[***] Summary: [***]
21 new OPEN, 50 new PRO (21 + 29). HPDM Backdoor, SLOTHFULMEDIA RAT, XDSpy, MPD, and VARIOUS PHISHING, CoinMiners and Webshells.
Thanks: @nickstadb, @travisbgreen, @Garfield, @MsRebeccaBlack.
TIIF
Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Open:
2030941 - ET WEB_SERVER Generic Webshell Accessed on Internal Compromised
Server (web_server.rules)
2030942 - ET WEB_CLIENT Generic Webshell Accessed on External Compromised
Server (web_client.rules)
2030943 - ET CURRENT_EVENTS Mailgun Phishing Landing
(current_events.rules)
2030944 - ET WEB_SERVER Generic Webshell Accessed on Internal Compromised
Server (web_server.rules)
2030945 - ET WEB_CLIENT Generic Webshell Accessed on External Compromised
Server (web_client.rules)
2030946 - ET WEB_SERVER Generic Webshell Accessed on Internal Compromised
Server (web_server.rules)
2030947 - ET WEB_CLIENT Generic Webshell Accessed on External Compromised
Server (web_client.rules)
2030948 - ET WEB_SERVER Generic Webshell Accessed on Internal Compromised
Server (web_server.rules)
2030949 - ET WEB_CLIENT Generic Webshell Accessed on External Compromised
Server (web_client.rules)
2030950 - ET WEB_SERVER Generic Webshell Accessed on Internal Compromised
Server (web_server.rules)
2030951 - ET WEB_CLIENT Generic Webshell Accessed on External Compromised
Server (web_client.rules)
2030952 - ET WEB_SERVER Generic Webshell Accessed on Internal Compromised
Server (web_server.rules)
2030953 - ET WEB_CLIENT Generic Webshell Accessed on External Compromised
Server (web_client.rules)
2030954 - ET TROJAN XDMonitor Sending Debug Messages (trojan.rules)
2030955 - ET TROJAN XDUpload Uploading Directory Listting (trojan.rules)
2030956 - ET TROJAN XDUpload Uploading Files (trojan.rules)
2030957 - ET TROJAN XDUpload Sending File Upload Progress (trojan.rules)
2030958 - ET TROJAN XDUpload Sending Screenshot Upload Progress
(trojan.rules)
2030959 - ET TROJAN XDMonitor Checkin Activity (trojan.rules)
2030960 - ET TROJAN SLOTHFULMEDIA RAT CnC (POST) (trojan.rules)
2030961 - ET EXPLOIT [401TRG] HPDM Backdoor Login (exploit.rules)
Pro:
2844729 - ETPRO TROJAN Observed Malicious SSL Cert (EvolvedThief CnC)
(trojan.rules)
2844730 - ETPRO TROJAN MalDoc Retrieving Payload 2020-10-02 (trojan.rules)
2844731 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-10-02 1) (trojan.rules)
2844732 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-10-02 2) (trojan.rules)
2844733 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-10-02 3) (trojan.rules)
2844734 - ETPRO CURRENT_EVENTS Successful Chase Phish 2020-10-02
(current_events.rules)
2844735 - ETPRO CURRENT_EVENTS Successful Poste Italiane Phish 2020-10-02
(current_events.rules)
2844736 - ETPRO CURRENT_EVENTS Successful Zimbra Phish 2020-10-02
(current_events.rules)
2844737 - ETPRO CURRENT_EVENTS Successful Banco Intesa SanPaolo Phish
2020-10-02 (current_events.rules)
2844738 - ETPRO CURRENT_EVENTS Successful Godaddy Webmail Phish 2020-10-02
(current_events.rules)
2844739 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2020-10-02 (current_events.rules)
2844740 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2020-10-02 (current_events.rules)
2844741 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2020-10-02 (current_events.rules)
2844742 - ETPRO CURRENT_EVENTS Possible Successful Barclays Bank Phish
2020-10-02 (current_events.rules)
2844743 - ETPRO CURRENT_EVENTS Possible Successful Halifax Bank Phish
2020-10-02 (current_events.rules)
2844744 - ETPRO CURRENT_EVENTS Possible Successful HSBC UK Bank Phish
2020-10-02 (current_events.rules)
2844745 - ETPRO CURRENT_EVENTS Possible Successful Nationwide UK Bank
Phish 2020-10-02 (current_events.rules)
2844746 - ETPRO CURRENT_EVENTS Possible Successful TSB UK Bank Phish
2020-10-02 (current_events.rules)
2844747 - ETPRO CURRENT_EVENTS Possible Successful Natwest Bank Phish
2020-10-02 (current_events.rules)
2844748 - ETPRO CURRENT_EVENTS Possible Successful RBS Digital Bank Phish
2020-10-02 (current_events.rules)
2844749 - ETPRO CURRENT_EVENTS Possible Successful Tesco Bank Phish
2020-10-02 (current_events.rules)
2844750 - ETPRO CURRENT_EVENTS Successful Mailgun Phish 2020-10-02
(current_events.rules)
2844751 - ETPRO TROJAN MPD CnC Host Checkin (trojan.rules)
2844752 - ETPRO TROJAN MPD CnC Client Status Activity (trojan.rules)
2844753 - ETPRO MALWARE Patch My PC Activity (malware.rules)
2844754 - ETPRO USER_AGENTS Patch My PC UA (user_agents.rules)
2844755 - ETPRO USER_AGENTS Patch My PC UA (user_agents.rules)
2844756 - ETPRO TROJAN Win32/Remcos RAT Checkin 550 (trojan.rules)
2844757 - ETPRO TROJAN Malicious SSL Certificate detected (AZORult CnC)
(trojan.rules)
[///] Modified active rules: [///]
2017821 - ET WEB_SERVER IIS ISN BackDoor Command Delete Log
(web_server.rules)
2017822 - ET WEB_SERVER IIS ISN BackDoor Command Get Logpath
(web_server.rules)
2018402 - ET CURRENT_EVENTS DRIVEBY Possible Goon/Infinity/Magnitude EK
SilverLight Exploit (current_events.rules)
2021162 - ET POLICY External IP Lookup - ip2location.com (policy.rules)
2021184 - ET TROJAN APT Backspace CnC Beacon (trojan.rules)
2021188 - ET TROJAN KeyBase Keylogger Checkin (trojan.rules)
2021213 - ET TROJAN Win32/Zacom.A CnC Beacon 1 (trojan.rules)
2021250 - ET POLICY Possible External IP Lookup ip.webmasterhome.cn
(policy.rules)
2021261 - ET TROJAN Win32/Chinad Retrieving Config (trojan.rules)
2021274 - ET TROJAN Backdoor.Elise CnC Beacon 1 M1 (trojan.rules)
2021292 - ET CURRENT_EVENTS KaiXin Secondary Landing Page
(current_events.rules)
2021371 - ET POLICY Possible External IP Lookup www.whatsmyip.us
(policy.rules)
2021386 - ET MOBILE_MALWARE Android BatteryBotPro Checkin
(mobile_malware.rules)
2021387 - ET MOBILE_MALWARE Android BatteryBotPro Checkin 2
(mobile_malware.rules)
2021399 - ET TROJAN Matsnu Checkin (trojan.rules)
2021403 - ET TROJAN W32/Banload.VZS Banker POST CnC Beacon 1
(trojan.rules)
2021408 - ET EXPLOIT AirLive RCI HTTP Request (exploit.rules)
2021414 - ET CURRENT_EVENTS Suspicious SWF filename movie(dot)swf in doc
root (current_events.rules)
2021520 - ET TROJAN KINS/ZeusVM Variant CnC Beacon (trojan.rules)
2021532 - ET TROJAN W2KM_BARTALEX Downloading Payload M2 (trojan.rules)
2021550 - ET POLICY External IP Lookup trackip.net (policy.rules)
2021552 - ET CURRENT_EVENTS Possible Malicious Redirect 8x8 script tag URI
struct (current_events.rules)
2021570 - ET TROJAN Sakula/Mivast RAT CnC Beacon 7 (trojan.rules)
2021608 - ET TROJAN Win32.Androm.gnlb Checkin (trojan.rules)
2025089 - ET TROJAN Vawtrak/NeverQuest CnC Beacon (trojan.rules)
2806808 - ETPRO MOBILE_MALWARE AndroidOS/GingerMaster.B
(mobile_malware.rules)
2807010 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.u Checkin 2
(mobile_malware.rules)
2807306 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fc Checkin
(mobile_malware.rules)
2808003 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Uten.b Checkin
(mobile_malware.rules)
2808885 - ETPRO MOBILE_MALWARE AndroidOS/GGTracker.A Checkin 3
(mobile_malware.rules)
2809387 - ETPRO TROJAN Win32/PSW.Papras.DS Checkin (trojan.rules)
2809459 - ETPRO MOBILE_MALWARE Android/Adware.AirPush.J Checkin
(mobile_malware.rules)
2809584 - ETPRO MOBILE_MALWARE Android.Trojan.Banker.Z Checkin
(mobile_malware.rules)
2810137 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.FS Checkin
(mobile_malware.rules)
2810174 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.sx Checkin
(mobile_malware.rules)
2810889 - ETPRO TROJAN DiamondFox Retrieving Modules (trojan.rules)
2810890 - ETPRO TROJAN DiamondFox HTTP POST CnC Beacon (trojan.rules)
2811155 - ETPRO MOBILE_MALWARE Trojan.Android.Clicker.M Checkin
(mobile_malware.rules)
2811224 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.dw Checkin 2
(mobile_malware.rules)
2811226 - ETPRO EXPLOIT Synology DiskStation Manager XSS Attempt
(exploit.rules)
2811245 - ETPRO TROJAN Papras Variant CnC (trojan.rules)
2811324 - ETPRO TROJAN TrojanProxy.Mediana.q Proxy CnC Online Checkin
(trojan.rules)
2811336 - ETPRO TROJAN KeyBase Keylogger Reporting Keystrokes
(trojan.rules)
2811365 - ETPRO TROJAN KeyBase Keylogger Reporting Passwords
(trojan.rules)
2811371 - ETPRO TROJAN Ransom.Win32.Simlosap/Cryakl Checkin (trojan.rules)
2811386 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Smaps.a Checkin
(mobile_malware.rules)
2811420 - ETPRO MOBILE_MALWARE Android-PUP/SmsReg.dd57 Checkin
(mobile_malware.rules)
2811427 - ETPRO TROJAN Win32/Spy.Banker.ACDS CnC Beacon (trojan.rules)
2811430 - ETPRO WEB_SPECIFIC_APPS Joomla EQ Event Calendar SQLi Attempt
(web_specific_apps.rules)
2811462 - ETPRO TROJAN MSIL/TrojanClicker.Agent.NKC CnC Beacon
(trojan.rules)
2811477 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fe Checkin
(mobile_malware.rules)
2811487 - ETPRO TROJAN Alphacrypt CnC Beacon (trojan.rules)
2811501 - ETPRO TROJAN Possible MSIL/Habbo.A Downloading Modules
(trojan.rules)
2811576 - ETPRO TROJAN Win32/Agent.QGB CnC Beacon (trojan.rules)
2811581 - ETPRO TROJAN Kryptik.EAU/FakeScanti Malformed Checkin
(trojan.rules)
2811591 - ETPRO MOBILE_MALWARE Adware.AndroidOS.AirPush.a Checkin 3
(mobile_malware.rules)
2811632 - ETPRO MOBILE_MALWARE Android/AdDisplay.Youmi.H Checkin
(mobile_malware.rules)
2811634 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.de Checkin
(mobile_malware.rules)
2811712 - ETPRO TROJAN Banload Variant Checkin (trojan.rules)
2811735 - ETPRO EXPLOIT Huawei Home Gateway Password Disclosure/Change
(exploit.rules)
2811736 - ETPRO TROJAN Fobber Checkin (trojan.rules)
2811739 - ETPRO MOBILE_MALWARE Android/Qysly.A Checkin
(mobile_malware.rules)
2811741 - ETPRO MOBILE_MALWARE Android/SMSreg.KU Checkin 3
(mobile_malware.rules)
2811750 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.ep Checkin 3
(mobile_malware.rules)
2811788 - ETPRO WEB_SPECIFIC_APPS ipTIME firmware < 9.58 RCE
(web_specific_apps.rules)
2811803 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.ms Checkin
(mobile_malware.rules)
2811815 - ETPRO MOBILE_MALWARE Android/AdDisplay.Dowgin.AC Checkin
(mobile_malware.rules)
2811816 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.HX Checkin
(mobile_malware.rules)
2811817 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Sopes.a Checkin
(mobile_malware.rules)
2811825 - ETPRO WEB_SPECIFIC_APPS WP Albo Pretorio Plugin 3.2 SQLi Attempt
(web_specific_apps.rules)
2811858 - ETPRO MOBILE_MALWARE Android.Trojan.Banker.AP Checkin
(mobile_malware.rules)
2811885 - ETPRO TROJAN Unknown APT Downloader retrieving payload
(trojan.rules)
2811897 - ETPRO TROJAN Unknown Downloader observed dling APT malware
(trojan.rules)
2811901 - ETPRO TROJAN Chthonic CnC Beacon 8 (trojan.rules)
2811930 - ETPRO TROJAN Likely Dyre Downloading Additional Payload
(trojan.rules)
2811969 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.FD Checkin
(mobile_malware.rules)
2811972 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Uranico.a Checkin
(mobile_malware.rules)
2811975 - ETPRO TROJAN Xtrat/xRAT CnC Beacon (trojan.rules)
2811980 - ETPRO TROJAN Python/Searcher CnC Beacon (trojan.rules)
2811981 - ETPRO MOBILE_MALWARE Android/AdDisplay.Fictus.B Checkin
(mobile_malware.rules)
2811982 - ETPRO TROJAN Python/Liberpy.A CnC Beacon (trojan.rules)
2811996 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.aj Checkin 2
(mobile_malware.rules)
2811997 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.aj Checkin 3
(mobile_malware.rules)
2812019 - ETPRO TROJAN Python.a Checkin 2 (trojan.rules)
2812022 - ETPRO TROJAN Python/Agent.G CnC Beacon (trojan.rules)
2812026 - ETPRO MOBILE_MALWARE Android.Trojan.Ansupv.B Checkin
(mobile_malware.rules)
2812038 - ETPRO TROJAN Win32/Parite Variant Checkin (trojan.rules)
2812046 - ETPRO TROJAN AlphaCrypt CnC Beacon 2 (trojan.rules)
2812069 - ETPRO WEB_SPECIFIC_APPS Possible LFI/LFD Joomla
configuration.php Filename in URL (web_specific_apps.rules)
2812070 - ETPRO WEB_SPECIFIC_APPS Possible LFI/LFD Joomla
configuration.php Filename in URL (web_specific_apps.rules)
2812071 - ETPRO WEB_SPECIFIC_APPS Possible LFI/LFD Joomla
configuration.php Filename in URL (web_specific_apps.rules)
2812079 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.BQ Checkin
(mobile_malware.rules)
2812084 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Celular.a Checkin
(mobile_malware.rules)
2812085 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Celular.a Checkin 2
(mobile_malware.rules)
2812154 - ETPRO TROJAN MSIL/Grelog.A Checkin (trojan.rules)
2812159 - ETPRO MOBILE_MALWARE Android/AdDisplay.Fictus.B Checkin 2
(mobile_malware.rules)
2812202 - ETPRO MOBILE_MALWARE Android/TrojanSMS.FakeInst.GK Checkin
(mobile_malware.rules)
2812228 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ff Checkin
(mobile_malware.rules)
2812271 - ETPRO MOBILE_MALWARE Android/Agent.LG Checkin
(mobile_malware.rules)
2812288 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.NqShield.a Checkin
(mobile_malware.rules)
2812289 - ETPRO MOBILE_MALWARE Android/SMForw.DC Checkin
(mobile_malware.rules)
2812305 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.hb Checkin
(mobile_malware.rules)
2812312 - ETPRO TROJAN Win32/Backdoor.Androm.hojp Activity (trojan.rules)
2812330 - ETPRO MOBILE_MALWARE Android/AdDisplay.Izp.B Checkin
(mobile_malware.rules)
2812399 - ETPRO TROJAN Infostealer.Banker.C CnC Beacon (trojan.rules)
2812427 - ETPRO MOBILE_MALWARE Android/Agent.FC Checkin
(mobile_malware.rules)
2812435 - ETPRO CURRENT_EVENTS Suspicious Pastebin Base64 Encoded Response
(current_events.rules)
2812476 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Wroba.e Checkin 2
(mobile_malware.rules)
2812478 - ETPRO WEB_CLIENT Possible CoreImpact Client Java Exploit In
Progress (Pens Being Tested or Possible RocketKitten) M1 (web_client.rules)
2812479 - ETPRO WEB_CLIENT Possible CoreImpact Client Java Exploit In
Progress (Pens Being Tested or Possible RocketKitten) M2 (web_client.rules)
2812490 - ETPRO MOBILE_MALWARE Android/Monitor.Beycont.A Checkin
(mobile_malware.rules)
2812513 - ETPRO TROJAN Win32/Blakamba Checkin (trojan.rules)
2812521 - ETPRO TROJAN Ursnif Retrieving US Constitution for DGA
(trojan.rules)
2812526 - ETPRO TROJAN PlugX CnC Beacon (trojan.rules)
2812545 - ETPRO MOBILE_MALWARE Android/Fadeb.K Checkin
(mobile_malware.rules)
2812620 - ETPRO TROJAN Ixeshe GIF CnC Beacon (trojan.rules)
2812621 - ETPRO TROJAN Win32/Ixeshe HTTP CnC Beacon (trojan.rules)
2812632 - ETPRO MOBILE_MALWARE Android/JSmsHider.P Checkin
(mobile_malware.rules)
2812635 - ETPRO TROJAN OnionDuke CnC Beacon 1 (trojan.rules)
2812636 - ETPRO TROJAN OnionDuke CnC Beacon 2 (trojan.rules)
2812637 - ETPRO TROJAN OnionDuke CnC Beacon 3 (trojan.rules)
2812638 - ETPRO TROJAN OnionDuke CnC Beacon 4 (trojan.rules)
2812639 - ETPRO TROJAN OnionDuke CnC Beacon 5 (trojan.rules)
2812653 - ETPRO MOBILE_MALWARE Android.Trojan.SmsSpy.JQ Checkin
(mobile_malware.rules)
2812664 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Kcuf.a Checkin
(mobile_malware.rules)
[---] Disabled and modified rules: [---]
2021214 - ET TROJAN Win32/Zacom.A CnC Beacon 2 (trojan.rules)
2021284 - ET TROJAN W2KM_BARTALEX Downloading Payload (trojan.rules)
2021300 - ET TROJAN Downloader.Win32.Adload (KaiXin Payload) Checkin
(trojan.rules)
2021352 - ET TROJAN ELF.DES.Downloader Request (trojan.rules)
2021376 - ET TROJAN UpDocX Checkin (trojan.rules)
2021377 - ET TROJAN UpDocX Download (trojan.rules)
2021392 - ET MOBILE_MALWARE Android Gunpoder Checkin
(mobile_malware.rules)
2021501 - ET TROJAN Jiripbot CnC 1 (trojan.rules)
2021502 - ET TROJAN Jiripbot CnC 2 (trojan.rules)
2021617 - ET MOBILE_MALWARE Android.Trojan.SLocker.DZ Checkin 2
(mobile_malware.rules)
2807311 - ETPRO TROJAN Variant.Kazy.277370 Checkin (trojan.rules)
2809580 - ETPRO TROJAN Python.a Checkin (trojan.rules)
2811248 - ETPRO TROJAN Naikon CnC Beacon (trojan.rules)
2811250 - ETPRO MOBILE_MALWARE Android/SMForw.AC Checkin
(mobile_malware.rules)
2811339 - ETPRO TROJAN WIN32/Msposer.A Checkin (trojan.rules)
2811340 - ETPRO TROJAN WIN32/Msposer.A External IP Check (trojan.rules)
2811342 - ETPRO TROJAN WIN32/Msposer.A Checkin 2 (trojan.rules)
2811368 - ETPRO MOBILE_MALWARE Android SmsSample Checkin
(mobile_malware.rules)
2811369 - ETPRO MOBILE_MALWARE Android SmsSample Checkin 2
(mobile_malware.rules)
2811370 - ETPRO MOBILE_MALWARE Android SmsSample Checkin 3
(mobile_malware.rules)
2811467 - ETPRO TROJAN Spy.Win32.Agent.cvty Checkin (trojan.rules)
2811509 - ETPRO MOBILE_MALWARE Andr/VietSMS-E Checkin
(mobile_malware.rules)
2811605 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Mseg.a Checkin 2
(mobile_malware.rules)
2811669 - ETPRO TROJAN Win32/Autoit.BNH Checkin (trojan.rules)
2811689 - ETPRO MOBILE_MALWARE Android.Bossefiv Checkin
(mobile_malware.rules)
2811691 - ETPRO MOBILE_MALWARE Android/Spy.Zitmo.B Checkin 5
(mobile_malware.rules)
2811777 - ETPRO TROJAN Trojan-Ransom.Win32.Blocker.hapm Checkin
(trojan.rules)
2811874 - ETPRO TROJAN Win32/Startpage.WR CnC Checkin 2 (trojan.rules)
2811934 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.BAJ Checkin
(mobile_malware.rules)
2811983 - ETPRO MOBILE_MALWARE Android/Niynuy.A Checkin
(mobile_malware.rules)
2812018 - ETPRO TROJAN Python/MTK CnC Beacon (trojan.rules)
2812021 - ETPRO TROJAN Python/FBook.B Retrieving PE (trojan.rules)
2812035 - ETPRO TROJAN Derusbi CnC Beacon 2 (trojan.rules)
2812072 - ETPRO TROJAN Unknown Trojan Dropped by Win32/Inexsmar.A Checkin
(trojan.rules)
2812074 - ETPRO MOBILE_MALWARE Android/TrojanDownloader.Agent.DD Checkin
(mobile_malware.rules)
2812078 - ETPRO MOBILE_MALWARE Android/Agent.GX Checkin
(mobile_malware.rules)
2812131 - ETPRO MOBILE_MALWARE Android PUP Wodsha-E Checkin 2
(mobile_malware.rules)
2812136 - ETPRO MOBILE_MALWARE Android/Clicker.M Download
(mobile_malware.rules)
2812179 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmThief.eq Checkin
(mobile_malware.rules)
2812207 - ETPRO MOBILE_MALWARE Android.Trojan.SMSSend.DN Checkin
(mobile_malware.rules)
2812319 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.BDN Checkin
(mobile_malware.rules)
2812329 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Honli.a Checkin 2
(mobile_malware.rules)
2812336 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.CD Checkin
(mobile_malware.rules)
2812346 - ETPRO MOBILE_MALWARE Android.Trojan.Vdloader.C Checkin
(mobile_malware.rules)
2812393 - ETPRO TROJAN Win32/Inexsmar CnC Beacon (trojan.rules)
2812455 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.AOR Checkin
(mobile_malware.rules)
2812470 - ETPRO TROJAN Trojan.Win32.Ponmocup Variant Checkin
(trojan.rules)
2812538 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Fakeapp.a Checkin
(mobile_malware.rules)
2812539 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Fakeapp.a Download
(mobile_malware.rules)
2812623 - ETPRO TROJAN Etumbot HTTP CnC Beacon (trojan.rules)