[Emerging-updates] Daily Ruleset Update Summary 08/14/2014

Francis Trudeau ftrudeau at emergingthreats.net
Thu Aug 14 18:00:13 EDT 2014


 [***] Summary: [***]

 6 new Open signatures, 12 new Pro (6+6).  Abuse.ch malicious SSL,
ClickFraud Trojan Socks5, Suspicious X-mailer Synapse.

 Thanks:  @EKWatcher and @abuse_ch.


 [+++]          Added rules:          [+++]

 Open:

  2018935 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (KINS C2) (trojan.rules)
  2018936 - ET TROJAN Suspicious X-mailer Synapse (trojan.rules)
  2018937 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (KINS C2) (trojan.rules)
  2018939 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (CryptoWall C2) (trojan.rules)
  2018940 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Dyre C2) (trojan.rules)
  2018941 - ET TROJAN ClickFraud Trojan Socks5 Init Response (trojan.rules)

 Pro:

  2808565 - ETPRO TROJAN Win32/Banjori.A Checkin (trojan.rules)
  2808566 - ETPRO TROJAN Win32/Rovnix.H Retrieving Fake User-Agent
(trojan.rules)
  2808567 - ETPRO TROJAN Trojan.Zbot Download (trojan.rules)
  2808568 - ETPRO TROJAN TrojanDownloader.Murlo.jr Checkin (trojan.rules)
  2808569 - ETPRO CURRENT_EVENTS Win32/Zbot angryflo.ru GET Aug 14
2014 (current_events.rules)
  2808570 - ETPRO TROJAN Win32.Sisron.B Checkin 2 (trojan.rules)


 [///]     Modified active rules:     [///]

  2018028 - ET TROJAN W32/Madness Checkin (trojan.rules)
  2018114 - ET TROJAN DNS Query for Known Chewbacca CnC Server (trojan.rules)
  2018855 - ET TROJAN Possible ClickFraud Trojan Socks5 Connection
(trojan.rules)
  2018928 - ET TROJAN Unknown Trojan Dropped By Archie.EK (trojan.rules)
  2801959 - ETPRO TROJAN Bredolap/Rebhip/Bifrose Checkin (trojan.rules)
  2803936 - ETPRO TROJAN Backdoor.Win32.Sheldor.dt Checkin (trojan.rules)
  2807180 - ETPRO TROJAN Win32.Sisron.B Checkin Checkin (trojan.rules)
  2807262 - ETPRO TROJAN Win32/Heloag.A Checkin 2 (trojan.rules)
  2807384 - ETPRO TROJAN Win32.Hupigon Variant (trojan.rules)
  2807771 - ETPRO TROJAN Win32/Kuluoz.D Checkin (trojan.rules)
  2807823 - ETPRO TROJAN Trojan-Dropper.Win32.Sysn.acbq Checkin (trojan.rules)
  2807850 - ETPRO TROJAN Trojan/MSIL.bfsx Checkin (trojan.rules)
  2807981 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Feejar.D Checkin
(mobile_malware.rules)
  2808267 - ETPRO TROJAN Win32.Pandemiya Checkin (trojan.rules)


 [---]         Removed rules:         [---]

  2808548 - ETPRO TROJAN Trojan.Win32.Yakes.fdph SSL Cert (trojan.rules)


More information about the Emerging-updates mailing list