[Emerging-updates] Daily Ruleset Update Summary 2016/02/19

Will Metcalf wmetcalf at emergingthreatspro.com
Fri Feb 19 20:25:40 EST 2016


 [***]          Summary:          [***]

 15 new rules. PIVY, Onion Proxy, Phish, etc.

 [+++]          Added rules:          [+++]

  2816312 - ETPRO TROJAN MSIL/TrojanDownloader.Small.AFQ CnC Checkin
(trojan.rules)
  2816313 - ETPRO CURRENT_EVENTS Chalbhai Phishing Landing Feb 18
(current_events.rules)
  2816314 - ETPRO TROJAN Win32/Agent.XRA (Robo) Downloading Module 1
(trojan.rules)
  2816315 - ETPRO TROJAN Win32/Agent.XRA (Robo) Downloading Module 2
(trojan.rules)
  2816316 - ETPRO TROJAN Win32/Agent.XRA (Robo) DNS Lookup (trojan.rules)
  2816317 - ETPRO TROJAN Win32/Agent.XRA (Robo) DNS Lookup (trojan.rules)
  2816318 - ETPRO TROJAN Win32/Agent.XRA (Robo) DNS Lookup (trojan.rules)
  2816319 - ETPRO POLICY DNS Query to .onion proxy Domain (torsatellite.ch)
(policy.rules)
  2816320 - ETPRO POLICY DNS Query to .onion proxy Domain (toradapter.ch)
(policy.rules)
  2816321 - ETPRO TROJAN PoisonIvy Keepalive to CnC 299 (trojan.rules)
  2816322 - ETPRO TROJAN PoisonIvy Keepalive to CnC 300 (trojan.rules)
  2816323 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2016-02-19 1) (trojan.rules)
  2816324 - ETPRO TROJAN Encryptor Raas Variant .onion Proxy Domain
(trojan.rules)
  2816325 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Ciban.a Checkin
(mobile_malware.rules)
  2816326 - ETPRO MOBILE_MALWARE Android/AdDisplay.Kuguo.AA Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  Open:
  2022505 - ET TROJAN W32/Gaudox Checkin (trojan.rules)
  2022535 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Dridex) (trojan.rules)
  2022538 - ET TROJAN Ransomware Locky CnC Beacon (trojan.rules)

  Pro:
  2815852 - ETPRO MALWARE Win32/Adware.HPDefender.D Checkin (malware.rules)
  2816302 - ETPRO TROJAN Evil Redirector to EK SSL Cert (trojan.rules)
  2816303 - ETPRO TROJAN Evil Redirector to EK SSL Cert (trojan.rules)
  2816304 - ETPRO TROJAN Evil Redirector to EK SSL Cert (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20160219/4d1f50c6/attachment.html>


More information about the Emerging-updates mailing list