[***]            Summary:            [***]

4 new OPEN, 26 new PRO (4 + 22). RampantKitten, Zegost, pyAEScrypt, ServStart, Suri5 Updates.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2030895 - ET TROJAN RampantKitten APT TelB Python Variant - CnC Checkin
M1 (trojan.rules)
  2030896 - ET TROJAN Observed Malicious SSL Cert (RampantKitten CnC)
(trojan.rules)
  2030897 - ET TROJAN Observed Malicious SSL Cert (RampantKitten CnC)
(trojan.rules)
  2030898 - ET TROJAN RampantKitten APT TelB Python Variant - CnC Checkin
M2 (trojan.rules)

Pro:

  2844246 - ETPRO TROJAN Bazar Backdoor CnC Activity (trojan.rules)
  2844563 - ETPRO TROJAN MalDoc Retrieving Payload 2020-09-22 (trojan.rules)
  2844564 - ETPRO TROJAN Win32/Zegost.CQ!bit CnC Checkin (trojan.rules)
  2844565 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-09-22 1) (trojan.rules)
  2844566 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-09-22 2) (trojan.rules)
  2844567 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-09-22 3) (trojan.rules)
  2844568 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-09-22 4) (trojan.rules)
  2844569 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-09-22 5) (trojan.rules)
  2844570 - ETPRO CURRENT_EVENTS Successful Generic Compromised Wordpress
Phish 2020-09-22 (current_events.rules)
  2844571 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2020-09-22
(current_events.rules)
  2844572 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish
2020-09-22 (current_events.rules)
  2844573 - ETPRO POLICY Inbound pyAEScrypt V2 File Structure via TCP
(policy.rules)
  2844574 - ETPRO POLICY Inbound pyAEScrypt V2 File Structure via HTTP M1
(policy.rules)
  2844575 - ETPRO POLICY Outbound pyAEScrypt V2 File Structure via TCP
(policy.rules)
  2844576 - ETPRO TROJAN Casper/LEAD CnC Activity (trojan.rules)
  2844577 - ETPRO TROJAN MSIL/Remcos RAT CnC Checkin M2 (trojan.rules)
  2844578 - ETPRO TROJAN Win32/ServStart.DT CnC Activity (trojan.rules)
  2844579 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)
  2844580 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)
  2844581 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)
  2844582 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)
  2844583 - ETPRO TROJAN Observed IcedID CnC Domain in TLS SNI
(trojan.rules)

[///]     Modified active rules:     [///]

  2009203 - ET TROJAN Alman Dropper Checkin (trojan.rules)
  2015960 - ET CURRENT_EVENTS CritXPack Jar Request (current_events.rules)
  2017676 - ET CURRENT_EVENTS SUSPICIOUS lgfxsrvc.exe in URI Probable
Process Dump/Trojan Download (current_events.rules)
  2017677 - ET CURRENT_EVENTS SUSPICIOUS wimhost.exe in URI Probable
Process Dump/Trojan Download (current_events.rules)
  2017679 - ET CURRENT_EVENTS SUSPICIOUS winlog.exe in URI Probable Process
Dump/Trojan Download (current_events.rules)
  2017680 - ET CURRENT_EVENTS SUSPICIOUS waulct.exe in URI Probable Process
Dump/Trojan Download (current_events.rules)
  2017681 - ET CURRENT_EVENTS SUSPICIOUS alg.exe in URI Probable Process
Dump/Trojan Download (current_events.rules)
  2017682 - ET CURRENT_EVENTS SUSPICIOUS mssrs.exe in URI Probable Process
Dump/Trojan Download (current_events.rules)
  2017683 - ET CURRENT_EVENTS SUSPICIOUS winhosts.exe in URI Probable
Process Dump/Trojan Download (current_events.rules)
  2017700 - ET TROJAN Possible Stitur Secondary Download (trojan.rules)
  2017717 - ET TROJAN Trojan.BlackRev Botnet Monitor Request CnC Beacon
(trojan.rules)
  2017723 - ET TROJAN Trojan.BlackRev Botnet Command Request CnC Beacon
(trojan.rules)
  2017734 - ET WEB_SERVER WEBSHELL pwn.jsp shell (web_server.rules)
  2017741 - ET TROJAN Kryptik Check-in (trojan.rules)
  2017801 - ET WEB_SPECIFIC_APPS PeopleSoft Portal Command with Default
Creds (web_specific_apps.rules)
  2017820 - ET WEB_SERVER IIS ISN BackDoor Command GetLog (web_server.rules)
  2017842 - ET CURRENT_EVENTS SUSPICIOUS winhost(32|64).exe in URI
(current_events.rules)
  2017843 - ET CURRENT_EVENTS SUSPICIOUS pony.exe in URI
(current_events.rules)
  2017858 - ET TROJAN W32/Ke3chang.BMW.APT Campaign CnC Beacon
(trojan.rules)
  2017875 - ET WEB_SERVER Coldfusion cfcexplorer Directory Traversal
(web_server.rules)
  2017950 - ET SCAN FOCA uri (scan.rules)
  2017967 - ET TROJAN StartPage jsp checkin (trojan.rules)
  2017968 - ET INFO Suspicious Possible Process Dump in POST body
(info.rules)
  2017972 - ET TROJAN ICEFOG JAVAFOG JAR checkin (trojan.rules)
  2018021 - ET POLICY myip.ru IP lookup (policy.rules)
  2018023 - ET TROJAN W32/LockscreenBEI.Scareware Cnc Beacon (trojan.rules)
  2018056 - ET WEB_SERVER Possible XXE SYSTEM ENTITY in POST BODY.
(web_server.rules)
  2018074 - ET TROJAN Win32/StoredBt.A Activity (trojan.rules)
  2018113 - ET WEB_SERVER Apache Tomcat Boundary Overflow DOS/File Upload
Attempt (web_server.rules)
  2018128 - ET TROJAN Infostealer.Jackpos Checkin 2 (trojan.rules)
  2018198 - ET TROJAN Win32/Kryptik.BSYO Checkin 2 (trojan.rules)
  2018201 - ET TROJAN Downloader.Win32.Geral Checkin (trojan.rules)
  2030894 - ET TROJAN Win32/Injector.ENIU Variant Stealer Activity (POST)
(trojan.rules)
  2800696 - ETPRO EXPLOIT Microsoft Word mso.dll LsCreateLine Memory
Corruption (Published Exploit) DOC DOWNLOAD (exploit.rules)
  2801453 - ETPRO TROJAN Suspicious UA likely Banload Trojan Related
(trojan.rules)
  2806274 - ETPRO POLICY Torrent Client zona.ru Install (policy.rules)
  2806476 - ETPRO TROJAN Trojan-Spy/W32.Banker.990208.K Checkin
(trojan.rules)
  2806684 - ETPRO TROJAN Rogue.Win32/Winwebsec Install 6 (trojan.rules)
  2806690 - ETPRO TROJAN Trojan.Win32.Offend.buevtu Checkin (trojan.rules)
  2806691 - ETPRO TROJAN Win32/Spy.Banker.USD Checkin (trojan.rules)
  2806692 - ETPRO TROJAN TR/Spy.Banker.Gen Checkin (trojan.rules)
  2806693 - ETPRO TROJAN Trojan-Downloader.Win32.Delf.vrx Checkin
(trojan.rules)
  2806694 - ETPRO TROJAN Win32/Hupigon.DD Checkin (trojan.rules)
  2806700 - ETPRO TROJAN Trojan.Win32.Scar.gv Checkin (trojan.rules)
  2806813 - ETPRO TROJAN Win32/Surldoe.gen!A Checkin (trojan.rules)
  2806912 - ETPRO TROJAN Win32.Worm.Fujacks.CX Checkin (trojan.rules)
  2807184 - ETPRO TROJAN Trojan.Agent-303413 Checkin (trojan.rules)
  2807185 - ETPRO TROJAN Win32/Kryptik.EAU Checkin (trojan.rules)
  2807189 - ETPRO TROJAN Trojan-Ransom.Win32.Foreign.hezc Checkin
(trojan.rules)
  2807213 - ETPRO WEB_CLIENT CVE-2013-3908 IE information disclosure
(web_client.rules)
  2807219 - ETPRO TROJAN Banker-KNV Checkin (trojan.rules)
  2807224 - ETPRO TROJAN Trojan.Win32.Generic!SB.0 Checkin (trojan.rules)
  2807227 - ETPRO TROJAN Win32/Emudbot.A Checkin (trojan.rules)
  2807229 - ETPRO TROJAN Win32/Injector.AQEX Checkin (trojan.rules)
  2807233 - ETPRO TROJAN Trojan.Spy.Zbot-142 Checkin (trojan.rules)
  2807242 - ETPRO TROJAN Trojan-Ransom.Win32.Blocker.cvyk Checkin
(trojan.rules)
  2807250 - ETPRO TROJAN Backdoor.Win32.Delf.gw Checkin (trojan.rules)
  2807252 - ETPRO TROJAN Backdoor.Win32.Androm.baqr Checkin (trojan.rules)
  2807253 - ETPRO TROJAN Win32/Injector.UYN Checkin (trojan.rules)
  2807254 - ETPRO TROJAN Trojan.Win32.Cosmu.cdqg Checkin (trojan.rules)
  2807256 - ETPRO TROJAN Backdoor.Win32.RShot.edi Checkin (trojan.rules)
  2807257 - ETPRO TROJAN Trojan/Qhost.ofu Checkin (trojan.rules)
  2807258 - ETPRO TROJAN Trojan.Win32.Cossta.dsa Checkin (trojan.rules)
  2807260 - ETPRO TROJAN Trojan-Proxy.Win32.Daemonize.ac Checkin
(trojan.rules)
  2807261 - ETPRO TROJAN Win32/AgentBypass.gen!K Checkin 2 (trojan.rules)
  2807262 - ETPRO TROJAN Win32/Heloag.A Checkin 2 (trojan.rules)
  2807265 - ETPRO TROJAN Variant.Kazy.180694 Checkin (trojan.rules)
  2807266 - ETPRO MOBILE_MALWARE Trojan-FakeAV.AndroidOS.Mpav.a Checkin
(mobile_malware.rules)
  2807268 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Smbot.a Checkin
(mobile_malware.rules)
  2807269 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Smbot.a Checkin 2
(mobile_malware.rules)
  2807272 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.m Checkin 2
(mobile_malware.rules)
  2807274 - ETPRO TROJAN Trojan-Downloader.Win32.Genome.chnv Checkin
(trojan.rules)
  2807280 - ETPRO TROJAN Variant.Kazy.209933 (trojan.rules)
  2807281 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.DroidAp.a Checkin
(mobile_malware.rules)
  2807282 - ETPRO MOBILE_MALWARE Android/JSmsHider.D Checkin
(mobile_malware.rules)
  2807285 - ETPRO TROJAN Trojan.Win32.Fsysna.dwp Checkin (trojan.rules)
  2807286 - ETPRO TROJAN Win32/HackTool.BruteForce.FZ Checkin (trojan.rules)
  2807289 - ETPRO TROJAN Trojan-PSW.Win32.Fareit.amcm Checkin (trojan.rules)
  2807291 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.d Checkin
(mobile_malware.rules)
  2807305 - ETPRO EXPLOIT Apache Roller OGNL Injection (exploit.rules)
  2807307 - ETPRO TROJAN Win32/Ursap!rts Checkin (trojan.rules)
  2807309 - ETPRO TROJAN Trojan.Win32.Badur.einv Checkin (trojan.rules)
  2807310 - ETPRO TROJAN Trojan-Downloader.Win32.Dofoil.rds Checkin
(trojan.rules)
  2807313 - ETPRO TROJAN Trojan.Win32.Badur.fmyf Checkin (trojan.rules)
  2807316 - ETPRO TROJAN Trojan.Script.Agent.clxwyr PDF Checkin
(trojan.rules)
  2807318 - ETPRO TROJAN Trojan.Win32.Bicololo.asza Checkin (trojan.rules)
  2807319 - ETPRO TROJAN Win32/Chir.D Checkin (trojan.rules)
  2807320 - ETPRO TROJAN W32/Agent.HPEQ!tr Checkin (trojan.rules)
  2807322 - ETPRO TROJAN Win32/Bancos.gen!AJM Checkin (trojan.rules)
  2807324 - ETPRO TROJAN Worm.Foldnoci.A Checkin (trojan.rules)
  2807331 - ETPRO TROJAN Trojan.PWS.Banker1.11627 Checkin (trojan.rules)
  2807332 - ETPRO TROJAN Trojan.Click2.59898 Checkin (trojan.rules)
  2807335 - ETPRO TROJAN Win32/Stubby.C Checkin (trojan.rules)
  2807341 - ETPRO TROJAN W32/Injector.UA!tr Checkin (trojan.rules)
  2807342 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Cova.b Checkin
(mobile_malware.rules)
  2807351 - ETPRO TROJAN Win32/TrojanDownloader.VB.QHO Checkin
(trojan.rules)
  2807352 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.bo Checkin 2
(mobile_malware.rules)
  2807354 - ETPRO MOBILE_MALWARE Android/DroidDream.D Checkin
(mobile_malware.rules)
  2807356 - ETPRO MOBILE_MALWARE Android/Agent.D Checkin 2
(mobile_malware.rules)
  2807360 - ETPRO MALWARE FlyStudio.F Checkin (malware.rules)
  2807362 - ETPRO TROJAN SPY.KeyLogger.N Checkin (trojan.rules)
  2807366 - ETPRO TROJAN Win32/TrojanDownloader.Delf.RYB Download
(trojan.rules)
  2807369 - ETPRO TROJAN Trojan.Win32.Bicololo.avsj Checkin (trojan.rules)
  2807374 - ETPRO TROJAN Trojan-Downloader.Win32.Banload.cplz Checkin
(trojan.rules)
  2807375 - ETPRO TROJAN Startpage.GTGD Checkin (trojan.rules)
  2807376 - ETPRO TROJAN Trojan.Win32.StartPage.pm Download (trojan.rules)
  2807378 - ETPRO TROJAN Trojan.Win32.VB.cjzn Checkin (trojan.rules)
  2807379 - ETPRO TROJAN Trojan.Win32.Badur.acfn Checkin (trojan.rules)
  2807380 - ETPRO TROJAN Win32/Injector.Autoit.ZZ Checkin (trojan.rules)
  2807381 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Lien.a Checkin
(mobile_malware.rules)
  2807383 - ETPRO TROJAN Trojan/Win32.Zbot Variant 2 (trojan.rules)
  2807386 - ETPRO TROJAN Win32/PSW.VB.NME Checkin (trojan.rules)
  2807389 - ETPRO POLICY Bitcoin Mining Download (policy.rules)
  2807395 - ETPRO TROJAN Win32.Badur.fyss Checkin (trojan.rules)
  2807396 - ETPRO TROJAN Win32/Jabxin.A Checkin (trojan.rules)
  2807398 - ETPRO TROJAN Win32/Swami.B Checkin (trojan.rules)
  2807402 - ETPRO TROJAN Variant.Symmi.8661 (trojan.rules)
  2807404 - ETPRO TROJAN PWS.y!wu Checkin (trojan.rules)
  2807414 - ETPRO TROJAN Win32/Setfic.A Checkin (trojan.rules)
  2807415 - ETPRO TROJAN W32/FakeAV.AM!genr Download (trojan.rules)
  2807416 - ETPRO TROJAN W32/FakeAV.AM!genr Download 2 (trojan.rules)
  2807417 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Faketoken.a
Checkin (mobile_malware.rules)
  2807419 - ETPRO TROJAN Trojan.Heur.DP.cmGfaei39gg Checkin (trojan.rules)
  2807420 - ETPRO TROJAN Win32/Poison.E Checkin 2 (trojan.rules)
  2807431 - ETPRO TROJAN Win32/Agent.QCD Checkin (trojan.rules)
  2807432 - ETPRO TROJAN Win32/Agent.QCD Checkin 2 (trojan.rules)
  2807445 - ETPRO MOBILE_MALWARE Android/Spy.Agent.AF Checkin
(mobile_malware.rules)
  2807448 - ETPRO TROJAN Trojan-Dropper.Win32.Kromeser.a Checkin
(trojan.rules)
  2807456 - ETPRO TROJAN Variant.Kazy.199307 Checkin (trojan.rules)
  2807457 - ETPRO TROJAN Trojan-Downloader.Win32.Genome.fjtg Checkin
(trojan.rules)
  2807461 - ETPRO TROJAN Net-Worm.Win32.Koobface.ght Checkin (trojan.rules)
  2807483 - ETPRO TROJAN Win32/Hostil.B Checkin (trojan.rules)
  2807497 - ETPRO TROJAN Virus.Win32.Virut.ce Checkin 3 (trojan.rules)
  2807498 - ETPRO TROJAN Virus.Win32.Virut.ce Checkin 4 (trojan.rules)
  2807501 - ETPRO TROJAN Win32/Spy.Banker.ZSX Download (trojan.rules)
  2807504 - ETPRO MOBILE_MALWARE AndroidOS/GGSmart.A Checkin
(mobile_malware.rules)
  2807510 - ETPRO TROJAN MSIL/Injector.BTM Checkin (trojan.rules)
  2807513 - ETPRO TROJAN Chifrax.akz Checkin (trojan.rules)
  2807522 - ETPRO MOBILE_MALWARE Android/Spy.Zitmo.B Checkin 2
(mobile_malware.rules)
  2807533 - ETPRO MOBILE_MALWARE AndroidOS/Cosha.A / Android/Lovetrap.A
Checkin 2 (mobile_malware.rules)
  2807536 - ETPRO MOBILE_MALWARE Android/Spy.Zitmo.A Checkin 2
(mobile_malware.rules)
  2807537 - ETPRO TROJAN Trojan-Ransom.Win32.Blocker.ahhr Checkin
(trojan.rules)
  2807555 - ETPRO TROJAN Trojan.Win32.Inject.gxdp Checkin (trojan.rules)
  2807556 - ETPRO TROJAN Win32/Spy.Banker.ZMS Checkin (trojan.rules)
  2807557 - ETPRO TROJAN Win32.Viking.AR payload attempt (trojan.rules)
  2807558 - ETPRO TROJAN Trojan-PSW.Win32.VB.dks Checkin (trojan.rules)
  2807584 - ETPRO TROJAN Heur.MSIL.Krypt.2 Checkin (trojan.rules)
  2807601 - ETPRO TROJAN Trojan.Win32.Agent.adtqf Checkin (trojan.rules)
  2807603 - ETPRO TROJAN Trojan-Dropper.Win32.Injector.ijtz Checkin
(trojan.rules)
  2807604 - ETPRO TROJAN W32/Jiwerks.A Checkin 2 (trojan.rules)
  2807613 - ETPRO TROJAN Win32/Unis at mm Download (trojan.rules)
  2807615 - ETPRO TROJAN Win32/AgentBypass.gen!G Checkin 3 (trojan.rules)
  2807623 - ETPRO TROJAN Trojan/AVKill.ar Checkin (trojan.rules)
  2807628 - ETPRO TROJAN Trojan.Win32.Invader Checkin (trojan.rules)
  2807631 - ETPRO TROJAN Trojan-Downloader.Banload Checkin 2 (trojan.rules)
  2807633 - ETPRO TROJAN Trojan-Downloader.Win32.Genome.dxlw Checkin
(trojan.rules)
  2807635 - ETPRO TROJAN Trojan/Win32.Qhost Checkin (trojan.rules)
  2807663 - ETPRO TROJAN Trojan-Ransom.Win32.Blocker.aqkg Checkin
(trojan.rules)
  2807664 - ETPRO TROJAN Trojan.Win32.Badur.gqit Checkin (trojan.rules)
  2807670 - ETPRO TROJAN Trojan.Win32.Badur.gizu Checkin (trojan.rules)
  2807673 - ETPRO TROJAN Trojan-Downloader.Win32.Boltolog.pfv Checkin
(trojan.rules)
  2807680 - ETPRO TROJAN Trojan.Win32.Agentb.aoig Checkin (trojan.rules)
  2807681 - ETPRO TROJAN Worm.Win32.AutoRun.bjxd Checkin (trojan.rules)
  2807699 - ETPRO TROJAN Trojan.Win32.Buzus.mucu Checkin (trojan.rules)
  2807700 - ETPRO TROJAN Win32/Horst.Q Checkin (trojan.rules)
  2807703 - ETPRO TROJAN Trojan-Clicker.Win32.Delf.cg Checkin (trojan.rules)
  2807709 - ETPRO MOBILE_MALWARE Android/iBanking.bot (mobile_malware.rules)
  2807714 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeMart.a Checkin
(mobile_malware.rules)
  2807715 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeMart.a Checkin 2
(mobile_malware.rules)
  2807726 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fb Checkin
(mobile_malware.rules)
  2807727 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fb Checkin 2
(mobile_malware.rules)
  2807728 - ETPRO MOBILE_MALWARE Android/52Loc.B Checkin
(mobile_malware.rules)
  2807729 - ETPRO MOBILE_MALWARE Android/52Loc.B Download
(mobile_malware.rules)
  2807732 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Gizmo.a Checkin
(mobile_malware.rules)
  2807734 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.bo Checkin 3
(mobile_malware.rules)
  2807735 - ETPRO TROJAN Worm.Win32.AutoRun.cwvx Checkin (trojan.rules)
  2807736 - ETPRO TROJAN Trojan-Proxy.Win32.Agent.gob Checkin (trojan.rules)
  2807745 - ETPRO TROJAN Trojan.Win32.Jorik.Slenfbot.app Checkin
(trojan.rules)
  2807747 - ETPRO TROJAN Trojan-Ransom.Win32.Agent.hzq Checkin
(trojan.rules)
  2807748 - ETPRO MOBILE_MALWARE Android/SMSreg.AO Checkin
(mobile_malware.rules)
  2807749 - ETPRO TROJAN Backdoor.Win32/Xtrat.A Possbile Plugin Download
(trojan.rules)
  2807751 - ETPRO TROJAN Win32/Enchanim.gen!B Checkin (trojan.rules)
  2807752 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Helir.a Checkin
(mobile_malware.rules)
  2807754 - ETPRO TROJAN Trojan-Downloader.Win32.Adload.dyjd Checkin
(trojan.rules)
  2826222 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules)
  2839384 - ETPRO CURRENT_EVENTS Successful Prima Banka Phish 2019-11-12
(current_events.rules)
  2839924 - ETPRO TROJAN RampantKitten APT - Stealer Payload Uploading to
FTP (trojan.rules)

[---]  Disabled and modified rules:  [---]

  2807421 - ETPRO TROJAN Trojan.Win32.Agent.aev Checkin (trojan.rules)
  2807452 - ETPRO TROJAN Trojan-Clicker.Win32.Agent.aaut Checkin 2
(trojan.rules)
  2807455 - ETPRO TROJAN Win32/PSW.Delf.OIL Checkin (trojan.rules)
  2807477 - ETPRO TROJAN Trojan-Downloader.Win32.Agent.bofr Checkin
(trojan.rules)
  2807484 - ETPRO TROJAN SHeur4.BHUE Checkin (trojan.rules)
  2807490 - ETPRO TROJAN Trojan-Dropper.Win32.Sysn.aajj Checkin
(trojan.rules)
  2807494 - ETPRO TROJAN Trojan-Dropper.Win32.Sysn.aajj Checkin 2
(trojan.rules)
  2807500 - ETPRO TROJAN Trojan-Downloader.Win32.Agent.aah Checkin
(trojan.rules)
  2807571 - ETPRO TROJAN W32/Agent.EW.gen Checkin (trojan.rules)
  2807666 - ETPRO TROJAN Virus.Win32.Virut.ce Checkin 5 (trojan.rules)

[---]         Removed rules:         [---]

  2844246 - ETPRO MALWARE Bazar Backdoor CnC Activity (malware.rules)

Date:
Summary title:
4 new OPEN, 26 new PRO (4 + 22). RampantKitten, Zegost, pyAEScrypt, ServStart, Suri5 Updates.