Daily Ruleset Update Summary 2017/05/11

[***]            Summary:            [***]

3 new Open, 10 new Pro (3 + 7). Jaff Ransomware, FrozrLock Ransomware, Babylon RAT, Various Mobile.

[+++]          Added rules:          [+++]

Open:

2024288 - ET TROJAN Jaff Ransomware Checkin (trojan.rules)
2024289 - ET TROJAN DNS Query to Jaff Domain (fkksjobnn43 . org) (trojan.rules)
2024290 - ET TROJAN Jaff Ransomware Checkin M1 (trojan.rules)

Pro:

2826363 - ETPRO TROJAN MSIL/FrozrLock Ransomware CnC Checkin (trojan.rules)
2826364 - ETPRO TROJAN Babylon RAT C2 Client Request M2 (trojan.rules)
2826365 - ETPRO TROJAN Babylon RAT C2 Server Response M2 (trojan.rules)
2826366 - ETPRO TROJAN Win32/Slingup.A Checkin (trojan.rules)
2826367 - ETPRO TROJAN Win32/Slingup.A Module Download Request (trojan.rules)
2826368 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.JZ SMS/Contact Exfil (mobile_malware.rules)
2826369 - ETPRO SCAN IPMI Get Authentication Request (null seq number - null sessionID) (scan.rules)

[///]     Modified active rules:     [///]

2821738 - ETPRO TROJAN Babylon RAT C2 Server Response (trojan.rules)

[---]         Disabled rules:        [---]

2000017 - ET NETBIOS NII Microsoft ASN.1 Library Buffer Overflow Exploit (netbios.rules)
2000025 - ET MALWARE Gator Cookie (malware.rules)
2000032 - ET NETBIOS LSA exploit (netbios.rules)
2000033 - ET NETBIOS MS04011 Lsasrv.dll RPC exploit (WinXP) (netbios.rules)
2000046 - ET NETBIOS MS04011 Lsasrv.dll RPC exploit (Win2k) (netbios.rules)
2000466 - ET MALWARE User-Agent (iexplore) (malware.rules)
2000514 - ET MALWARE IE homepage hijacking (malware.rules)
2000520 - ET MALWARE shell browser vulnerability NT/2K (malware.rules)
2000559 - ET WEB_SERVER THCIISLame IIS SSL Exploit Attempt (web_server.rules)
2000580 - ET MALWARE Shop At Home Select.com Install Attempt (malware.rules)
2000581 - ET MALWARE Shop At Home Select.com Install Download (malware.rules)
2000582 - ET MALWARE F1Organizer Reporting (malware.rules)
2000583 - ET MALWARE Mindset Interactive Install (1) (malware.rules)
2000584 - ET MALWARE Mindset Interactive Install (2) (malware.rules)
2000585 - ET MALWARE F1Organizer Install Attempt (malware.rules)
2000597 - ET MALWARE Gator New Code Download (malware.rules)
2000599 - ET MALWARE Fun Web Products Install (malware.rules)
2000600 - ET MALWARE MyWebSearch Toolbar Receiving Configuration (malware.rules)
2000601 - ET MALWARE Salongas Infection (malware.rules)
2000902 - ET MALWARE MarketScore.com Spyware Configuration Access (malware.rules)
2000920 - ET MALWARE Hotbar Install (1) (malware.rules)
2000921 - ET MALWARE Hotbar Install (2) (malware.rules)
2000922 - ET MALWARE Hotbar Install (3) (malware.rules)
2000923 - ET MALWARE Hotbar Agent Reporting Information (malware.rules)
2000924 - ET MALWARE Hotbar Agent Upgrading (malware.rules)
2000925 - ET MALWARE Hotbar Agent Partner Checkin (malware.rules)
2000927 - ET MALWARE ISearchTech.com XXXPornToolbar Reporting (malware.rules)
2000929 - ET MALWARE Hotbar Agent Activity (malware.rules)
2000936 - ET MALWARE FlashTrack Agent Retrieving New App Code (malware.rules)
2001013 - ET MALWARE Fun Web Products SmileyCentral (malware.rules)
2001016 - ET MALWARE SideStep Bar Install (malware.rules)
2001017 - ET MALWARE SideStep Bar Reporting Data (malware.rules)
2001038 - ET MALWARE Ebates Install (malware.rules)
2001055 - ET MISC HP Web JetAdmin ExecuteFile admin access (misc.rules)
2001066 - ET TROJAN IE Ilookup Trojan (trojan.rules)
2001218 - ET WEB_SPECIFIC_APPS PHPNuke general XSS attempt (web_specific_apps.rules)
2001221 - ET MALWARE F1Organizer Config Download (malware.rules)
2001224 - ET MALWARE Regnow.com Gamehouse.com Access (malware.rules)
2001238 - ET WEB_SPECIFIC_APPS Possible Xedus Webserver Directory Traversal Attempt (web_specific_apps.rules)
2001307 - ET MALWARE Wild Tangent Agent Installation (malware.rules)
2001308 - ET MALWARE Internet Optomizer Reporting Data (malware.rules)
2001309 - ET MALWARE Wild Tangent Agent Checking In (malware.rules)
2001310 - ET MALWARE Wild Tangent Agent Traffic (malware.rules)
2001311 - ET MALWARE Rdxrp.com Traffic (malware.rules)
2001313 - ET MALWARE Traffic Syndicate Add/Remove (malware.rules)
2001314 - ET MALWARE Wild Tangent Agent (malware.rules)
2001316 - ET MALWARE Traffic Syndicate Agent Updating (2) (malware.rules)
2001321 - ET MALWARE Speedera Agent (Specific) (malware.rules)
2001322 - ET MALWARE Wild Tangent New Install (malware.rules)
2001335 - ET MALWARE Ezula Installer Download (malware.rules)
2001340 - ET MALWARE LocalNRD Spyware Checkin (malware.rules)
2001341 - ET MALWARE OfferOptimizer.com Spyware (malware.rules)
2001343 - ET WEB_SERVER IIS ASP.net Auth Bypass / Canonicalization % 5 C (web_server.rules)
2001359 - ET MALWARE MarketScore.com Spyware Access (malware.rules)
2001365 - ET WEB_SERVER Alternate Data Stream source view attempt (web_server.rules)
2001396 - ET MALWARE Internet Optimizer Spyware Install (malware.rules)
2001416 - ET MALWARE E2give Related Reporting Install (malware.rules)
2001417 - ET MALWARE E2give Related Receiving Config (malware.rules)
2001423 - ET MALWARE E2give Related Reporting (malware.rules)
2001442 - ET MALWARE Statblaster.MemoryWatcher Download (malware.rules)
2001453 - ET MALWARE Couponage Download (malware.rules)
2001454 - ET MALWARE Couponage Configure (malware.rules)
2001456 - ET MALWARE ContextPanel Reporting (malware.rules)
2001460 - ET MALWARE Sexmaniack Install Tracking (malware.rules)
2001461 - ET MALWARE Xpire.info Multiple Spyware Installs (1) (malware.rules)
2001462 - ET MALWARE Xpire.info Multiple Spyware Installs Occuring (malware.rules)
2001463 - ET MALWARE Xpire.info Multiple Spyware Installs (2) (malware.rules)
2001464 - ET MALWARE Xpire.info Multiple Spyware Installs (3) (malware.rules)
2001466 - ET MALWARE Xpire.info Multiple Spyware Installs (4) (malware.rules)
2001467 - ET MALWARE Xpire.info Multiple Spyware Installs (5) (malware.rules)
2001468 - ET MALWARE Xpire.info Multiple Spyware Installs CHM Exploit (malware.rules)
2001469 - ET MALWARE Xpire.info Multiple Spyware Installs (6) (malware.rules)
2001470 - ET MALWARE Xpire.info Multiple Spyware Installs (7) (malware.rules)
2001471 - ET MALWARE Xpire.info Spyware Exploit (malware.rules)
2001479 - ET MALWARE Coolsearch Spyware Install (malware.rules)
2001482 - ET MALWARE thebestsoft4u.com Spyware Install (1) (malware.rules)
2001484 - ET MALWARE Searchmeup Spyware Install (d.exe) (malware.rules)
2001485 - ET MALWARE thebestsoft4u.com Spyware Install (2) (malware.rules)
2001489 - ET MALWARE Spygalaxy.ws Spyware Checkin (malware.rules)
2001490 - ET MALWARE ICQ-Update.biz Reporting Install (malware.rules)
2001491 - ET MALWARE Xpire.info Spyware Checkin (malware.rules)
2001495 - ET MALWARE Outerinfo.com Spyware Install (malware.rules)
2001503 - ET MALWARE Medialoads.com Spyware Config (malware.rules)
2001505 - ET MALWARE Smartpops.com Spyware Install rh.exe (malware.rules)
2001507 - ET MALWARE Medialoads.com Spyware Identifying Country of Origin (malware.rules)
2001509 - ET MALWARE Medialoads.com Spyware Reporting (register.cgi) (malware.rules)
2001510 - ET MALWARE SurfAssistant.com Spyware Install (malware.rules)
2001513 - ET MALWARE Smartpops.com Spyware Update (malware.rules)
2001514 - ET MALWARE SurfAssistant.com Spyware Reporting (malware.rules)
2001516 - ET MALWARE Smartpops.com Spyware Install (malware.rules)
2001517 - ET MALWARE Websearch.com Outbound Dialer Retrieval (malware.rules)
2001520 - ET MALWARE Spywaremover Activity (malware.rules)
2001522 - ET MALWARE SpywareLabs Application Install (malware.rules)
2001525 - ET MALWARE Virtumonde Spyware Code Download mmdom.exe (malware.rules)
2001526 - ET MALWARE Virtumonde Spyware Code Download bkinst.exe (malware.rules)
2001536 - ET MALWARE Spyspotter.com Install (malware.rules)
2001537 - ET MALWARE Spyspotter.com Access (malware.rules)
2001538 - ET MALWARE Oenji.com Install (malware.rules)
2001539 - ET MALWARE Spyspotter.com Access, Likely Spyware (malware.rules)
2001541 - ET MALWARE Xpire.info Install Report (malware.rules)
2001562 - ET MALWARE MarketScore.com Spyware User Configuration and Setup Access User-Agent (OSSProxy) (malware.rules)
2001563 - ET MALWARE MarketScore.com Spyware SSL Access (malware.rules)
2001564 - ET MALWARE MarketScore.com Spyware Proxied Traffic (malware.rules)
2001570 - ET MALWARE Spyware Stormer Reporting Data (malware.rules)
2001571 - ET MALWARE Spyware Stormer/Error Guard Activity (malware.rules)
2001587 - ET MALWARE MarketScore.com Spyware Upgrading (malware.rules)
2001588 - ET MALWARE MarketScore.com Spyware Activity (1) (malware.rules)
2001589 - ET MALWARE MarketScore.com Spyware Activity (2) (malware.rules)
2001641 - ET MALWARE Microgaming.com Spyware Installation (dlhelper) (malware.rules)
2001643 - ET MALWARE Microgaming.com Spyware Installation (2) (malware.rules)
2001644 - ET MALWARE Microgaming.com Spyware Reporting Installation (malware.rules)
2001645 - ET MALWARE Microgaming.com Spyware Casino App Install (malware.rules)
2001646 - ET MALWARE Toprebates.com Install (1) (malware.rules)
2001647 - ET MALWARE Toprebates.com Install (2) (malware.rules)
2001648 - ET MALWARE Toprebates.com User Confirming Membership (malware.rules)
2001650 - ET MALWARE Search Scout Related Spyware (content) (malware.rules)
2001653 - ET MALWARE Search Scout Related Spyware (results) (malware.rules)
2001656 - ET MALWARE GlobalPhon.com Dialer (malware.rules)
2001657 - ET MALWARE GlobalPhon.com Dialer Download (malware.rules)
2001659 - ET MALWARE GlobalPhon.com Dialer (no_pop) (malware.rules)
2001660 - ET MALWARE GlobalPhon.com Dialer (add_ocx) (malware.rules)
2001666 - ET MALWARE Metarewards Spyware Activity (malware.rules)
2001686 - ET WEB_SPECIFIC_APPS Awstats Remote Code Execution Attempt (web_specific_apps.rules)
2001696 - ET MALWARE Search Relevancy Spyware (malware.rules)
2001697 - ET MALWARE ISearchTech Toolbar Data Submission (malware.rules)
2001700 - ET MALWARE Windupdates.com Spyware Install (malware.rules)
2001701 - ET MALWARE Windupdates.com Spyware Loggin Data (malware.rules)
2001705 - ET MALWARE Flingstone Spyware Install (sportsinteraction) (malware.rules)
2001708 - ET MALWARE Shop at Home Select Spyware Heartbeat (malware.rules)
2001710 - ET MALWARE Flingstone Spyware Install (cxtpls) (malware.rules)
2001711 - ET USER_AGENTS Likely Spambot Web-based Control Traffic (user_agents.rules)
2001729 - ET MALWARE Tibsystems Spyware Install (1) (malware.rules)
2001734 - ET MALWARE Tibsystems Spyware Install (2) (malware.rules)
2001747 - ET MALWARE My-Stats.com Spyware Checkin (malware.rules)
2001748 - ET MALWARE Pynix.dll BHO Activity (malware.rules)
2001793 - ET MALWARE Incredisearch.com Spyware Ping (malware.rules)
2001794 - ET MALWARE Incredisearch.com Spyware Activity (malware.rules)
2001895 - ET MALWARE ToolbarPartner Spyware Spambot Retrieving Target Emails (malware.rules)
2001901 - ET TROJAN Possible Bobax trojan infection (trojan.rules)
2001933 - ET TROJAN PWS Banker Trojan Sending Report of Infection (trojan.rules)
2001944 - ET NETBIOS MS04-007 Kill-Bill ASN1 exploit attempt (netbios.rules)
2001947 - ET MALWARE Zenotecnico Adware (malware.rules)
2001949 - ET WEB_SPECIFIC_APPS Athena Web Registration Remote Command Execution Attempt (web_specific_apps.rules)
2001994 - ET MALWARE SurfSidekick Activity (ipixel) (malware.rules)
2001997 - ET MALWARE TargetNetworks.net Spyware Reporting (req) (malware.rules)
2002000 - ET MALWARE Shopnav Spyware Install (malware.rules)
2002004 - ET MALWARE Topconverting Spyware Install (malware.rules)
2002008 - ET MALWARE Wild Tangent Install (malware.rules)
2002009 - ET MALWARE ESyndicate Spyware Install (esyndicateinst.exe) (malware.rules)
2002010 - ET MALWARE ESyndicate Spyware Install (sepinst.exe) (malware.rules)
2002012 - ET MALWARE GrandstreetInteractive.com Install (malware.rules)
2002013 - ET MALWARE GrandstreetInteractive.com Update (malware.rules)
2002015 - ET MALWARE Internet Fuel.com Install (malware.rules)
2002016 - ET MALWARE jmnad1.com Spyware Install (2) (malware.rules)
2002036 - ET MALWARE Weird on the Web /180 Solutions Checkin (malware.rules)
2002037 - ET MALWARE Shop at Home Select Spyware Install (malware.rules)
2002040 - ET MALWARE Topconverting Spyware Reporting (malware.rules)
2002046 - ET MALWARE TargetNetworks.net Spyware Reporting (tn) (malware.rules)
2002066 - ET WEB_SPECIFIC_APPS CSV-DB CSV_DB.CGI Remote Command Execution Attempt (web_specific_apps.rules)
2002069 - ET WEB_SPECIFIC_APPS Blog Spam Insert Attempt (web_specific_apps.rules)
2002090 - ET MALWARE IEHelp.net Spyware Installer (malware.rules)
2002091 - ET MALWARE Searchmiracle.com Spyware Install - silent.exe (malware.rules)
2002096 - ET MALWARE IEHelp.net Spyware checkin (malware.rules)
2002100 - ET WEB_SPECIFIC_APPS WPS wps_shop.cgi Remote Command Execution Attempt (web_specific_apps.rules)
2002131 - ET WEB_SERVER Oracle Reports XML Information Disclosure (web_server.rules)
2002132 - ET WEB_SERVER Oracle Reports DESFORMAT Information Disclosure (web_server.rules)
2002133 - ET WEB_SERVER Oracle Reports OS Command Injection Attempt (web_server.rules)
2002169 - ET MALWARE iWon Spyware (iWonSearchAssistant) (malware.rules)
2002175 - ET TROJAN Srv.SSA-KeyLogger Checkin Traffic (trojan.rules)
2002199 - ET NETBIOS SMB-DS DCERPC PnP HOD bind attempt (netbios.rules)
2002200 - ET NETBIOS SMB-DS DCERPC PnP bind attempt (netbios.rules)
2002201 - ET NETBIOS SMB-DS DCERPC PnP QueryResConfList exploit attempt (netbios.rules)
2002202 - ET NETBIOS SMB DCERPC PnP bind attempt (netbios.rules)
2002203 - ET NETBIOS SMB DCERPC PnP QueryResConfList exploit attempt (netbios.rules)
2002296 - ET MALWARE Searchfeed.com Spyware 1 (malware.rules)
2002297 - ET MALWARE Searchfeed.com Spyware 2 (malware.rules)
2002298 - ET MALWARE Searchfeed.com Spyware 3 (malware.rules)
2002299 - ET MALWARE Searchfeed.com Spyware 4 (malware.rules)
2002300 - ET MALWARE Searchfeed.com Spyware 5 (malware.rules)
2002301 - ET MALWARE Searchfeed.com Spyware 6 (malware.rules)
2002302 - ET MALWARE Searchfeed.com Spyware 7 (malware.rules)
2002303 - ET MALWARE Searchfeed.com Spyware 8 (malware.rules)
2002305 - ET MALWARE Fun Web Products Smileychooser Spyware (malware.rules)
2002306 - ET MALWARE Fun Web Products Cursorchooser Spyware (malware.rules)
2002313 - ET WEB_SPECIFIC_APPS Cacti graph_image.php Remote Command Execution Attempt (web_specific_apps.rules)
2002314 - ET WEB_SPECIFIC_APPS PHPOutsourcing Zorum prod.php Remote Command Execution Attempt (web_specific_apps.rules)
2002317 - ET MALWARE EZSearch Spyware Reporting Search Strings (malware.rules)
2002318 - ET MALWARE EZSearch Spyware Reporting Search Category (malware.rules)
2002319 - ET MALWARE EZSearch Spyware Reporting 2 (malware.rules)
2002320 - ET MALWARE Transponder Spyware Activity (malware.rules)
2002331 - ET WEB_SPECIFIC_APPS Piranha default passwd attempt (web_specific_apps.rules)
2002348 - ET MALWARE VPP Technologies Spyware (malware.rules)
2002350 - ET MALWARE VPP Technologies Spyware Reporting URL (malware.rules)
2002362 - ET WEB_SERVER Barracuda Spam Firewall img.pl Remote Command Execution Attempt (web_server.rules)
2002365 - ET WEB_SERVER HP OpenView Network Node Manager Remote Command Execution Attempt (web_server.rules)
2002376 - ET WEB_SERVER IBM Lotus Domino BaseTarget XSS attempt (web_server.rules)
2002377 - ET WEB_SERVER IBM Lotus Domino Src XSS attempt (web_server.rules)
2002394 - ET MALWARE Adwave/MarketScore User-Agent (WTA) (malware.rules)
2002404 - ET MALWARE Movies-etc User-Agent (IOInstall) (malware.rules)
2002662 - ET WEB_SPECIFIC_APPS TWiki INCLUDE remote command execution attempt (web_specific_apps.rules)
2002667 - ET WEB_SERVER sumthin scan (web_server.rules)
2002668 - ET WEB_SPECIFIC_APPS CutePHP CuteNews directory traversal vulnerability - show_news (web_specific_apps.rules)
2002673 - ET P2P MS Foldershare Login Detected (p2p.rules)
2002681 - ET WEB_SPECIFIC_APPS Mambo Exploit (web_specific_apps.rules)
2002685 - ET WEB_SERVER Barracuda Spam Firewall img.pl Remote Directory Traversal Attempt (web_server.rules)
2002702 - ET WEB_SPECIFIC_APPS OSTicket Remote Code Execution Attempt (web_specific_apps.rules)
2002708 - ET MALWARE iframebiz - sploit.anr (malware.rules)
2002709 - ET MALWARE iframebiz - loaderadv***.jar (malware.rules)
2002721 - ET WEB_SERVER Cisco IOS HTTP set enable password attack (web_server.rules)
2002731 - ET WEB_SPECIFIC_APPS Generic phpbb arbitrary command attempt (web_specific_apps.rules)
2002736 - ET MALWARE Trafficsector.com Spyware Install (malware.rules)
2002775 - ET TROJAN Goldun Reporting User Activity (trojan.rules)
2002781 - ET TROJAN w32agent.dsi Posting Info (trojan.rules)
2002782 - ET TROJAN w32agent.dsi Domain Update (trojan.rules)
2002800 - ET WEB_SPECIFIC_APPS PHP PHPNuke Remote File Inclusion Attempt (web_specific_apps.rules)
2002804 - ET MALWARE Spyaxe Spyware DB Update (malware.rules)
2002805 - ET MALWARE Spyaxe Spyware DB Version Check (malware.rules)
2002806 - ET MALWARE Spyaxe Spyware Checkin (malware.rules)
2002815 - ET WEB_SPECIFIC_APPS Plume CMS prepend.php Remote File Inclusion attempt (web_specific_apps.rules)
2002816 - ET MALWARE DelFin Project Spyware (payload) (malware.rules)
2002817 - ET MALWARE DelFin Project Spyware (setup) (malware.rules)
2002820 - ET MALWARE Hotbar Agent Subscription POST (malware.rules)
2002821 - ET MALWARE SideStep Bar Reporting Data (sbstart) (malware.rules)
2002836 - ET MALWARE MyWebSearch Toolbar Traffic (bar config download) (malware.rules)
2002837 - ET WEB_SPECIFIC_APPS PmWiki Globals Variables Overwrite Attempt (web_specific_apps.rules)
2002844 - ET WEB_SERVER WebDAV search overflow (web_server.rules)
2002848 - ET VOIP SIP UDP Softphone INVITE overflow (voip.rules)
2002849 - ET WEB_SPECIFIC_APPS Google Appliance External Proxy Stylesheet (web_specific_apps.rules)
2002857 - ET TROJAN Win32.VB.aie Reporting User Activity (trojan.rules)
2002858 - ET MALWARE Fun Web Products StationaryChooser Spyware (malware.rules)
2002859 - ET TROJAN PassSickle Reporting User Activity (trojan.rules)
2002864 - ET WEB_SERVER osCommerce extras/update.php disclosure (web_server.rules)
2002867 - ET WEB_SPECIFIC_APPS Horde 3.0.9-3.1.0 Help Viewer Remote PHP Exploit (web_specific_apps.rules)
2002868 - ET WEB_SPECIFIC_APPS Horde Web Mail Help Access (web_specific_apps.rules)
2002877 - ET TROJAN TROJAN BankSnif/Nethelper User-Agent (nethelper) (trojan.rules)
2002880 - ET SNMP Cisco Non-Trap PDU request on SNMPv1 trap port (snmp.rules)
2002881 - ET SNMP Cisco Non-Trap PDU request on SNMPv2 trap port (snmp.rules)
2002882 - ET SNMP Cisco Non-Trap PDU request on SNMPv3 trap port (snmp.rules)
2002897 - ET WEB_SPECIFIC_APPS Horde README access probe (web_specific_apps.rules)
2002898 - ET WEB_SPECIFIC_APPS PHP Web Calendar Remote File Inclusion Attempt (web_specific_apps.rules)
2002899 - ET WEB_SPECIFIC_APPS PHP VWar Remote File Inclusion get_header.php (web_specific_apps.rules)
2002900 - ET WEB_SERVER CGI AWstats Migrate Command Attempt (web_server.rules)
2002902 - ET WEB_SPECIFIC_APPS PHP VWar Remote File Inclusion functions_install.php (web_specific_apps.rules)
2002926 - ET SNMP Cisco Non-Trap PDU request on SNMPv1 random port (snmp.rules)
2002927 - ET SNMP Cisco Non-Trap PDU request on SNMPv2 random port (snmp.rules)
2002928 - ET SNMP Cisco Non-Trap PDU request on SNMPv3 random port (snmp.rules)
2002938 - ET TROJAN elitekeylogger v1.0 reporting - Inbound (trojan.rules)
2002940 - ET TROJAN XP keylogger v2.1 mail report - Inbound (trojan.rules)
2002941 - ET TROJAN elitekeylogger v1.0 reporting - Outbound (trojan.rules)
2002942 - ET TROJAN XP keylogger v2.1 mail report - Outbound (trojan.rules)
2002961 - ET TROJAN Tibs Checkin 2 (trojan.rules)
2002964 - ET TROJAN Generic Spyware Update Download (trojan.rules)
2002978 - ET TROJAN Banker.Delf Infection variant 2 - Sending Initial Email to Owner (trojan.rules)
2002980 - ET TROJAN Banker.Delf Infection variant 3 - Sending Initial Email to Owner (trojan.rules)
2002982 - ET TROJAN GENERAL Possible Trojan Sending Initial Email to Owner - INFECTADO (trojan.rules)
2002983 - ET TROJAN GENERAL Possible Trojan Sending Initial Email to Owner - SUCCESSO (trojan.rules)
2002984 - ET MALWARE SpySherriff Spyware Activity (malware.rules)
2002987 - ET MALWARE Jupitersatellites.biz Spyware Download (malware.rules)
2002988 - ET MALWARE Possible Spambot Checking in to Spam (malware.rules)
2002990 - ET MALWARE Possible Spambot Pulling IP List to Spam (malware.rules)
2002991 - ET MALWARE Possible Spambot getting new exe (malware.rules)
2002999 - ET MALWARE /jk/exp.wmf Exploit Code Load Attempt (malware.rules)
2804730 - ETPRO TROJAN Trojan-Downloader.Win32.Hacyayu.ep Checkin (trojan.rules)
2816640 - ETPRO TROJAN Win32/TrojanDownloader.Banload Downloading Module (trojan.rules)
 

Date: 
Thursday, May 11, 2017 - 00:00