[***] Summary: [***]

9 Open signatures, 21 Pro (9+13). OneLouder, Machete, Various Android, SillyFDC.

Thanks: @jaimeblascob @EKWatcher and Nathan Fowler.

[+++] Added rules: [+++]

Open:

2018976 - ET MALWARE Hoic.zip retrieval (malware.rules)
2018977 - ET MALWARE HOIC with booster outbound (malware.rules)
2018978 - ET WEB_SERVER HOIC with booster inbound (web_server.rules)
2018979 - ET TROJAN Miras C2 Activity (trojan.rules)
2018980 - ET TROJAN Machete FTP activity (trojan.rules)
2018981 - ET CURRENT_EVENTS Probable OneLouder downloader (Zeus P2P) (current_events.rules)
2018982 - ET CURRENT_EVENTS Probable OneLouder downloader (Zeus P2P) exe download (current_events.rules)
2018983 - ET CURRENT_EVENTS Probable OneLouder downloader (Zeus P2P) (current_events.rules)
2018984 - ET TROJAN PlugX variant (trojan.rules)

Pro:

2808599 - ETPRO TROJAN Win32/Bancos.DI HTTP callback (trojan.rules)
2808600 - ETPRO TROJAN Backdoor.Perl.Shellbot.B IRC Checkin (trojan.rules)
2808601 - ETPRO TROJAN Win32/Qhost.PGZ Checkin (trojan.rules)
2808602 - ETPRO MOBILE_MALWARE Android/Crosate.N Checkin (mobile_malware.rules)
2808603 - ETPRO TROJAN Worm.Win32.SillyFDC Checkin (trojan.rules)
2808604 - ETPRO TROJAN W32.Virut IRC checkin (trojan.rules)
2808605 - ETPRO TROJAN Rogue.Win32/Defru Checkin (trojan.rules)
2808606 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Wirec.a Checkin (mobile_malware.rules)
2808607 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Wirec.a Checkin 2 (mobile_malware.rules)
2808608 - ETPRO MOBILE_MALWARE Android.Riskware.SMSPay.AO Checkin 3 (mobile_malware.rules)
2808609 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Iconosys.a Checkin 4 (mobile_malware.rules)
2808610 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Iconosys.a Checkin 5 (mobile_malware.rules)
2808611 - ETPRO TROJAN Win32/Spy.Usteal.C Checkin (trojan.rules)

[///] Modified active rules: [///]

2006445 - ET WEB_SERVER Possible SQL Injection Attempt SELECT FROM (web_server.rules)
2008411 - ET TROJAN LDPinch SMTP Password Report with mail client The Bat! (trojan.rules)
2009521 - ET TROJAN Win32/Nubjub.A HTTP Check-in (trojan.rules)
2009833 - ET SCAN WITOOL SQL Injection Scan (scan.rules)
2010953 - ET SCAN Skipfish Web Application Scan Detected (scan.rules)
2011894 - ET TROJAN TDSS/TDL/Alureon MBR rootkit Checkin (trojan.rules)
2016913 - ET TROJAN Backdoor.Win32.VB.Alsci/Dragon Eye RAT Checkin (sending user info) (trojan.rules)
2802121 - ETPRO WORM Worm.Win32.Cospet.A Checkin (worm.rules)
2802830 - ETPRO TROJAN Win32.Banksun.A Checkin (trojan.rules)
2803129 - ETPRO TROJAN Palevo CnC Response (trojan.rules)
2803669 - ETPRO SCADA Progea Movicon PowerHMI Memory Corruption Negative Content Length (scada.rules)
2805870 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Placms.F Checkin (mobile_malware.rules)
2807674 - ETPRO POLICY Primecoin (policy.rules)

[///] Modified inactive rules: [///]

2018537 - ET WEB_CLIENT Possible GnuTLS Client ServerHello SessionID Overflow CVE-2014-3466 (web_client.rules)

[---] Disabled and modified rules: [---]

2016763 - ET SCAN Non-Malicious SSH/SSL Scanner on the run (scan.rules)
2802971 - ETPRO TROJAN Killproc.5707/Generic Checkin Request 1 (trojan.rules)
2803088 - ETPRO DNS Bracket in DNS Query - Possible Covert Channel (dns.rules)

[---] Disabled rules: [---]

2014893 - ET SCAN critical.io Scan (scan.rules)

Date:
Summary title:
9 Open signatures, 21 Pro (9+13). OneLouder, Machete, Various Android, SillyFDC.