[Emerging-updates] Daily Ruleset Update Summary 05/29/2014

Francis Trudeau ftrudeau at emergingthreats.net
Thu May 29 18:34:25 EDT 2014


 [***] Summary: [***]

 1 new Open rule, 5 new Pro (1+4).  Win32.Genome, Win32.SquareNet,
Win32.KRBanker.

 [+++]          Added rules:          [+++]

Open:

  2018507 - ET TROJAN Trojan-Dropper.Win32.Agent.ksja (trojan.rules)

Pro:

  2808093 - ETPRO TROJAN Trojan-Downloader.Win32.Genome.gxkt Checkin
(trojan.rules)
  2808094 - ETPRO MALWARE Win32/SquareNet.A Checkin 2 (malware.rules)
  2808095 - ETPRO TROJAN Trojan/W32.KRBanker.60928.C Checkin (trojan.rules)
  2808096 - ETPRO MALWARE Win32/Bundlore.D Checkin (malware.rules)


 [///]     Modified active rules:     [///]

  2002019 - ET MALWARE jmnad1.com Spyware Install (1) (malware.rules)
  2003337 - ET MALWARE Suspicious User Agent (Autoupdate) (malware.rules)
  2014337 - ET CURRENT_EVENTS RogueAV Wordpress Injection Campaign
Compromised Page Served to Local Client (current_events.rules)
  2017588 - ET MOBILE_MALWARE Android/Opfake.A Country CnC Beacon
(mobile_malware.rules)
  2018424 - ET TROJAN W32/MadnessPro.DDOSBot CnC Beacon (trojan.rules)
  2018505 - ET CURRENT_EVENTS food.com compromise hostile JavaScript gate
(current_events.rules)
  2806842 - ETPRO TROJAN Win32/Agent.UZD/Socks5systemz Checkin
(trojan.rules)


 [---]         Removed rules:         [---]

  2003637 - ET TROJAN Inject.BV Trojan User Agent Detected (faserx)
(trojan.rules)
  2007286 - ET TROJAN Feral Checkin via HTTP (trojan.rules)
  2008532 - ET TROJAN Bifrose Connect to Controller (variant 2)
(trojan.rules)
  2008664 - ET TROJAN Generic Dropper HTTP Bot grabbing config
(trojan.rules)
  2009814 - ET TROJAN Downloader (Win32.Doneltart) Checkin - HTTP GET
(trojan.rules)
  2013191 - ET CURRENT_EVENTS Client Visiting cssminibar.js Injected
Website Malware Related (current_events.rules)
  2013424 - ET TROJAN W32/UFR POST to CnC (trojan.rules)
  2015833 - ET TROJAN Citadel API Access Video Controller (Outbound)
(trojan.rules)
  2805832 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.FA /
Trojan-SMS.AndroidOS.Opfake.a Checkin (mobile_malware.rules)
  2806126 - ETPRO CURRENT_EVENTS Request to malicious land.php mobile
drive-by landing (current_events.rules)
  2806140 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.a Checkin 4
(mobile_malware.rules)
  2807746 - ETPRO TROJAN Trojan-Spy.Win32.Zbot.rptb Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140529/c66df204/attachment.html>


More information about the Emerging-updates mailing list