[Emerging-Sigs] Emerging Threats Daily Signature Changes

emerging@emergingthreats.net emerging at emergingthreats.net
Sun Jan 18 16:00:09 EST 2009


[***] Results from Oinkmaster started Sun Jan 18 16:00:09 2009 [***]

[+++]          Added rules:          [+++]

 2009025 - ET TROJAN Vipdataend C&C Traffic - Checkin (variant 2) (emerging-virus.rules)
 2009026 - ET TROJAN Vipdataend C&C Traffic - Status OK (variant 2) (emerging-virus.rules)
 2009027 - ET MALWARE Suspicious User Agent (FileDownloader) (emerging-malware.rules)
 2009028 - ET MALWARE 404 Response with an EXE Attached - Likely Malware Drop (emerging-policy.rules)


[///]     Modified active rules:     [///]

 2009021 - ET MALWARE Suspicious User Agent (IE_6.0) (emerging-malware.rules)
 2009024 - ET CURRENT_EVENTS Downadup/Conficker-A Worm reporting (emerging.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (5):
        2009021 || ET MALWARE Suspicious User Agent (IE_6.0)
        2009025 || ET TROJAN Vipdataend C&C Traffic - Checkin (variant 2)
        2009026 || ET TROJAN Vipdataend C&C Traffic - Status OK (variant 2)
        2009027 || ET MALWARE Suspicious User Agent (FileDownloader)
        2009028 || ET MALWARE 404 Response with an EXE Attached - Likely Malware Drop

     -> Added to emerging-sid-msg.map.txt (5):
        2009021 || ET MALWARE Suspicious User Agent (IE_6.0)
        2009025 || ET TROJAN Vipdataend C&C Traffic - Checkin (variant 2)
        2009026 || ET TROJAN Vipdataend C&C Traffic - Status OK (variant 2)
        2009027 || ET MALWARE Suspicious User Agent (FileDownloader)
        2009028 || ET MALWARE 404 Response with an EXE Attached - Likely Malware Drop

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (1):
        2009021 || ET MALWARE Suspicious User Agent (IE_6.0) || url,www.bitdefender.com/VIRUS-1000328-en--Trojan.Pws.Wow.NCY.html

     -> Removed from emerging-sid-msg.map.txt (1):
        2009021 || ET MALWARE Suspicious User Agent (IE_6.0) || url,www.bitdefender.com/VIRUS-1000328-en--Trojan.Pws.Wow.NCY.html



More information about the Emerging-sigs mailing list