[Emerging-updates] Daily Ruleset Update Summary 2016/11/09

Francis Trudeau ftrudeau at emergingthreats.net
Wed Nov 9 18:10:42 EST 2016


 [***] Summary: [***]

 1 new Open signature, 22 new Pro (1 + 21).  Enigma Ransomware, Cerber, Banload.

 [+++]          Added rules:          [+++]

 Open:

  2023495 - ET CURRENT_EVENTS Possible Cartasi Phishing Domain Nov 8
(current_events.rules)

 Pro:

  2823174 - ETPRO TROJAN Enigma Ransomware Payment Domain (trojan.rules)
  2823175 - ETPRO TROJAN Win32/Banload.XRS Checkin (trojan.rules)
  2823176 - ETPRO TROJAN DNS Query to Cerber Domain (5tb8hy . bid)
(trojan.rules)
  2823177 - ETPRO TROJAN DNS Query to Cerber Domain (cto5ee . bid)
(trojan.rules)
  2823178 - ETPRO TROJAN DNS Query to Cerber Domain (fvzhoo . bid)
(trojan.rules)
  2823179 - ETPRO TROJAN DNS Query to Cerber Domain (bj64gv . bid)
(trojan.rules)
  2823180 - ETPRO TROJAN DNS Query to Cerber Domain (wasf56 . bid)
(trojan.rules)
  2823181 - ETPRO TROJAN DNS Query to Cerber Domain (fundpoem . mobi)
(trojan.rules)
  2823182 - ETPRO TROJAN DNS Query to Cerber Domain (sotn58 . bid)
(trojan.rules)
  2823183 - ETPRO TROJAN DNS Query to Cerber Domain (enanhb . bid)
(trojan.rules)
  2823184 - ETPRO TROJAN DNS Query to Cerber Domain (dierepair . top)
(trojan.rules)
  2823185 - ETPRO TROJAN DNS Query to Cerber Domain (26ahte . bid)
(trojan.rules)
  2823186 - ETPRO MOBILE_MALWARE Android.Trojan.Triada.CW Checkin
(mobile_malware.rules)
  2823187 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL
CnC Cert (mobile_malware.rules)
  2823188 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS
Lookup (mobile_malware.rules)
  2823189 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS
Lookup (mobile_malware.rules)
  2823190 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS
Lookup (mobile_malware.rules)
  2823191 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS
Lookup (mobile_malware.rules)
  2823192 - ETPRO MALWARE Win32/FileFinder.AJ Adware Activity (malware.rules)
  2823193 - ETPRO TROJAN Observed MalDoc Downloader SSL Cert Nov 09
(trojan.rules)
  2823194 - ETPRO TROJAN Win32/Enigma Ransomware Requesting Payload
(trojan.rules)



 [///]     Modified active rules:     [///]

  2820263 - ETPRO TROJAN Gozi ISFB CnC Checkin (trojan.rules)
  2823166 - ETPRO TROJAN August Stealer CnC Checkin (trojan.rules)
  2823170 - ETPRO CURRENT_EVENTS MalDoc Requesting Payload Nov 08
(current_events.rules)


 [---]  Disabled and modified rules:  [---]

  2822576 - ETPRO TROJAN StrongPity SSL Cert 2 (trojan.rules)


More information about the Emerging-updates mailing list