[Emerging-updates] Daily Ruleset Update Summary 08/26/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Mon Aug 26 18:21:24 HADT 2013


 [***]          Summary:          [***]

 5 new Open rules. 27 new Pro rules (5/22). Nuerevt.A, Sweet Orange,
CookieBomb, etc. tks @MalwareMustDie.

 [+++]          Added rules:          [+++]

  Open:
  2017371 - ET TROJAN Win32/Neurevt.A checkin (trojan.rules)
  2017372 - ET CURRENT_EVENTS Sweet Orange Landing with Applet Aug 26 2013
 (current_events.rules)
  2017373 - ET CURRENT_EVENTS Possible CookieBomb Generic JavaScript Format
(current_events.rules)
  2017374 - ET CURRENT_EVENTS CookieBomb Generic PHP Format
(current_events.rules)
  2017375 - ET CURRENT_EVENTS CookieBomb Generic HTML Format
(current_events.rules)

  Pro:
  2806887 - ETPRO POLICY DNS query to Dynamic Internet Technology Domains
(Anti-Internet Censhorship) (policy.rules)
  2806888 - ETPRO POLICY DNS query to Dynamic Internet Technology Domains
(Anti-Internet Censhorship) 2 (policy.rules)
  2806889 - ETPRO TROJAN Win32/Qhost.HZ Checkin (trojan.rules)
  2806890 - ETPRO TROJAN Win32/Qhost.HZ Dowloading .exe file (trojan.rules)
  2806891 - ETPRO MALWARE Downloader/Win32.Adload Checkin (malware.rules)
  2806892 - ETPRO MALWARE AdWare.Win32.4Shared User-Agent (Tiny Loader/1.0)
(malware.rules)
  2806893 - ETPRO TROJAN Trojan-Downloader.Win32.FraudLoad.wzpv Checkin
(trojan.rules)
  2806894 - ETPRO MALWARE Win32/Adware.Owlforce.A User-Agent (Owlforce)
(malware.rules)
  2806895 - ETPRO MALWARE Adware.Win32/Agent.C Checkin (malware.rules)
  2806896 - ETPRO TROJAN Backdoor.Graybird Checkin (trojan.rules)
  2806897 - ETPRO TROJAN Worm.Dabber.B Checkin (trojan.rules)
  2806898 - ETPRO TROJAN Win32.Otlard.A C&C communications end 1
(trojan.rules)
  2806899 - ETPRO TROJAN Win32.Otlard.A C&C communications end 2
(trojan.rules)
  2806900 - ETPRO TROJAN Win32.Otlard.A C&C communications end 3
(trojan.rules)
  2806901 - ETPRO TROJAN Win32.Otlard.A C&C checkin (trojan.rules)
  2806902 - ETPRO TROJAN Win32.Otlard.A C&C checkin response (trojan.rules)
  2806903 - ETPRO TROJAN Worm/Win32.WhiteIce.gen Checkin 1 (trojan.rules)
  2806904 - ETPRO TROJAN Worm/Win32.WhiteIce.gen Checkin 2 (trojan.rules)
  2806905 - ETPRO TROJAN Trojan-Banker.Win32.Delf.arb (trojan.rules)
  2806906 - ETPRO MALWARE mozila GET (malware.rules)
  2806907 - ETPRO MALWARE mozila POST (malware.rules)
  2806908 - ETPRO TROJAN Win32/Karagany.L Checkin response (trojan.rules)


 [///]     Modified active rules:     [///]

  2016851 - ET CURRENT_EVENTS Winwebsec/Zbot/Luder Checkin Response
(current_events.rules)
  2017115 - ET CURRENT_EVENTS Sweet Orange applet July 08 2013
(current_events.rules)
  2804626 - ETPRO MALWARE Rogue.Win32/FakeRean Checkin (malware.rules)


 [---]  Disabled and modified rules:  [---]

  2015680 - ET CURRENT_EVENTS Blackhole Java applet with obfuscated URL Nov
09 2012 (current_events.rules)


 [---]         Removed rules:         [---]

  2001304 - ET MALWARE Browseraid.com Agent Updating (malware.rules)
  2014143 - ET TROJAN PoisonIvy.Esf Keepalive to CnC (trojan.rules)
  2806365 - ETPRO TROJAN PWS-Zbot-FEN!C447D364A9DA checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130826/2cebb1ed/attachment.html>


More information about the Emerging-updates mailing list