[Oisf-users] Daily Ruleset Update Summary 2016/04/21
Francis Trudeau
ftrudeau at emergingthreats.net
Thu Apr 21 20:58:38 UTC 2016
[***] Summary: [***]
1 new Open signature, 19 new Pro (1 + 18). Browlock, Nuclear EK, Ursnif.
[+++] Added rules: [+++]
Open:
2022752 - ET CURRENT_EVENTS Evil Redirector Leading to EK Apr 21 2016 M2
(current_events.rules)
Pro:
2819883 - ETPRO CURRENT_EVENTS Browlock Landing Page Apr 21
(current_events.rules)
2819884 - ETPRO POLICY IP Check smart-ip.net HTTP (policy.rules)
2819885 - ETPRO TROJAN Backdoor.Win32.Mokes.vpf CnC Beacon (trojan.rules)
2819886 - ETPRO TROJAN Backdoor.Win32.Mokes.vpf CnC Beacon Response
(trojan.rules)
2819887 - ETPRO CURRENT_EVENTS Possible Nuclear EK Payload VarLen XOR
(Nulls) M2 Apr 20 2016 (current_events.rules)
2819888 - ETPRO TROJAN Andr/InfoStl-AU .onion Proxy Domain (trojan.rules)
2819889 - ETPRO TROJAN Ursnif Variant C2 (trojan.rules)
2819890 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.CM Checkin 2
(mobile_malware.rules)
2819891 - ETPRO MALWARE W32/Unknown Reporting System Info (malware.rules)
2819892 - ETPRO MOBILE_MALWARE PUP Android/Igexin.B Checkin
(mobile_malware.rules)
2819893 - ETPRO TROJAN Backdoor.Win32.Mokes.vpf .onion Proxy Domain
(trojan.rules)
2819894 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Tiny.bw Checkin
(mobile_malware.rules)
2819895 - ETPRO TROJAN PoisonIvy Keepalive to CnC 313 (trojan.rules)
2819896 - ETPRO CURRENT_EVENTS Successful Zoom Phish Apr 21
(current_events.rules)
2819897 - ETPRO CURRENT_EVENTS Successful Scotia Bank Phish Apr 21
(current_events.rules)
2819898 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.dt Checkin
(mobile_malware.rules)
2819899 - ETPRO TROJAN CoinMiner Known malicious stratum authline
(2016-04-21 1) (trojan.rules)
2819900 - ETPRO CURRENT_EVENTS Evil Redirector Leading to EK Apr 21 2016
(current_events.rules)
[///] Modified active rules: [///]
2816204 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.CM Checkin
(mobile_malware.rules)
2816395 - ETPRO TROJAN Nymaim Checkin 5 (trojan.rules)
2816404 - ETPRO CURRENT_EVENTS Evil Redirector Leading to EK Feb 26 2016
(current_events.rules)
2816669 - ETPRO TROJAN W32/Nymaim Checkin 7 (trojan.rules)
2819805 - ETPRO TROJAN CryptXXX Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160421/bd34f5da/attachment.html>
More information about the Oisf-users
mailing list