[Emerging-updates] Live Commit Output

emerging@emergingthreats.net emerging at emergingthreats.net
Wed Nov 12 11:05:57 EST 2008


[***] Results from Oinkmaster started Wed Nov 12 11:05:57 2008 [***]

[+++]          Added rules:          [+++]

 2008768 - ET CURRENT_EVENTS Unknown Trojan P2P Initial Checkin (emerging.rules)
 2008769 - ET CURRENT_EVENTS Unknown Trojan P2P Initial Checkin Response (emerging.rules)
 2008770 - ET CURRENT_EVENTS Unknown Trojan P2P Data Download (emerging.rules)
 2008771 - ET CURRENT_EVENTS Unknown Trojan P2P Download Request (emerging.rules)
 2008772 - ET CURRENT_EVENTS Unknown Trojan P2P Request (emerging.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (5):
        2008768 || ET CURRENT_EVENTS Unknown Trojan P2P Initial Checkin
        2008769 || ET CURRENT_EVENTS Unknown Trojan P2P Initial Checkin Response
        2008770 || ET CURRENT_EVENTS Unknown Trojan P2P Data Download
        2008771 || ET CURRENT_EVENTS Unknown Trojan P2P Download Request
        2008772 || ET CURRENT_EVENTS Unknown Trojan P2P Request

     -> Added to emerging-sid-msg.map.txt (5):
        2008768 || ET CURRENT_EVENTS Unknown Trojan P2P Initial Checkin
        2008769 || ET CURRENT_EVENTS Unknown Trojan P2P Initial Checkin Response
        2008770 || ET CURRENT_EVENTS Unknown Trojan P2P Data Download
        2008771 || ET CURRENT_EVENTS Unknown Trojan P2P Download Request
        2008772 || ET CURRENT_EVENTS Unknown Trojan P2P Request

     -> Added to emerging.rules (5):
        #from Vienna with love
        #re 60fa2ff79411dd1cb829e8a966aa86fc
        #Unknown so far, no AV coverage, appears to be peer to peer
        #moves to 7090 in samples
        #moved to 5622 in samples



More information about the Emerging-updates mailing list