Quantcast
Channel: Blog
Viewing all articles
Browse latest Browse all 489

Daily Ruleset Update Summary 09/16/2014

September 16, 2014, 2:38 pm
$
0
0

[***] Summary: [***]

9 new Open signatures, 19 new Pro (9+10). Fiesta EK, Hupigon, Various Android, Dyre SSL certs.

Thanks: tdzmont, Kevin Ross and @MalwareSigs

[+++] Added rules: [+++]

Open:

2019178 – ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 16 2014 (current_events.rules)
2019179 – ET TROJAN MSIL/Spy.RapidStealer.B Checkin (trojan.rules)
2019180 – ET CURRENT_EVENTS Malvertising Leading to EK Aug 19 2014 M4 (current_events.rules)
2019181 – ET CURRENT_EVENTS Possible Android CVE-2014_6041 (current_events.rules)
2019182 – ET WEB_SERVER HTTP POST Generic eval of base64_decode (web_server.rules)
2019183 – ET CURRENT_EVENTS Fiesta EK Gate (current_events.rules)
2019184 – ET CURRENT_EVENTS Fiesta EK Silverlight Based Redirect (current_events.rules)
2019185 – ET CURRENT_EVENTS Nuclear EK Gate Sep 16 2014 (current_events.rules)
2019186 – ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 16 2014 (current_events.rules)

Pro:

2808815 – ETPRO TROJAN Trojan.Rontokbro C2 (trojan.rules)
2808816 – ETPRO TROJAN Win32/Cendelf.gen!A Dropping Files (trojan.rules)
2808817 – ETPRO TROJAN Win32.Chifrax Variant C2 (trojan.rules)
2808818 – ETPRO MALWARE Riskware/EliteKeylogger checkin (malware.rules)
2808819 – ETPRO TROJAN Win32.Hupigon.cbtep Checkin (trojan.rules)
2808820 – ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.aq Checkin (mobile_malware.rules)
2808821 – ETPRO TROJAN Win32.IRCBot Variant C2 (trojan.rules)
2808822 – ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.a Checkin 4 (mobile_malware.rules)
2808823 – ETPRO TROJAN Gozi/Ursnif/Papras SSL Cert (trojan.rules)
2808824 – ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Stealer.a Checkin 3 (mobile_malware.rules)
[///] Modified active rules: [///]

2017667 – ET CURRENT_EVENTS Nuclear EK Payload URI Struct Nov 05 2013 (current_events.rules)
2018979 – ET TROJAN Miras C2 Activity (trojan.rules)
2019143 – ET MALWARE PUP Win32.SoftPulse Retrieving data (malware.rules)
2805882 – ETPRO MOBILE_MALWARE Android/JSmsHider.B Checkin (mobile_malware.rules)
2806877 – ETPRO MOBILE_MALWARE Android/TheftSpy.C Checkin (mobile_malware.rules)
2808670 – ETPRO TROJAN POSCARDSTEALER.Q Checkin (trojan.rules)
2808791 – ETPRO TROJAN Win32/Xymne Checkin (trojan.rules)
[---] Disabled and modified rules: [---]

2018171 – ET CURRENT_EVENTS Angler Landing Page Feb 24 2014 (current_events.rules)
[---] Removed rules: [---]

2805319 – ETPRO NETBIOS Microsoft Remote Administration Protocol Windows XP NetServerEnum API Heap Buffer Overflow (netbios.rules)

The post Daily Ruleset Update Summary 09/16/2014 appeared first on Emerging Threats.

Search
Viewing all articles
Browse latest Browse all 489
Search