[Emerging-updates] Daily Ruleset Update Summary 08/15/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Aug 15 14:16:12 HADT 2013


[***]          Summary:          [***]

4 new Open rules. 9 new pro rules (4/5). Reassigned Eval, Styx, etc.

[+++]          Added rules:          [+++]

  Open:
  2017333 - ET CURRENT_EVENTS Styx EK - /jvvn.html (current_events.rules)
  2017334 - ET INFO SUSPICIOUS Reassigned Eval Function 1 (info.rules)
  2017335 - ET INFO SUSPICIOUS Reassigned Eval Function 2 (info.rules)
  2017336 - ET INFO SUSPICIOUS Reassigned Eval Function 3 (info.rules)

  Pro:
  2806836 - ETPRO TROJAN zbot-variant fetching instagram data to send spam
(trojan.rules)
  2806837 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.k Checkin 1
(mobile_malware.rules)
  2806838 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.k Checkin 2
(mobile_malware.rules)
  2806839 - ETPRO MOBILE_MALWARE
Android/TrojanSMS.Agent.KR<http://trojansms.agent.kr/> Checkin
(mobile_malware.rules)
  2806840 - ETPRO MOBILE_MALWARE
Android.Trojan.InfoStealer.BJ<http://android.trojan.infostealer.bj/>
Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  Open:
  2016912 - ET TROJAN W32/KeyLogger.ACQH!tr Checkin (trojan.rules)
  2017258 - ET CURRENT_EVENTS Fake FedEX/Pony spam campaign URI Struct
(current_events.rules)
  2017283 - ET TROJAN ATTACKER IRCBot - net user - PRIVMSG Command
 (trojan.rules)
  2017284 - ET TROJAN ATTACKER IRCBot - net localgroup - PRIVMSG Command
(trojan.rules)
  2017285 - ET TROJAN ATTACKER IRCBot - net add PRIVMSG Command
 (trojan.rules)
  2017286 - ET TROJAN ATTACKER IRCBot - netsh - PRIVMSG Command
 (trojan.rules)
  2017287 - ET TROJAN ATTACKER IRCBot - ipconfig - PRIVMSG Command
 (trojan.rules)
  2017288 - ET TROJAN ATTACKER IRCBot -  reg - PRIVMSG Command
 (trojan.rules)
  2017289 - ET TROJAN ATTACKER IRCBot - The command completed successfully
- PRIVMSG Response (trojan.rules)
  2017290 - ET TROJAN ATTACKER IRCBot - PRIVMSG Response - Directory
Listing (trojan.rules)
  2017291 - ET TROJAN ATTACKER IRCBot - PRIVMSG Response - net command
output (trojan.rules)
  2017292 - ET TROJAN ATTACKER IRCBot - PRIVMSG Response - ipconfig command
output (trojan.rules)
  2017303 - ET TROJAN ATTACKER IRCBot - PRIVMSG Response - Directory
Listing *nix (trojan.rules)

  Pro:
  2803506 - ETPRO MALWARE Arcadeweb LLC User-Agent awi v2. (malware.rules)
  2806399 - ETPRO TROJAN TrojanDownloader Win32/Frethog.E (Response)
(trojan.rules)
  2806402 - ETPRO TROJAN TrojanDownloader Win32/Frethog.E (Response 2)
(trojan.rules)
  2806744 - ETPRO TROJAN BackDoor.Makadoc.2 A (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130815/2d98446c/attachment.html>


More information about the Emerging-updates mailing list