[Emerging-updates] Daily Ruleset Update Summary 08/04/2014

Will Metcalf wmetcalf at emergingthreatspro.com
Mon Aug 4 19:50:15 EDT 2014


[***] Summary: [***]

 13 New Open rules. 8 new Pro rules. Kronos, ReRol.A, OneLouder, etc.
Thanks @EKwatcher, at kafeine.

[+++]          Added rules:          [+++]

  Open:
  2018882 - ET TROJAN Troj/ReRol.A Checkin 1 (trojan.rules)
  2018883 - ET TROJAN Troj/ReRol.A Checkin 2 (trojan.rules)
  2018884 - ET TROJAN Troj/ReRol.A Checkin 4 (trojan.rules)
  2018885 - ET TROJAN Windows Command Prompt OUTBOUND (trojan.rules)
  2018886 - ET TROJAN Windows TaskList Microsoft Windows DOS prompt command
exit OUTBOUND (trojan.rules)
  2018887 - ET MOBILE_MALWARE Android/Trogle.A Possible Exfiltration of SMS
via SMTP (mobile_malware.rules)
  2018888 - ET MOBILE_MALWARE Android/Spy.Kasandra.A Checkin
(mobile_malware.rules)
  2018889 - ET TROJAN Infostealer.Mysayad Checkin 1 (trojan.rules)
  2018890 - ET TROJAN Infostealer.Mysayad Checkin 2 (trojan.rules)
  2018891 - ET TROJAN Kronos Checkin (trojan.rules)
  2018892 - ET TROJAN Zbot .onion Proxy domain in SNI Aug 04, 2014
(trojan.rules)
  2018893 - ET TROJAN Zbot .onion Proxy DNS lookup July 31, 2014
(trojan.rules)
  2018894 - ET CURRENT_EVENTS Probable OneLouder downloader (Zeus P2P)
(current_events.rules)

  Pro:
  2808496 - ETPRO TROJAN Backdoor.Korgapam CnC Checkin (trojan.rules)
  2808497 - ETPRO TROJAN Backdoor.Korgapam CnC (INBOUND) 1 (trojan.rules)
  2808498 - ETPRO TROJAN Backdoor.Korgapam CnC (INBOUND) 2 (trojan.rules)
  2808499 - ETPRO TROJAN Downloader.Ajuxery!gm User-Agent (trojan.rules)
  2808500 - ETPRO MALWARE Win32.Mopop Checkin (malware.rules)
  2808501 - ETPRO MALWARE PUP Win32/Amonetize.AV Checkin (malware.rules)
  2808502 - ETPRO TROJAN Win32/Wigon.PI Checkin (trojan.rules)
  2808503 - ETPRO TROJAN Possible Win32/Zbot Serial Number in SSL Cert
(trojan.rules)


 [///]     Modified active rules:     [///]

  Open:
  2018771 - ET TROJAN Win32.Yakes.fjyq POST to C2 (trojan.rules)
  2018869 - ET TROJAN W32/Pgift.Backdoor APT CnC Beacon (trojan.rules)

  Pro:
  2808076 - ETPRO CURRENT_EVENTS DRIVEBY Angler EK Landing May 22 2014
(current_events.rules)
  2808385 - ETPRO TROJAN Win32.Xema Checkin (trojan.rules)


 [---]         Removed rules:         [---]

  Pro:
  2808341 - ETPRO TROJAN Troj/ReRol.A (trojan.rules)
  2808342 - ETPRO TROJAN Troj/ReRol.A 2 (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140804/e09eb297/attachment.html>


More information about the Emerging-updates mailing list