[Emerging-Sigs] Daily Ruleset Update Summary 09/05/2014

Francis Trudeau ftrudeau at emergingthreats.net
Sat Sep 6 00:23:09 EDT 2014


 [***] Summary: [***]

 8 new Open signatures, 12 new Pro (8+4).  Various Android, Tor based locker.

 Thanks:  Kevin Ross.

 [+++]          Added rules:          [+++]

 Open:

  2017895 - ET TROJAN Kuluoz/Asprox Activity (trojan.rules)
  2019123 - ET TROJAN Tor based locker .onion DNS Proxy lookup
September 5, 2014 (trojan.rules)
  2019124 - ET TROJAN Tor based locker .onion Proxy domain in SNI
September 5, 2014 (trojan.rules)
  2019125 - ET MOBILE_MALWARE Android/Youmi.Adware Install Report CnC
Beacon (mobile_malware.rules)
  2019126 - ET POLICY External IP Lookup (policy.rules)
  2019127 - ET TROJAN W32/Bapy.Downloader PE Download Request (trojan.rules)
  2019128 - ET TROJAN W32/Bravix.Dropper CnC Beacon (trojan.rules)
  2019129 - ET TROJAN Backdoor.Win32/Dervec.gen Connectivity Check to
Google (trojan.rules)

 Pro:

  2808741 - ETPRO MALWARE Win32/Tugspay.A Checkin (malware.rules)
  2808742 - ETPRO TROJAN Win32.Darpa Checkin (trojan.rules)
  2808743 - ETPRO MALWARE PUP MSIL/BrowseFox.G Checkin (malware.rules)
  2808744 - ETPRO MALWARE Win32/Sysfade.A Clickfraud Activity (malware.rules)


 [///]     Modified active rules:     [///]

  2010140 - ET P2P Vuze BT UDP Connection (p2p.rules)

 [---]         Removed rules:         [---]

  2017895 - ET CURRENT_EVENTS Kuluoz/Asprox Activity Dec 23 2013
(current_events.rules)
  2805044 - ETPRO TROJAN Backdoor.Win32/Dervec.gen Connectivity Check
to Google (trojan.rules)
  2807771 - ETPRO TROJAN Win32/Kuluoz.D Checkin (trojan.rules)


More information about the Emerging-sigs mailing list