[Emerging-updates] Daily Ruleset Update Summary 08/27/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Tue Aug 27 13:52:50 HADT 2013


[***]          Summary:          [***]

11 New Open rules. 20 new Pro rules (11/9). BHEK, Drive DDoS, APT-12,
Vabushky.A, etc.

[+++]          Added rules:          [+++]

  Open:
  2017376 - ET CURRENT_EVENTS Possible BHEK Landing URI Format
(current_events.rules)
  2017377 - ET TROJAN Win64/Vabushky.A Malicious driver download
(trojan.rules)
  2017378 - ET TROJAN Drive DDoS Tool get command received key=okokokjjk
(trojan.rules)
  2017379 - ET TROJAN Drive DDoS Tool long command received key=okokokjjk
(trojan.rules)
  2017380 - ET TROJAN Drive DDoS Tool smart command received key=okokokjjk
(trojan.rules)
  2017381 - ET TROJAN Drive DDoS Tool post1 command received key=okokokjjk
(trojan.rules)
  2017382 - ET TROJAN Drive DDoS Tool post2 command received key=okokokjjk
(trojan.rules)
  2017383 - ET TROJAN Drive DDoS Tool byte command received key=okokokjjk
(trojan.rules)
  2017384 - ET TROJAN Drive DDoS Tool byte command received key=okokokjjk
(trojan.rules)
  2017385 - ET TROJAN Trojan.Dirtjump Checkin (trojan.rules)
  2017386 - ET CURRENT_EVENTS Possible APT-12 Related C2
(current_events.rules)

  Pro:
  2806909 - ETPRO TROJAN Win32/Sisron Checkin (trojan.rules)
  2806910 - ETPRO TROJAN Trojan.Win32.Jorik.Skill.att Checkin (trojan.rules)
  2806911 - ETPRO TROJAN Trojan.MSIL.Agent.ccfy Checkin (trojan.rules)
  2806912 - ETPRO TROJAN
Win32.Worm.Fujacks.CX<http://win32.worm.fujacks.cx/> Checkin
(trojan.rules)
  2806913 - ETPRO TROJAN Worm.Mydoom spreading via SMTP 20 (trojan.rules)
  2806914 - ETPRO TROJAN DarkComet Checkin 1 (trojan.rules)
  2806915 - ETPRO TROJAN DarkComet Checkin 2 (trojan.rules)
  2806916 - ETPRO TROJAN Win32/DDoS.Orbiter.A Fetching DoS targets
(trojan.rules)
  2806917 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.ef Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2017076 - ET CURRENT_EVENTS BlackHole EK Variant Payload Download
(current_events.rules)
  2805840 - ETPRO MOBILE_MALWARE Andr/FakeIns-B /
Trojan-SMS.AndroidOS.Agent.a Checkin (mobile_malware.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130827/6c42d6c5/attachment.html>


More information about the Emerging-updates mailing list