[Emerging-Sigs] Emerging Threats Daily Signature Changes

emerging@emergingthreats.net emerging at emergingthreats.net
Tue Jan 27 16:00:09 EST 2009


[***] Results from Oinkmaster started Tue Jan 27 16:00:09 2009 [***]

[+++]          Added rules:          [+++]

 2009052 - ET TROJAN Hupigon System Stats Report (I-variant) (emerging-virus.rules)


[///]     Modified active rules:     [///]

 2003387 - ET MALWARE dialno Dialer User Agent (dialno) (emerging-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (1):
        2009052 || ET TROJAN Hupigon System Stats Report (I-variant) || url,doc.emergingthreats.net/bin/view/Main/TrojanDropper497

     -> Added to emerging-sid-msg.map.txt (1):
        2009052 || ET TROJAN Hupigon System Stats Report (I-variant) || url,doc.emergingthreats.net/bin/view/Main/TrojanDropper497

     -> Added to emerging-virus.rules (1):
        #by darren spruell

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (34):
        2500062 || ET COMPROMISED Known Compromised or Hostile Host Traffic (63) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500063 || ET COMPROMISED Known Compromised or Hostile Host Traffic (64) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500064 || ET COMPROMISED Known Compromised or Hostile Host Traffic (65) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500065 || ET COMPROMISED Known Compromised or Hostile Host Traffic (66) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500066 || ET COMPROMISED Known Compromised or Hostile Host Traffic (67) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500067 || ET COMPROMISED Known Compromised or Hostile Host Traffic (68) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500068 || ET COMPROMISED Known Compromised or Hostile Host Traffic (69) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500069 || ET COMPROMISED Known Compromised or Hostile Host Traffic (70) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500070 || ET COMPROMISED Known Compromised or Hostile Host Traffic (71) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500071 || ET COMPROMISED Known Compromised or Hostile Host Traffic (72) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500072 || ET COMPROMISED Known Compromised or Hostile Host Traffic (73) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500073 || ET COMPROMISED Known Compromised or Hostile Host Traffic (74) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500074 || ET COMPROMISED Known Compromised or Hostile Host Traffic (75) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500075 || ET COMPROMISED Known Compromised or Hostile Host Traffic (76) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500076 || ET COMPROMISED Known Compromised or Hostile Host Traffic (77) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500077 || ET COMPROMISED Known Compromised or Hostile Host Traffic (78) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500078 || ET COMPROMISED Known Compromised or Hostile Host Traffic (79) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510062 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (63) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510063 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (64) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510064 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (65) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510065 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (66) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510066 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (67) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510067 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (68) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510068 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (69) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510069 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (70) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510070 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (71) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510071 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (72) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510072 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (73) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510073 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (74) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510074 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (75) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510075 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (76) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510076 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (77) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510077 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (78) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510078 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (79) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

     -> Removed from emerging-sid-msg.map.txt (34):
        2500062 || ET COMPROMISED Known Compromised or Hostile Host Traffic (63) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500063 || ET COMPROMISED Known Compromised or Hostile Host Traffic (64) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500064 || ET COMPROMISED Known Compromised or Hostile Host Traffic (65) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500065 || ET COMPROMISED Known Compromised or Hostile Host Traffic (66) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500066 || ET COMPROMISED Known Compromised or Hostile Host Traffic (67) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500067 || ET COMPROMISED Known Compromised or Hostile Host Traffic (68) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500068 || ET COMPROMISED Known Compromised or Hostile Host Traffic (69) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500069 || ET COMPROMISED Known Compromised or Hostile Host Traffic (70) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500070 || ET COMPROMISED Known Compromised or Hostile Host Traffic (71) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500071 || ET COMPROMISED Known Compromised or Hostile Host Traffic (72) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500072 || ET COMPROMISED Known Compromised or Hostile Host Traffic (73) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500073 || ET COMPROMISED Known Compromised or Hostile Host Traffic (74) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500074 || ET COMPROMISED Known Compromised or Hostile Host Traffic (75) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500075 || ET COMPROMISED Known Compromised or Hostile Host Traffic (76) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500076 || ET COMPROMISED Known Compromised or Hostile Host Traffic (77) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500077 || ET COMPROMISED Known Compromised or Hostile Host Traffic (78) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2500078 || ET COMPROMISED Known Compromised or Hostile Host Traffic (79) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510062 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (63) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510063 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (64) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510064 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (65) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510065 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (66) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510066 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (67) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510067 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (68) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510068 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (69) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510069 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (70) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510070 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (71) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510071 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (72) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510072 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (73) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510073 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (74) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510074 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (75) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510075 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (76) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510076 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (77) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510077 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (78) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510078 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (79) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts



More information about the Emerging-sigs mailing list