[Emerging-updates] Daily Ruleset Update Summary 2016/02/23

Francis Trudeau ftrudeau at emergingthreats.net
Tue Feb 23 18:04:39 EST 2016


 [***] Summary: [***]

 3 new Open signatures, 18 new Pro (3 + 15).  PoisonIvy,
TeslaCrypt/AlphaCrypt, Ursnif, Carbanak, Bladabindi/njRat.

 [+++]          Added rules:          [+++]

 Open:

  2022561 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment
Domain(xlowfznrg4wf7dli) (trojan.rules)
  2022562 - ET MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy
Domain (mobile_malware.rules)
  2022563 - ET MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy
Domain 2 (mobile_malware.rules)

 Pro:

  2816343 - ETPRO CURRENT_EVENTS Successful Dynamic Folder Phishing
Feb 23 (current_events.rules)
  2816344 - ETPRO MOBILE_MALWARE Android.Riskware.SMSSend.gRJR Checkin
(mobile_malware.rules)
  2816345 - ETPRO MOBILE_MALWARE Android.Trojan.FakeInst.BX Checkin 5
(mobile_malware.rules)
  2816346 - ETPRO CURRENT_EVENTS Am3Refh Obfuscated Phishing Landing
Feb 22 (current_events.rules)
  2816347 - ETPRO CURRENT_EVENTS Successful Apple Phish Feb 22 M1
(current_events.rules)
  2816348 - ETPRO CURRENT_EVENTS Successful Apple Phish Feb 22 M2
(current_events.rules)
  2816354 - ETPRO TROJAN Bladabindi/njRat Variant CnC Checkin (trojan.rules)
  2816355 - ETPRO MOBILE_MALWARE Android.Monitor.SpyApp.D Checkin
(mobile_malware.rules)
  2816356 - ETPRO TROJAN W32/Carbanak.A CnC Beacon (trojan.rules)
  2816357 - ETPRO TROJAN PoisonIvy Keepalive to CnC 302 (trojan.rules)
  2816358 - ETPRO TROJAN PoisonIvy Keepalive to CnC 303 (trojan.rules)
  2816359 - ETPRO TROJAN Ursnif Inject CnC Request 2 (trojan.rules)
  2816360 - ETPRO TROJAN Ursnif Inject CnC Response 1 (trojan.rules)
  2816361 - ETPRO TROJAN Ursnif Inject CnC Response 2 (trojan.rules)
  2816362 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.ds Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2015898 - ET INFO Suspicious Windows NT version 1 User-Agent (info.rules)
  2021418 - ET TROJAN Bedep HTTP POST CnC Beacon (trojan.rules)
  2021718 - ET TROJAN Bedep HTTP POST CnC Beacon 2 (trojan.rules)
  2021747 - ET TROJAN Backdoor.Win32.Spy.Pavica.O/TVRat Checkin (trojan.rules)
  2022550 - ET CURRENT_EVENTS Possible Malicious Macro DL EXE Feb 2016
(current_events.rules)
  2808270 - ETPRO TROJAN Win32.Trojan.Hijacker.Akym Checkin (trojan.rules)
  2815175 - ETPRO TROJAN Ursnif Inject CnC (trojan.rules)


More information about the Emerging-updates mailing list