[***] Summary: [***]

9 new Open signatures, 19 new Pro (9+10). Fiesta EK, Hupigon, Various Android, Dyre SSL certs.

Thanks: tdzmont, Kevin Ross and @MalwareSigs

[+++] Added rules: [+++]

Open:

2019178 - ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 16 2014 (current_events.rules)
2019179 - ET TROJAN MSIL/Spy.RapidStealer.B Checkin (trojan.rules)
2019180 - ET CURRENT_EVENTS Malvertising Leading to EK Aug 19 2014 M4 (current_events.rules)
2019181 - ET CURRENT_EVENTS Possible Android CVE-2014_6041 (current_events.rules)
2019182 - ET WEB_SERVER HTTP POST Generic eval of base64_decode (web_server.rules)
2019183 - ET CURRENT_EVENTS Fiesta EK Gate (current_events.rules)
2019184 - ET CURRENT_EVENTS Fiesta EK Silverlight Based Redirect (current_events.rules)
2019185 - ET CURRENT_EVENTS Nuclear EK Gate Sep 16 2014 (current_events.rules)
2019186 - ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 16 2014 (current_events.rules)

Pro:

2808815 - ETPRO TROJAN Trojan.Rontokbro C2 (trojan.rules)
2808816 - ETPRO TROJAN Win32/Cendelf.gen!A Dropping Files (trojan.rules)
2808817 - ETPRO TROJAN Win32.Chifrax Variant C2 (trojan.rules)
2808818 - ETPRO MALWARE Riskware/EliteKeylogger checkin (malware.rules)
2808819 - ETPRO TROJAN Win32.Hupigon.cbtep Checkin (trojan.rules)
2808820 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.aq Checkin (mobile_malware.rules)
2808821 - ETPRO TROJAN Win32.IRCBot Variant C2 (trojan.rules)
2808822 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.a Checkin 4 (mobile_malware.rules)
2808823 - ETPRO TROJAN Gozi/Ursnif/Papras SSL Cert (trojan.rules)
2808824 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Stealer.a Checkin 3 (mobile_malware.rules)

[///] Modified active rules: [///]

2017667 - ET CURRENT_EVENTS Nuclear EK Payload URI Struct Nov 05 2013 (current_events.rules)
2018979 - ET TROJAN Miras C2 Activity (trojan.rules)
2019143 - ET MALWARE PUP Win32.SoftPulse Retrieving data (malware.rules)
2805882 - ETPRO MOBILE_MALWARE Android/JSmsHider.B Checkin (mobile_malware.rules)
2806877 - ETPRO MOBILE_MALWARE Android/TheftSpy.C Checkin (mobile_malware.rules)
2808670 - ETPRO TROJAN POSCARDSTEALER.Q Checkin (trojan.rules)
2808791 - ETPRO TROJAN Win32/Xymne Checkin (trojan.rules)

[---] Disabled and modified rules: [---]

2018171 - ET CURRENT_EVENTS Angler Landing Page Feb 24 2014 (current_events.rules)

[---] Removed rules: [---]

2805319 - ETPRO NETBIOS Microsoft Remote Administration Protocol Windows XP NetServerEnum API Heap Buffer Overflow (netbios.rules)
Date: 
Monday, September 15, 2014 - 22:00