[***] Summary: [***] 1 new Open signature, 33 new Pro (1+32). Win32/Filecoder, AndroidOS.Badaccents (Fake "Interview" apk), Spy.Banker. Thanks: @rmkml [+++] Added rules: [+++] Open: 2020083 - ET TROJAN Win64/Havex Checkin (trojan.rules) Pro: 2809397 - ETPRO TROJAN Win32/Spy.Ranbyus.J Checkin (trojan.rules)
2809398 - ETPRO WEB_SPECIFIC_APPS WP Theme LFI Attempt (web_specific_apps.rules)
2809399 - ETPRO TROJAN Win32/Filecoder.NCW Checkin (trojan.rules)
2809400 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Andut.a Checkin (mobile_malware.rules)
2809401 - ETPRO TROJAN Win32/Filecoder.EB .onion Proxy Domain (trojan.rules)
2809402 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809403 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809404 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809405 - ETPRO TROJAN Win32.Spy.Banker.UAE Checkin (trojan.rules)
2809406 - ETPRO MALWARE PUP SoftPulse Checkin Response (malware.rules)
2809407 - ETPRO MALWARE Win32.SkySTools.A Checkin (malware.rules)
2809408 - ETPRO TROJAN Win32/Spy.Banker.ABCU Checkin (trojan.rules)
2809409 - ETPRO TROJAN Win32/TrojanDownloader.Banload.UUR Downloading PE set (trojan.rules)
2809410 - ETPRO TROJAN Win32/TrojanDownloader.Banload.UUR Downloading PE (trojan.rules)
2809411 - ETPRO MOBILE_MALWARE Android/SMSreg.KU Checkin (mobile_malware.rules)
2809412 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809413 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809414 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809415 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809416 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809417 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809418 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809419 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809420 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809421 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809422 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809423 - ETPRO TROJAN Win32/Filecoder Variant .onion Proxy Domain (trojan.rules)
2809424 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.h Checkin (mobile_malware.rules)
2809425 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Badaccents Download (mobile_malware.rules)
2809426 - ETPRO MALWARE AdWare.AirPush checkin (malware.rules)
2809427 - ETPRO USER_AGENTS IE 10 on Windows 3.1 (user_agents.rules)
2809428 - ETPRO TROJAN Win32.Blinkom Checkin Via IRC (trojan.rules)
[///] Modified active rules: [///] 2016849 - ET TROJAN Worm.Win32.Ngrbot.lof Join IRC channel (trojan.rules)
2020069 - ET TROJAN TROJ_WHAIM.A message (trojan.rules)
2809350 - ETPRO WEB_SPECIFIC_APPS Symposium WP Plugin Arbitrary File Upload (web_specific_apps.rules)
[---] Removed rules: [---] 2020073 - ET TROJAN DNS query for known Anunak APT Domain (ddnservice11.ru) (trojan.rules)
2020074 - ET TROJAN DNS query for known Anunak APT Domain (financialnewsonline.pw) (trojan.rules)
2808637 - ETPRO MOBILE_MALWARE Adware.Android.AppLovin.A Checkin (mobile_malware.rules)
2809390 - ETPRO TROJAN Win32/Filecoder.DA .onion Proxy Domain (trojan.rules)
Date: 
Monday, December 29, 2014 - 22:00