Quantcast
Channel: Blog
Viewing all articles
Browse latest Browse all 489

Daily Ruleset Update Summary 01/27/2014

January 27, 2014, 3:35 pm
$
0
0

[***] Summary: [***]

13 new Open rules, 26 new Pro rules (13/13). Various Android, Genome, Limitless Logger, BettrExperience Adware.

Thanks to @EKwatcher and Kevin Ross for their contributions.

[+++] Added rules: [+++]

Open:

2018015 – ET TROJAN Limitless Logger Sending Data over SMTP (trojan.rules)
2018016 – ET TROJAN Limitless Logger Sending Data over SMTP 2 (trojan.rules)
2018017 – ET TROJAN Predator Logger Sending Data over SMTP (trojan.rules)
2018018 – ET TROJAN Win32/Antilam.2_0 Sending Data over SMTP (trojan.rules)
2018019 – ET TROJAN Win32.WinSpy.pob Sending Data over SMTP (trojan.rules)
2018020 – ET TROJAN Win32.WinSpy.pob Sending Data over SMTP 2 (trojan.rules)
2018021 – ET POLICY myip.ru IP lookup (policy.rules)
2018022 – ET TROJAN Possible Win32/Dimegup.A Downloading Image Common URI Struct (trojan.rules)
2018023 – ET TROJAN W32/LockscreenBEI.Scareware Cnc Beacon (trojan.rules)
2018024 – ET MALWARE W32/BettrExperience.Adware Initial Checkin (malware.rules)
2018025 – ET MALWARE W32/BettrExperience.Adware POST Checkin (malware.rules)
2018026 – ET MALWARE W32/BettrExperience.Adware Update Checkin (malware.rules)
2018027 – ET TROJAN Win32/Xtrat C2 Response (trojan.rules)

Pro:

2807540 – ETPRO TROJAN Net-Worm.Win32.Allaple Checkin (trojan.rules)
2807541 – ETPRO TROJAN Trojan.Win32.Kargatroj.a Checkin (trojan.rules)
2807542 – ETPRO MOBILE_MALWARE Trojan.Android/Fakeinst.DD Checkin (mobile_malware.rules)
2807543 – ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Pincer.a Checkin (mobile_malware.rules)
2807544 – ETPRO TROJAN Android.Fakebank.B Checkin (trojan.rules)
2807545 – ETPRO TROJAN Backdoor.Win32.Cmjspy.aw Checkin (trojan.rules)
2807546 – ETPRO TROJAN DDoS.Win32/Nitol.gen!A Checkin 2 (trojan.rules)
2807547 – ETPRO TROJAN Downloader.Win32.Genome.fvmi Checkin (trojan.rules)
2807548 – ETPRO TROJAN Win32.VJadtre.2 Checkin (trojan.rules)
2807549 – ETPRO TROJAN Zeleffo Checkin (trojan.rules)
2807550 – ETPRO TROJAN DDoS.Win32/Nitol.B Checkin 3 (trojan.rules)
2807551 – ETPRO TROJAN Backdoor.PcClient.1 Checkin (trojan.rules)
2807552 – ETPRO MALWARE Win32/Polip.A Checkin (malware.rules)
[///] Modified active rules: [///]

2008034 – ET TROJAN LDPinch SMTP Password Report (trojan.rules)
2016275 – ET TROJAN Win32/Xtrat.A Checkin (trojan.rules)
2803980 – ETPRO TROJAN Backdoor.Win32.Salamdom!IK Checkin 2 (trojan.rules)
2804065 – ETPRO TROJAN Win32/PcClient.CM CnC Traffic (trojan.rules)
2807426 – ETPRO TROJAN Trojan.Win32.Badur.gboh Download (trojan.rules)
[---] Disabled and modified rules: [---]

2017982 – ET MALWARE Suspicious User-Agent 100 non-printable char (malware.rules)
[---] Removed rules: [---]

2018009 – ET CURRENT_EVENTS SUSPICIOUS HTTP Request to .bit domain (current_events.rules)

 

Search
Viewing all articles
Browse latest Browse all 489
Search