[Emerging-updates] Daily Ruleset Update Summary 08/05/2014

Will Metcalf wmetcalf at emergingthreatspro.com
Tue Aug 5 22:00:07 EDT 2014


 [***]          Summary:          [***]

 4 new Open rules. 16 new Pro rules (4/12). Upatre, Pushdo.S, Ddex, Dragon.
Thanks Jake Warren, setests, Eoin Miller.

 [+++]          Added rules:          [+++]

  Open:
  2018895 - ET TROJAN Ddex Loader Check-in (trojan.rules)
  2018896 - ET TROJAN BitcoinMiner C2 SSL Cert (trojan.rules)
  2018897 - ET TROJAN Pushdo.S CnC response (trojan.rules)
  2018898 - ET CURRENT_EVENTS Possible Upatre SSL Cert tradeledstore.co.uk
(current_events.rules)

  Pro:
  2808504 - ETPRO TROJAN Bublik.sda pastebin Request (trojan.rules)
  2808505 - ETPRO TROJAN Autoit.LOX Checkin (trojan.rules)
  2808506 - ETPRO TROJAN Trojan.Crypt.CG Checkin (trojan.rules)
  2808507 - ETPRO TROJAN Dragon Infostealer Checkin via SMTP (trojan.rules)
  2808508 - ETPRO TROJAN Loadmoney.A Checkin 8 (trojan.rules)
  2808509 - ETPRO MALWARE PUP Win32/Soft32Downloader.D SSL Cert Observed
(malware.rules)
  2808510 - ETPRO TROJAN W32/Zbot.PM.gen Checkin (trojan.rules)
  2808511 - ETPRO TROJAN W32/Zbot.PM.gen Checkin 2 (trojan.rules)
  2808512 - ETPRO MOBILE_MALWARE Android/SmsSpy.AS Checkin
(mobile_malware.rules)
  2808513 - ETPRO MOBILE_MALWARE Android/SmsSpy.AS Checkin 2
(mobile_malware.rules)
  2808514 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.AO Checkin 2
(mobile_malware.rules)
  2808515 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.C Checkin 4
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  Open:
  2014600 - ET TROJAN Win32/Nitol.A Checkin (trojan.rules)
  2016867 - ET TROJAN Backdoor.Win32.Pushdo.s Checkin (trojan.rules)
  2018045 - ET CURRENT_EVENTS PHISH Visa - URI - Landing Page
(current_events.rules)
  2018643 - ET TROJAN Win32/Zemot Checkin (trojan.rules)
  2018752 - ET TROJAN Generic .bin download from Dotted Quad (trojan.rules)

  Pro:
  2808499 - ETPRO TROJAN Win32/Zemot User-Agent (trojan.rules)


 [---]         Removed rules:         [---]
  Pro:
  2808502 - ETPRO TROJAN Win32/Wigon.PI Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140805/cb8cf319/attachment.html>


More information about the Emerging-updates mailing list