[***] Summary: [***]

7 new Open signatures, 14 new Pro (7+7). RIG EK, Nuclear EK, Various Android, Win.Bifrose.agn, Win32.Banload.

Thanks: @malwaresigs and @abuse_ch

[+++] Added rules: [+++]

Open:

2019190 - ET TROJAN Infostealer.Banprox Proxy.pac Download 2 (trojan.rules)
2019191 - ET TROJAN Infostealer.Banprox Proxy.pac Download 3 (trojan.rules)
2019192 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC) (trojan.rules)
2019193 - ET CURRENT_EVENTS RIG EK Landing Page Sept 17 2014 (current_events.rules)
2019194 - ET CURRENT_EVENTS Nuclear EK Redirect Sept 18 2014 (current_events.rules)
2019195 - ET CURRENT_EVENTS Nuclear EK Redirect Sept 18 2014 (current_events.rules)
2019196 - ET CURRENT_EVENTS Androm SSL Cert Sept 18 2014 (current_events.rules)

Pro:

2808841 - ETPRO MOBILE_MALWARE Android/JSmsHider.A Checkin 2 (mobile_malware.rules)
2808842 - ETPRO MOBILE_MALWARE Android/Agent.FP Checkin (mobile_malware.rules)
2808843 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.kh Checkin 2 (mobile_malware.rules)
2808844 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.kh Response 2 (mobile_malware.rules)
2808845 - ETPRO TROJAN Backdoor.Win32.Bifrose.agn Checkin (trojan.rules)
2808846 - ETPRO TROJAN Win32.Banload Variant Checkin (trojan.rules)
2808847 - ETPRO MALWARE Win32.Chifrax.Wuhc Checkin (malware.rules)

[///] Modified active rules: [///]

2000357 - ET P2P BitTorrent Traffic (p2p.rules)
2010144 - ET P2P Vuze BT UDP Connection (5) (p2p.rules)
2014435 - ET TROJAN Infostealer.Banprox Proxy.pac Download (trojan.rules)
2805446 - ETPRO TROJAN Win32/Recslurp.A Checkin (trojan.rules)

[---] Disabled rules: [---]

2808839 - ETPRO POLICY WebSocket Session Initiation Request (policy.rules)
2808840 - ETPRO POLICY WebSocket Session Initiation Response (policy.rules)

[---] Removed rules: [---]

2011918 - ET TROJAN FAKEAV Gemini - JavaScript Redirection To FakeAV Binary (trojan.rules)
Date: 
Wednesday, September 17, 2014 - 22:00