
2808432 - ETPRO TROJAN Backdoor.Korplug!gen6 Checkin (HTTP) (trojan.rules)
2808433 - ETPRO TROJAN Backdoor.Korplug!gen6 Checkin (UDP) (trojan.rules)
2808434 - ETPRO MALWARE Win32/SoftPulse.H Checkin (malware.rules)
2808435 - ETPRO MALWARE PUP Win32/WinloadSDA.D Checkin (malware.rules)
2808436 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Agent.aj Checkin (mobile_malware.rules)
2808438 - ETPRO MOBILE_MALWARE Trojan.Android.TrojanSMS.bABM Checkin (mobile_malware.rules)
2808439 - ETPRO TROJAN Trojan-Clicker.Win32.Agent.adoa Checkin (trojan.rules)
2808440 - ETPRO MALWARE AdWare.Filcout Install (malware.rules)
2808441 - ETPRO MOBILE_MALWARE Android-Spyware/SpyApp Checkin (mobile_malware.rules)
2808442 - ETPRO MALWARE PUP Win32/Toolbar.Conduit Checkin (malware.rules)
2808443 - ETPRO MALWARE Win32/Conduit.SearchProtect.N Installation Callback (malware.rules)
2808444 - ETPRO TROJAN Trojan.Win32.Stantinko.bF Checkin (trojan.rules)
2808445 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.C Checkin 3 (mobile_malware.rules)
2808446 - ETPRO TROJAN Win32.Rbrute.a Checkin (trojan.rules)

[///] Modified active rules: [///]

2018078 - ET TROJAN W32/Kbot.Backdoor Variant CnC Beacon (trojan.rules)
2808213 - ETPRO CURRENT_EVENTS Safe/Critx/FlashPack URI Struct June 19, 2014 2 (current_events.rules)
Date: 
Thursday, July 24, 2014 - 22:00