[***] Summary: [***]
6 new Open rules, 21 new Pro (6/15). Various Android, BKDR_SLOTH.A, PCRat/Gh0st.
Thanks: @kafeine @EKwatcher
[+++] Added rules: [+++]
2018284 – ET TROJAN Self-Signed Cert Observed in Various Zbot Strains (trojan.rules)
2018285 – ET TROJAN BKDR_SLOTH.A Checkin (trojan.rules)
2018286 – ET CURRENT_EVENTS EMET.DLL in jjencode (current_events.rules)
2018287 – ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 31 (trojan.rules)
2018288 – ET CURRENT_EVENTS Joomla 3.2.1 SQL injection attempt (current_events.rules)
2018289 – ET CURRENT_EVENTS Joomla 3.2.1 SQL injection attempt 2 (current_events.rules)
Pro:
2807835 – ETPRO TROJAN Win32/Small.HK Checkin (trojan.rules)
2807836 – ETPRO TROJAN Backdoor.Win32.Pahador Checkin via Gadu-Gadu (trojan.rules)
2807837 – ETPRO TROJAN Trojan-Spy.Win32.Polyatroj.pej Checkin via Gadu-Gadu (trojan.rules)
2807838 – ETPRO TROJAN Win32/Prosti.L Checkin via Gadu-Gadu (trojan.rules)
2807839 – ETPRO TROJAN Backdoor.Win32.Delf.arb Checkin via Gadu-Gadu (trojan.rules)
2807840 – ETPRO TROJAN Unknown Backdoor Checkin via Gadu-Gadu (trojan.rules)
2807841 – ETPRO TROJAN Trojan-Spy.Win32.KeyLogger.tr via Gadu-Gadu (trojan.rules)
2807842 – ETPRO TROJAN Win32/Jevafus.A Checkin (trojan.rules)
2807843 – ETPRO TROJAN Win32/Shoco.C Checkin (trojan.rules)
2807844 – ETPRO TROJAN Win32/Netins.A Checkin (trojan.rules)
2807846 – ETPRO MOBILE_MALWARE Android.Trojan.Adaln.A Checkin (mobile_malware.rules)
2807847 – ETPRO MOBILE_MALWARE Android.Trojan.Adaln.A Checkin 2 (mobile_malware.rules)
2807848 – ETPRO MOBILE_MALWARE Android.Trojan.Adaln.A Checkin 3 (mobile_malware.rules)
2807849 – ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.AAE Checkin (mobile_malware.rules)
[///] Modified active rules: [///]
2008299 – ET CHAT GaduGadu Chat Server Login OK Packet (chat.rules)
2016251 – ET TROJAN Win32/Emold.C Checkin (trojan.rules)
2017992 – ET TROJAN Win32/OutBrowse.G Variant Checkin (trojan.rules)
2804323 – ETPRO TROJAN Win32/Ransom.EJ checkin (trojan.rules)
2805110 – ETPRO TROJAN Trojan-Downloader.Banload Chekin (trojan.rules)
2805645 – ETPRO TROJAN TROJ_GEN.F47V1005 CnC traffic (trojan.rules)
2806475 – ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Obad.a Checkin (mobile_malware.rules)
2807045 – ETPRO TROJAN Trojan.Win32.Agent.aapnf Report via SMTP (trojan.rules)
2807486 – ETPRO TROJAN Worm.Win32/Mamianune.gen spreading via SMTP (trojan.rules)
2807506 – ETPRO TROJAN Win32.Foreign.jowy 1 (trojan.rules)