[Emerging-Sigs] Emerging Threats Daily Signature Changes
emerging@emergingthreats.net
emerging at emergingthreats.net
Tue Feb 12 17:00:08 EST 2008
[***] Results from Oinkmaster started Tue Feb 12 17:00:08 2008 [***]
[+++] Added rules: [+++]
2007839 - ET MALWARE Drpcclean.com Related Spyware User Agent (DrPCClean Transmit) (bleeding-malware.rules)
2007840 - ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (Shell) (bleeding-virus.rules)
2007841 - ET TROJAN W32.Downloader Tibs.ek Reporting to C&C (bleeding-virus.rules)
2007842 - ET MALWARE Softspydelete.com Fake Anti-Spyware Checkin (bleeding-malware.rules)
[///] Modified active rules: [///]
2003238 - ET TROJAN W32.Downloader Tibs.jy Reporting to C&C (bleeding-virus.rules)
2003239 - ET TROJAN W32.Downloader Tibs.jy Reporting to C&C (2) (bleeding-virus.rules)
[---] Removed rules: [---]
2007830 - ET MALWARE Maxthom/Myie2.com Related Spyware User Agent (MyIE2) (bleeding-malware.rules)
[+++] Added non-rule lines: [+++]
-> Added to bleeding-malware.rules (2):
#another fake antispyware package, by matt jonkman
#drpcclean.com by matt jonkman
-> Added to bleeding-sid-msg.map (6):
2003238 || ET TROJAN W32.Downloader Tibs.jy Reporting to C&C
2003239 || ET TROJAN W32.Downloader Tibs.jy Reporting to C&C (2)
2007839 || ET MALWARE Drpcclean.com Related Spyware User Agent (DrPCClean Transmit)
2007840 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (Shell)
2007841 || ET TROJAN W32.Downloader Tibs.ek Reporting to C&C
2007842 || ET MALWARE Softspydelete.com Fake Anti-Spyware Checkin
-> Added to bleeding-sid-msg.map.txt (6):
2003238 || ET TROJAN W32.Downloader Tibs.jy Reporting to C&C
2003239 || ET TROJAN W32.Downloader Tibs.jy Reporting to C&C (2)
2007839 || ET MALWARE Drpcclean.com Related Spyware User Agent (DrPCClean Transmit)
2007840 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (Shell)
2007841 || ET TROJAN W32.Downloader Tibs.ek Reporting to C&C
2007842 || ET MALWARE Softspydelete.com Fake Anti-Spyware Checkin
-> Added to bleeding-virus.rules (1):
#Matt Jonkman, Kaspersky Trojan-Proxy.Win32.Agent.blm
[---] Removed non-rule lines: [---]
-> Removed from bleeding-malware.rules (1):
#maxthon related, by matt jonkman
-> Removed from bleeding-sid-msg.map (3):
2003238 || ET TROJAN W32.Downloader-388 (Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C
2003239 || ET TROJAN W32.Downloader-388 (Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C (2)
2007830 || ET MALWARE Maxthom/Myie2.com Related Spyware User Agent (MyIE2)
-> Removed from bleeding-sid-msg.map.txt (3):
2003238 || ET TROJAN W32.Downloader-388 (Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C
2003239 || ET TROJAN W32.Downloader-388 (Trojan-Downloader.Win32.Tibs.jy) Reporting to C&C (2)
2007830 || ET MALWARE Maxthom/Myie2.com Related Spyware User Agent (MyIE2)
-> Removed from bleeding-virus.rules (1):
#first found by ClamAV
More information about the Emerging-sigs
mailing list