[Emerging-updates] Daily Ruleset Update Summary 2016/08/04

Francis Trudeau ftrudeau at emergingthreats.net
Thu Aug 4 18:23:57 EDT 2016


 [***] Summary: [***]

 25 new Pro signatures.  Orcus RAT, PoisonIvy.

 [+++]          Added rules:          [+++]

  2821475 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Hiddapp.l Checkin
(mobile_malware.rules)
  2821476 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Hiddapp.l Checkin 2
(mobile_malware.rules)
  2821477 - ETPRO TROJAN PoisonIvy Keepalive to CnC 465 (trojan.rules)
  2821478 - ETPRO TROJAN Orcus RAT SSL Certificate (trojan.rules)
  2821479 - ETPRO MOBILE_MALWARE Android/Agent.YF Checkin
(mobile_malware.rules)
  2821480 - ETPRO POLICY DNS Query to .onion proxy Domain (fewbreaks. club)
(policy.rules)
  2821481 - ETPRO POLICY DNS Query to .onion proxy Domain (fishtotal. bid)
(policy.rules)
  2821482 - ETPRO POLICY DNS Query to .onion proxy Domain (flewleast. link)
(policy.rules)
  2821483 - ETPRO POLICY DNS Query to .onion proxy Domain (flyingsix. red)
(policy.rules)
  2821484 - ETPRO POLICY DNS Query to .onion proxy Domain (folkturns. date)
(policy.rules)
  2821485 - ETPRO POLICY DNS Query to .onion proxy Domain (g9tneb. top)
(policy.rules)
  2821486 - ETPRO POLICY DNS Query to .onion proxy Domain (gameswarm. loan)
(policy.rules)
  2821487 - ETPRO POLICY DNS Query to .onion proxy Domain (gc4n2c. top)
(policy.rules)
  2821488 - ETPRO POLICY DNS Query to .onion proxy Domain (gnee6i. top)
(policy.rules)
  2821489 - ETPRO POLICY DNS Query to .onion proxy Domain (gonesolve. lol)
(policy.rules)
  2821490 - ETPRO POLICY DNS Query to .onion proxy Domain (gpy3tc. top)
(policy.rules)
  2821491 - ETPRO POLICY DNS Query to .onion proxy Domain (groupline. info)
(policy.rules)
  2821492 - ETPRO POLICY DNS Query to .onion proxy Domain (gtnfgj. top)
(policy.rules)
  2821493 - ETPRO POLICY DNS Query to .onion proxy Domain (hf60kb. top)
(policy.rules)
  2821494 - ETPRO POLICY DNS Query to .onion proxy Domain (hw7o9w. top)
(policy.rules)
  2821495 - ETPRO POLICY DNS Query to .onion proxy Domain (iixz3g. top)
(policy.rules)
  2821496 - ETPRO POLICY DNS Query to .onion proxy Domain (innerband. lol)
(policy.rules)
  2821497 - ETPRO POLICY DNS Query to .onion proxy Domain (jn8ncm. top)
(policy.rules)
  2821498 - ETPRO POLICY DNS Query to .onion proxy Domain (jumplived. in)
(policy.rules)
  2821499 - ETPRO POLICY DNS Query to .onion proxy Domain (k9z7pm. top)
(policy.rules)


 [///]     Modified active rules:     [///]

  2808129 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.gl Checkin
(mobile_malware.rules)
  2810626 - ETPRO TROJAN JavaScript Backdoor CnC Beacon M2 (b64 1)
(trojan.rules)
  2810627 - ETPRO TROJAN JavaScript Backdoor CnC Beacon M2 (b64 2)
(trojan.rules)
  2810628 - ETPRO TROJAN JavaScript Backdoor CnC Beacon M2 (b64 3)
(trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20160804/6da1c4d8/attachment.html>


More information about the Emerging-updates mailing list