[Emerging-updates] Daily Ruleset Update Summary 2016/02/25

Francis Trudeau ftrudeau at emergingthreats.net
Thu Feb 25 17:55:28 EST 2016


 [***] Summary: [***]

 4 new Open signatures, 24 new Pro (4 + 20).  PadCrypt, Nymaim, Mbot.

 [+++]          Added rules:          [+++]

 Open:

  2022566 - ET CURRENT_EVENTS Possible Malicious Macro EXE DL
AlphaNumL (current_events.rules)
  2022567 - ET CURRENT_EVENTS Evil Redirect Leading to EK Feb 25 2016
(current_events.rules)
  2022568 - ET TROJAN Likely PadCrypt Locker PKG DL (trojan.rules)
  2022569 - ET TROJAN PadCrypt .onion Payment Domain (trojan.rules)

 Pro:

  2816378 - ETPRO TROJAN Successful Maersk Phishing Feb 25 (trojan.rules)
  2816379 - ETPRO TROJAN MBot CnC Checkin (trojan.rules)
  2816380 - ETPRO TROJAN Win32/Evotob.B Variant Checkin 2 (trojan.rules)
  2816381 - ETPRO TROJAN Win32/Evotob.B Variant Checkin 3 (trojan.rules)
  2816382 - ETPRO TROJAN Win32/Evotob.B Variant Checkin Response 2
(trojan.rules)
  2816383 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2016-02-25) (trojan.rules)
  2816384 - ETPRO TROJAN Win32/Kaicone.B Checkin 1 (trojan.rules)
  2816385 - ETPRO TROJAN Win32/Kaicone.B Checkin 2 (trojan.rules)
  2816386 - ETPRO TROJAN Win32/Kaicone.B User Agent (trojan.rules)
  2816387 - ETPRO MOBILE_MALWARE
Trojan-Dropper.AndroidOS.Guerrilla.pac Checkin (mobile_malware.rules)
  2816388 - ETPRO CURRENT_EVENTS Evil Redirector Leading to EK Feb 24
2016 (Evil Keitaro FB Set) (current_events.rules)
  2816389 - ETPRO CURRENT_EVENTS Evil Redirector Leading to EK EITest
Feb 25 (current_events.rules)
  2816390 - ETPRO MALWARE Liuliangbao.A Variant PUP Install Checkin
(malware.rules)
  2816391 - ETPRO TROJAN Java/Jacksbot CnC Beacon 2 (trojan.rules)
  2816392 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.gh
Exfiltration of SMS via SMTP (mobile_malware.rules)
  2816393 - ETPRO TROJAN Obfuscated Phishing Landing Feb 25 (trojan.rules)
  2816394 - ETPRO TROJAN Nymaim Checkin 5 (set) (trojan.rules)
  2816395 - ETPRO TROJAN Nymaim Checkin 5 (trojan.rules)
  2816396 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.hr
Checkin (mobile_malware.rules)
  2816397 - ETPRO TROJAN PadC_Downloader .onion Proxy Domain (trojan.rules)


 [///]     Modified active rules:     [///]

  2022535 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Dridex) (trojan.rules)
  2814022 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Leech.a
Checkin (mobile_malware.rules)
  2814881 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.hr
Checkin (mobile_malware.rules)


 [---]         Removed rules:         [---]

  2014856 - ET TROJAN FakeAvCn-A Checkin 2 (trojan.rules)


More information about the Emerging-updates mailing list