[Emerging-updates] Daily Ruleset Update Summary 2016/02/04

Francis Trudeau ftrudeau at emergingthreats.net
Thu Feb 4 17:25:52 EST 2016


 [***] Summary: [***]

 5 new Open signatures, 16 new Pro (5 + 11).  NanoCore, Dridex,
TeslaCrypt/AlphaCrypt.

 Thanks: @jaimeblascob & @rmkml.

 [+++]          Added rules:          [+++]

 Open:

  2022488 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Quakbot CnC) (trojan.rules)
  2022489 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Dridex) (trojan.rules)
  2022490 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment
Domain(yez2o5lwqkmlv5lc) (trojan.rules)
  2022491 - ET TROJAN Download Request Containing Suspicious Filename
- Crypted (trojan.rules)
  2022492 - ET TROJAN Win32/Fluxer CnC Checkin (trojan.rules)

 Pro:

  2816079 - ETPRO TROJAN Dridex Downloader SSL Cert (trojan.rules)
  2816080 - ETPRO TROJAN NanoCore RAT CnC 5 (trojan.rules)
  2816081 - ETPRO TROJAN NanoCore RAT CnC 6 (trojan.rules)
  2816082 - ETPRO TROJAN Malicious SSL certificate detected (Ursnif
Injects) (trojan.rules)
  2816083 - ETPRO TROJAN Malicious SSL certificate detected (Ursnif
Injects) (trojan.rules)
  2816084 - ETPRO MALWARE PUP/DriverRestore Sending System Information
to Affiliate (malware.rules)
  2816085 - ETPRO MALWARE MSIL/Adload.AT Beacon (malware.rules)
  2816086 - ETPRO CURRENT_EVENTS Base64 Javascript URL Refresh -
Common Phish Landing Obfuscation Feb 4 (current_events.rules)
  2816087 - ETPRO TROJAN Win32/Uloz Botnet Filename Generator (trojan.rules)
  2816088 - ETPRO MALWARE MSIL/Adload.AT Beacon (malware.rules)
  2816090 - ETPRO TROJAN Unknown AutoHotKey Malware Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  2811882 - ETPRO CURRENT_EVENTS Angler EK Flash Exploit (IE) Jun 16
M1 T3 (current_events.rules)
  2812245 - ETPRO CURRENT_EVENTS Angler EK Flash Exploit (IE) Jun 16
M1  T1 (current_events.rules)
  2815938 - ETPRO TROJAN Win32.Banbra.bkbw Checkin (trojan.rules)


 [---]         Removed rules:         [---]

  2019469 - ET TROJAN APT.Fexel Checkin (trojan.rules)


More information about the Emerging-updates mailing list