[Emerging-Sigs] Emerging Threats Daily Signature Changes
emerging@emergingthreats.net
emerging at emergingthreats.net
Sun May 25 17:00:08 EDT 2008
[***] Results from Oinkmaster started Sun May 25 17:00:08 2008 [***]
[+++] Added rules: [+++]
2008245 - ET TROJAN Juicopotomous to Controller (emerging-virus.rules)
2008246 - ET TROJAN Juicopotomous ack from Controller (emerging-virus.rules)
2008247 - ET TROJAN Juicopotomous ack to Controller (emerging-virus.rules)
[///] Modified active rules: [///]
2007863 - ET TROJAN Banload HTTP Checkin (emerging-virus.rules)
[---] Removed rules: [---]
2008245 - ET TROJAN Unknown to Controller (emerging.rules)
2008246 - ET TROJAN Unknown ack from Controller (emerging.rules)
2008247 - ET TROJAN Unknown ack to Controller (emerging.rules)
[+++] Added non-rule lines: [+++]
-> Added to emerging-sid-msg.map (3):
2008245 || ET TROJAN Juicopotomous to Controller
2008246 || ET TROJAN Juicopotomous ack from Controller
2008247 || ET TROJAN Juicopotomous ack to Controller
-> Added to emerging-sid-msg.map.txt (3):
2008245 || ET TROJAN Juicopotomous to Controller
2008246 || ET TROJAN Juicopotomous ack from Controller
2008247 || ET TROJAN Juicopotomous ack to Controller
-> Added to emerging-virus.rules (3):
#new CNC channel, sample has no AV detection, collected 5/14
#sigs by Jeffrey Brown
# Register the first comm w/ 7c, 1 byte packet
[---] Removed non-rule lines: [---]
-> Removed from emerging-sid-msg.map (3):
2008245 || ET TROJAN Unknown to Controller
2008246 || ET TROJAN Unknown ack from Controller
2008247 || ET TROJAN Unknown ack to Controller
-> Removed from emerging-sid-msg.map.txt (3):
2008245 || ET TROJAN Unknown to Controller
2008246 || ET TROJAN Unknown ack from Controller
2008247 || ET TROJAN Unknown ack to Controller
-> Removed from emerging.rules (3):
#new CNC channel, sample has no AV detection, collected 5/14
#sigs by Jeffrey Brown
# Register the first comm w/ 7c, 1 byte packet
More information about the Emerging-sigs
mailing list