[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Wed Dec 9 16:07:38 EST 2009


[***] Results from Oinkmaster started Wed Dec  9 16:07:38 2009 [***]

[+++]          Added rules:          [+++]

20010455 - ET USER_AGENTS Suspicious UA string (MSIE7 an) (emerging-user_agents.rules)


[///]     Modified active rules:     [///]

 2007827 - ET USER_AGENTS Suspicious User-Agent - Possible Trojan Downloader (ie) (emerging-user_agents.rules)
 2010333 - ET USER_AGENTS Suspicious User Agent (CrazyBro) (emerging-user_agents.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (3):
        2007827 || ET USER_AGENTS Suspicious User-Agent - Possible Trojan Downloader (ie) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2007827
        2010333 || ET USER_AGENTS Suspicious User Agent (CrazyBro) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2010333 || url,anubis.iseclab.org/?action=result&task_id=14118b80c1b346124c183394d5b3004b1&format=html || url,www.threatexpert.com/report.aspx?md5=e4664144f8e95cfec510d5efa24a35e7 || url,www.threatexpert.com/report.aspx?md5=fd2d6bb1d2a9803c49f1e175d558a934 || url,www.f-secure.com/v-descs/trojan-proxy_w32_kvadr_gen!a.shtml
        20010455 || ET USER_AGENTS Suspicious UA string (MSIE7 an)

     -> Added to emerging-sid-msg.map.txt (3):
        2007827 || ET USER_AGENTS Suspicious User-Agent - Possible Trojan Downloader (ie) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2007827
        2010333 || ET USER_AGENTS Suspicious User Agent (CrazyBro) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2010333 || url,anubis.iseclab.org/?action=result&task_id=14118b80c1b346124c183394d5b3004b1&format=html || url,www.threatexpert.com/report.aspx?md5=e4664144f8e95cfec510d5efa24a35e7 || url,www.threatexpert.com/report.aspx?md5=fd2d6bb1d2a9803c49f1e175d558a934 || url,www.f-secure.com/v-descs/trojan-proxy_w32_kvadr_gen!a.shtml
        20010455 || ET USER_AGENTS Suspicious UA string (MSIE7 an)

     -> Added to emerging-user_agents.rules (1):
        #by Deapesh Misra

[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (2):
        2007827 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (ie) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2007827
        2010333 || ET USER-AGENTS Suspicious User Agent (CrazyBro) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2010333 || url,anubis.iseclab.org/?action=result&task_id=14118b80c1b346124c183394d5b3004b1&format=html || url,www.threatexpert.com/report.aspx?md5=e4664144f8e95cfec510d5efa24a35e7 || url,www.threatexpert.com/report.aspx?md5=fd2d6bb1d2a9803c49f1e175d558a934 || url,www.f-secure.com/v-descs/trojan-proxy_w32_kvadr_gen!a.shtml

     -> Removed from emerging-sid-msg.map.txt (2):
        2007827 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader (ie) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2007827
        2010333 || ET USER-AGENTS Suspicious User Agent (CrazyBro) || url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/USER_AGENTS/USER_AGENTS_Suspicious || url,doc.emergingthreats.net/2010333 || url,anubis.iseclab.org/?action=result&task_id=14118b80c1b346124c183394d5b3004b1&format=html || url,www.threatexpert.com/report.aspx?md5=e4664144f8e95cfec510d5efa24a35e7 || url,www.threatexpert.com/report.aspx?md5=fd2d6bb1d2a9803c49f1e175d558a934 || url,www.f-secure.com/v-descs/trojan-proxy_w32_kvadr_gen!a.shtml



More information about the Emerging-updates mailing list