[***] Summary: [***]

2 new Open signatures, 23 new Pro (2+21). BleedingLife EK, FlashPack, Zeus.

Thanks: rmkml

[+++] Added rules: [+++]

Open:

2019023 - ET CURRENT_EVENTS BleedingLife EK Variant Aug 26 2014 (current_events.rules)
2019024 - ET CURRENT_EVENTS Offensive Security EMET Bypass Observed in BleedingLife Variant Aug 26 2014 (current_events.rules)

Pro:

2808639 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.SendPay.a Checkin (mobile_malware.rules)
2808640 - ETPRO TROJAN Win32/Zbot Downloading PE (trojan.rules)
2808641 - ETPRO TROJAN W32/Badur.ZYP Checkin (trojan.rules)
2808642 - ETPRO TROJAN Win32.BHO Variant Checkin (trojan.rules)
2808643 - ETPRO TROJAN Zeus variant C2 (trojan.rules)
2808644 - ETPRO TROJAN Win32/Hupigon.NYK Checkin (trojan.rules)
2808645 - ETPRO TROJAN MSIL/Agent.RQ Checkin (trojan.rules)
2808646 - ETPRO TROJAN W32/ZEGOST.AAGP!TR.BDR Checkin (trojan.rules)
2808647 - ETPRO TROJAN Backdoor.Win32.Stantinko.A Checkin (trojan.rules)
2808648 - ETPRO TROJAN Backdoor.Win32.Stantinko.A Checkin 2 (trojan.rules)
2808650 - ETPRO TROJAN PWS.MicroGaming Checkin (trojan.rules)
2808651 - ETPRO TROJAN TROJAN-DROPPER.WIN32.FRAUDROP.AETPC Checkin (trojan.rules)
2808652 - ETPRO TROJAN TROJAN-DROPPER.WIN32.DINWOD.SIL Checkin (trojan.rules)
2808653 - ETPRO TROJAN Win32.Badur variant payload retrieval (trojan.rules)
2808654 - ETPRO TROJAN BackDoor.Ebot Checkin (trojan.rules)
2808655 - ETPRO TROJAN WIN32/LOCKSCREEN.BIK Checkin (trojan.rules)
2808656 - ETPRO POLICY LabTech PC remote control session setup (policy.rules)
2808657 - ETPRO TROJAN W32/Delf.GY Callback (trojan.rules)
2808658 - ETPRO CURRENT_EVENTS FlashPack URI Struct Thread 1 Specific (current_events.rules)
2808659 - ETPRO CURRENT_EVENTS FlashPack URI Struct Thread 2 Specific (current_events.rules)
2808660 - ETPRO TROJAN Win32.Badur variant c2 (trojan.rules)

[///] Modified active rules: [///]

2008358 - ET TROJAN Pakes/Cutwail/Kobcka Checkin Detected High Ports (trojan.rules)
2013439 - ET TROJAN Dirt Jumper/Russkill3 Checkin (trojan.rules)
2014523 - ET TROJAN OSX/Flashback.K/I reporting successful infection 2 (trojan.rules)
2016591 - ET DNS Reply Sinkhole - 106.187.96.49 blacklistthisdomain.com (dns.rules)
2018578 - ET TROJAN Dyreza RAT Ex-filtrating Data (trojan.rules)
2018579 - ET TROJAN Dyreza RAT Checkin (trojan.rules)
2018596 - ET TROJAN Dyreza RAT Checkin Response (trojan.rules)
2018597 - ET TROJAN Dyreza RAT Checkin Response 2 (trojan.rules)
2018683 - ET TROJAN Dyreza RAT Checkin 2 (trojan.rules)
2018749 - ET TROJAN Dyreza RAT Checkin 3 (trojan.rules)
2018770 - ET TROJAN Dridex/Bugat/Feodo Cookie (trojan.rules)
2018771 - ET TROJAN Dridex/Bugat/Feodo POST Checkin (trojan.rules)
2018772 - ET TROJAN Dridex/Bugat/Feodo GET Checkin (trojan.rules)
2018775 - ET TROJAN Dyreza RAT Fake Server Header (trojan.rules)

Date:
Summary title:
2 new Open signatures, 23 new Pro (2+21). BleedingLife EK, FlashPack, Zeus.