[***] Summary: [***]

4 new Open rules. 16 new Pro rules (4/12). Upatre, Pushdo.S, Ddex, Dragon. Thanks Jake Warren, setests, Eoin Miller.

[+++] Added rules: [+++]

Open:

2018895 - ET TROJAN Ddex Loader Check-in (trojan.rules)
2018896 - ET TROJAN BitcoinMiner C2 SSL Cert (trojan.rules)
2018897 - ET TROJAN Pushdo.S CnC response (trojan.rules)
2018898 - ET CURRENT_EVENTS Possible Upatre SSL Cert tradeledstore.co.uk (current_events.rules)

Pro:

2808504 - ETPRO TROJAN Bublik.sda pastebin Request (trojan.rules)
2808505 - ETPRO TROJAN Autoit.LOX Checkin (trojan.rules)
2808506 - ETPRO TROJAN Trojan.Crypt.CG Checkin (trojan.rules)
2808507 - ETPRO TROJAN Dragon Infostealer Checkin via SMTP (trojan.rules)
2808508 - ETPRO TROJAN Loadmoney.A Checkin 8 (trojan.rules)
2808509 - ETPRO MALWARE PUP Win32/Soft32Downloader.D SSL Cert Observed (malware.rules)
2808510 - ETPRO TROJAN W32/Zbot.PM.gen Checkin (trojan.rules)
2808511 - ETPRO TROJAN W32/Zbot.PM.gen Checkin 2 (trojan.rules)
2808512 - ETPRO MOBILE_MALWARE Android/SmsSpy.AS Checkin (mobile_malware.rules)
2808513 - ETPRO MOBILE_MALWARE Android/SmsSpy.AS Checkin 2 (mobile_malware.rules)
2808514 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.AO Checkin 2 (mobile_malware.rules)
2808515 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.C Checkin 4 (mobile_malware.rules)

[///] Modified active rules: [///]

Open:

2014600 - ET TROJAN Win32/Nitol.A Checkin (trojan.rules)
2016867 - ET TROJAN Backdoor.Win32.Pushdo.s Checkin (trojan.rules)
2018045 - ET CURRENT_EVENTS PHISH Visa - URI - Landing Page (current_events.rules)
2018643 - ET TROJAN Win32/Zemot Checkin (trojan.rules)
2018752 - ET TROJAN Generic .bin download from Dotted Quad (trojan.rules)

Pro:

2808499 - ETPRO TROJAN Win32/Zemot User-Agent (trojan.rules)

[---] Removed rules: [---]

Pro:

2808502 - ETPRO TROJAN Win32/Wigon.PI Checkin (trojan.rules)
Date: 
Monday, August 4, 2014 - 22:00