[Emerging-updates] Daily Ruleset Update Summary 03/31/2014

Francis Trudeau ftrudeau at emergingthreats.net
Mon Mar 31 12:20:37 HADT 2014


 [***] Summary: [***]

 5 new Open rules 11 new pro (5/6).  Goon/Infinity EK, Various IRC,
TrojanDownloader.Agent.

 Thanks:  Kevin Ross.


 [+++]          Added rules:          [+++]

 Open:

  2018334 - ET CURRENT_EVENTS PHISH Generic - Landing Page - saved from
https comment and form (current_events.rules)
  2018336 - ET TROJAN Asprox Fake Ximian Evolution X-Mailer Header
(XimianEvolution1.4.6) (trojan.rules)
  2018337 - ET CURRENT_EVENTS DRIVEBY Goon/Infinity EK Landing Mar 31 2014
(current_events.rules)
  2018338 - ET MALWARE W32/DownloadAdmin.Adware CnC Beacon (malware.rules)
  2018339 - ET MALWARE W32/DownloadAdmin.Adware Executable Download Request
(malware.rules)

 Pro:

  2807904 - ETPRO TROJAN Backdoor.Win32/Sdbot IRC User (trojan.rules)
  2807905 - ETPRO TROJAN Trojan.Win32.Ircbot IRC LOGIN (trojan.rules)
  2807906 - ETPRO TROJAN Backdoor.Win32.IRCBot.aerz Checkin (trojan.rules)
  2807907 - ETPRO TROJAN Win32.Kespy.b IRC LOGIN (trojan.rules)
  2807908 - ETPRO TROJAN Backdoor.Win32/Bdaejec.A Checkin (trojan.rules)
  2807909 - ETPRO TROJAN Win32/TrojanDownloader.Agent.AJX Checkin
(trojan.rules)


 [///]     Modified active rules:     [///]

  2014778 - ET TROJAN Bebloh connectivity check (trojan.rules)
  2016768 - ET TROJAN Backdoor.Win32.Dorkbot.AR Join IRC channel
(trojan.rules)
  2804962 - ETPRO TROJAN Win32/Viking.GN ICMP Echo Request (trojan.rules)
  2805419 - ETPRO MALWARE Uptodown.com Checkin (malware.rules)
  2805803 - ETPRO TROJAN Taidoor Checkin 2 (trojan.rules)
  2806507 - ETPRO TROJAN Win32/Injector.Autoit.P variant response
(trojan.rules)
  2806920 - ETPRO TROJAN Trojan.Rontokbro Checkin (trojan.rules)
  2807385 - ETPRO TROJAN Win32.Hupigon Variant Payload Delivery
(trojan.rules)


 [---]         Removed rules:         [---]

  2804544 - ETPRO TROJAN W32/Autorun.worm.aa Checkin (trojan.rules)
  2806050 - ETPRO TROJAN W32/Zbot.ANM!tr Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140331/afa335e5/attachment.html>


More information about the Emerging-updates mailing list