Ruleset Update Summary - 2023/05/17 - v10325

rulesbot · May 17, 2023, 9:37pm

Summary:

12 new OPEN, 12 new PRO (12 + 0)

Thanks @phage_nz

2045743 - ET INFO DYNAMIC_DNS Query to a *.zoho .to Domain (info.rules)
2045744 - ET INFO DYNAMIC_DNS HTTP Request to a *.zoho .to Domain (info.rules)
2045745 - ET INFO DYNAMIC_DNS Query to a *.mw .nom .za Domain (info.rules)
2045746 - ET INFO DYNAMIC_DNS HTTP Request to a *.mw .nom .za Domain (info.rules)
2045747 - ET INFO DYNAMIC_DNS Query to a *.thebranleur .com Domain (info.rules)
2045748 - ET INFO DYNAMIC_DNS HTTP Request to a *.thebranleur .com Domain (info.rules)
2045749 - ET INFO DYNAMIC_DNS Query to a *.nda .dj Domain (info.rules)
2045750 - ET INFO DYNAMIC_DNS HTTP Request to a *.nda .dj Domain (info.rules)
2045751 - ET MALWARE Win32/Amadey Bot Activity (POST) M2 (malware.rules)
2045752 - ET MALWARE Win32/Amadey Payload Request (GET) (malware.rules)
2045753 - ET MALWARE Camaro Dragon APT - Horse Shell CnC Checkin (malware.rules)
2045754 - ET MALWARE Win32/Packed.BlackMoon.A Variant Checkin (malware.rules)

2015594 - ET MALWARE FinFisher Malware Connection Initialization (malware.rules)
2038989 - ET MALWARE Lockbit Ransomware Related Domain in DNS Lookup (ppaauuaa11232 .cc) (malware.rules)
2039018 - ET MALWARE DNSBin Demo (requestbin .net) - Data Exfil (malware.rules)
2806135 - ETPRO POLICY file sharing service putlocker.com file download (policy.rules)

Topic	Replies	Views
Ruleset Update Summary - 2024/01/26 - v10515 Ruleset Updates	211	January 26, 2024
Ruleset Update Summary - 2023/07/25 - v10379 Ruleset Updates	288	July 25, 2023
Ruleset Update Summary - 2024/11/27 - v10755 Ruleset Updates	26	November 27, 2024
Ruleset Update Summary - 2024/07/08 - v10640 Ruleset Updates	144	July 8, 2024
Ruleset Update Summary - 2023/11/15 - v10466 Ruleset Updates	545	November 15, 2023