[***] Summary: [***]
5 new Open rules. 13 new Pro rules (5/8). Urausy, SofosFO,Sibhost, Tor2web, etc.
[+++] Added rules: [+++]
Open:
2016806 – ET CURRENT_EVENTS Tor2Web .onion Proxy Service SSL Cert (1) (current_events.rules)
2016807 – ET CURRENT_EVENTS Eval With Base64.decode seen in DOL Watering Hole Attack 05/01/13 (current_events.rules)
2016808 – ET TROJAN Cookies/Cookiebag Checkin (trojan.rules)
2016809 – ET TROJAN Win32/Urausy.C Checkin 3 (trojan.rules)
2016810 – ET CURRENT_EVENTS Tor2Web .onion Proxy Service SSL Cert (2) (current_events.rules)
Pro:
2806312 – ETPRO TROJAN Win32/Spy.Bancos.OUH Checkin (trojan.rules)
2806313 – ETPRO TROJAN Win32/Injector.AEDM Checkin (trojan.rules)
2806314 – ETPRO TROJAN Trojan.Win32.Bublik.apst Checkin (trojan.rules)
2806315 – ETPRO MOBILE_MALWARE Trojan.AndroidOS.Iconosys.a Checkin 2 (mobile_malware.rules)
2806316 – ETPRO TROJAN Trojan.Letsgo Checkin (trojan.rules)
2806317 – ETPRO TROJAN Trojan.Foxy Checkin (trojan.rules)
2806318 – ETPRO TROJAN Downloader.BMP Checkin 1 (trojan.rules)
2806319 – ETPRO TROJAN Downloader.BMP Checkin 2 (trojan.rules)
[///] Modified active rules: [///]
2007661 – ET TROJAN Hupigon User Agent Detected (RAV1.23) (trojan.rules)
2015974 – ET CURRENT_EVENTS Sibhost Status Check (current_events.rules)
2016567 – ET TROJAN Win32/Urausy.C Checkin 2 (trojan.rules)
2016706 – ET CURRENT_EVENTS SofosFO/NeoSploit possible second stage landing page (1) (current_events.rules)