[prev in list] [next in list] [prev in thread] [next in thread]
List: emerging-sigs
Subject: [Emerging-Sigs] Daily Ruleset Update Summary 2015/06/30
From: Francis Trudeau <ftrudeau () emergingthreats ! net>
Date: 2015-06-30 21:14:13
Message-ID: CAA-Ja_58KLBd18S8esw2d9Ze5f1rZRLCwk6rQCbZ2dmusR0VpQ () mail ! gmail ! com
[Download RAW message or body]
[***] Summary: [***]
2 new Open signatures, 20 new Pro (2 + 18). Dridex, LockScreen.AVP,
AnimalFarm APT.
Thanks: Anthony Rodgers and @kafeine.
[+++] Added rules: [+++]
Open:
2021370 - ET TROJAN Dridex SSL Cert 30 June 2015 (trojan.rules)
2021371 - ET POLICY Possible External IP Lookup www.whatsmyip.us
(policy.rules)
Pro:
2811738 - ETPRO MALWARE Win32/Adload.hkra Checkin (malware.rules)
2811739 - ETPRO MOBILE_MALWARE Android/Qysly.A Checkin (mobile_malware.rules)
2811740 - ETPRO TROJAN LockScreen.AVP Downloader (trojan.rules)
2811741 - ETPRO MOBILE_MALWARE Android/SMSreg.KU Checkin 3
(mobile_malware.rules)
2811742 - ETPRO MALWARE Win32/TomorrowSoftware.Downloader PUP
Checkin (malware.rules)
2811748 - ETPRO WEB_SPECIFIC_APPS GeniXCMS register.php SQLi Attempt
(web_specific_apps.rules)
2811749 - ETPRO MALWARE W32.HfsAdware Checkin (malware.rules)
2811750 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.ep Checkin
3 (mobile_malware.rules)
2811751 - ETPRO TROJAN AnimalFarm APT Trojan CnC Beacon 2 (trojan.rules)
2811752 - ETPRO TROJAN CoinMiner Known malicious stratum authline
2015-06-30 (trojan.rules)
2811753 - ETPRO TROJAN Bitcoin miner known malicious basic auth
(bWFjaG94dGFjb18xOnBlcnNpYW5vaw==) (trojan.rules)
2811754 - ETPRO TROJAN Bitcoin miner known malicious basic auth
(MTFkaWd6YW50QGdtYWlsLmNvbTppZGRxZDY4NA==) (trojan.rules)
2811755 - ETPRO TROJAN Bitcoin miner known malicious basic auth
(bTFuM3JfQTphYWEzcmVsaXRl) (trojan.rules)
2811756 - ETPRO TROJAN Bitcoin miner known malicious basic auth
(aG9sYWtvOTNfaG9sYWtvOTM6cmVkZmllbGQ=) (trojan.rules)
2811757 - ETPRO TROJAN Bitcoin miner known malicious basic auth
(dG9wdGVzdHMuMzp4) (trojan.rules)
2811758 - ETPRO TROJAN Bitcoin miner known malicious basic auth
(UXVhbnR1bVdoaXNrZXkuY29rZToxMjM0) (trojan.rules)
2811759 - ETPRO TROJAN Bitcoin miner known malicious basic auth
(MUZIajNhc2pMZHhjN0V1Y1l0cEFydkRITUhkZVdZTlVuTjp4) (trojan.rules)
2811760 - ETPRO TROJAN Bitcoin miner known malicious basic auth
(cGFuZGE5MTFfcGFuZGFibHVlOnBhbmRhMQ==) (trojan.rules)
[///] Modified active rules: [///]
2020422 - ET TROJAN MultiPlug.J Checkin (trojan.rules)
2021369 - ET CURRENT_EVENTS Possible Upatre or Dyre SSL Cert June 29
2015 (current_events.rules)
[---] Removed rules: [---]
2002932 - ET MALWARE CWS Related Installer (malware.rules)
2021161 - ET POLICY External IP Lookup - whoer.net (policy.rules)
_______________________________________________
Emerging-sigs mailing list
Emerging-sigs@lists.emergingthreats.net
https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreats.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic