[Emerging-updates] Daily Ruleset Update Summary 01/27/2014

Francis Trudeau ftrudeau at emergingthreats.net
Mon Jan 27 13:35:22 HAST 2014


 [***] Summary: [***]

 13 new Open rules,  26 new Pro rules (13/13).  Various Android, Genome,
Limitless Logger, BettrExperience Adware.

 Thanks to @EKwatcher and Kevin Ross for their contributions.

 [+++]          Added rules:          [+++]

 Open:

  2018015 - ET TROJAN Limitless Logger Sending Data over SMTP (trojan.rules)
  2018016 - ET TROJAN Limitless Logger Sending Data over SMTP 2
(trojan.rules)
  2018017 - ET TROJAN Predator Logger Sending Data over SMTP (trojan.rules)
  2018018 - ET TROJAN Win32/Antilam.2_0 Sending Data over SMTP
(trojan.rules)
  2018019 - ET TROJAN Win32.WinSpy.pob Sending Data over SMTP (trojan.rules)
  2018020 - ET TROJAN Win32.WinSpy.pob Sending Data over SMTP 2
(trojan.rules)
  2018021 - ET POLICY myip.ru IP lookup (policy.rules)
  2018022 - ET TROJAN Possible Win32/Dimegup.A Downloading Image Common URI
Struct (trojan.rules)
  2018023 - ET TROJAN W32/LockscreenBEI.Scareware Cnc Beacon (trojan.rules)
  2018024 - ET MALWARE W32/BettrExperience.Adware Initial Checkin
(malware.rules)
  2018025 - ET MALWARE W32/BettrExperience.Adware POST Checkin
(malware.rules)
  2018026 - ET MALWARE W32/BettrExperience.Adware Update Checkin
(malware.rules)
  2018027 - ET TROJAN Win32/Xtrat C2 Response (trojan.rules)

 Pro:

  2807540 - ETPRO TROJAN Net-Worm.Win32.Allaple Checkin (trojan.rules)
  2807541 - ETPRO TROJAN Trojan.Win32.Kargatroj.a Checkin (trojan.rules)
  2807542 - ETPRO MOBILE_MALWARE Trojan.Android/Fakeinst.DD Checkin
(mobile_malware.rules)
  2807543 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Pincer.a Checkin
(mobile_malware.rules)
  2807544 - ETPRO TROJAN Android.Fakebank.B Checkin (trojan.rules)
  2807545 - ETPRO TROJAN Backdoor.Win32.Cmjspy.aw Checkin (trojan.rules)
  2807546 - ETPRO TROJAN DDoS.Win32/Nitol.gen!A Checkin 2 (trojan.rules)
  2807547 - ETPRO TROJAN Downloader.Win32.Genome.fvmi Checkin (trojan.rules)
  2807548 - ETPRO TROJAN Win32.VJadtre.2 Checkin (trojan.rules)
  2807549 - ETPRO TROJAN Zeleffo Checkin (trojan.rules)
  2807550 - ETPRO TROJAN DDoS.Win32/Nitol.B Checkin 3 (trojan.rules)
  2807551 - ETPRO TROJAN Backdoor.PcClient.1 Checkin (trojan.rules)
  2807552 - ETPRO MALWARE Win32/Polip.A Checkin (malware.rules)


 [///]     Modified active rules:     [///]

  2008034 - ET TROJAN LDPinch SMTP Password Report (trojan.rules)
  2016275 - ET TROJAN Win32/Xtrat.A Checkin (trojan.rules)
  2803980 - ETPRO TROJAN Backdoor.Win32.Salamdom!IK Checkin 2 (trojan.rules)
  2804065 - ETPRO TROJAN Win32/PcClient.CM CnC Traffic (trojan.rules)
  2807426 - ETPRO TROJAN Trojan.Win32.Badur.gboh Download (trojan.rules)


 [---]  Disabled and modified rules:  [---]

  2017982 - ET MALWARE Suspicious User-Agent 100 non-printable char
(malware.rules)


 [---]         Removed rules:         [---]

  2018009 - ET CURRENT_EVENTS SUSPICIOUS HTTP Request to .bit domain
(current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140127/de112f24/attachment.html>


More information about the Emerging-updates mailing list