Ruleset Update Summary - 2024/09/12 - v10689

Summary:

0 new OPEN, 0 new PRO (0 + 0)


Modified inactive rules:

  • 2009896 - ET MALWARE Win32/Winwebsec User-Agent Detected (malware.rules)
  • 2012828 - ET MALWARE Win32/Rimecud download (malware.rules)
  • 2013723 - ET MALWARE Win32/Daemonize Trojan Proxy Initial Checkin (malware.rules)
  • 2013951 - ET MALWARE Win32/Rimecud.A User-Agent (needit) (malware.rules)
  • 2013953 - ET MALWARE Win32/Rimecud.A User-Agent (counters) (malware.rules)
  • 2013954 - ET MALWARE Win32/Rimecud.A User-Agent (giftz) (malware.rules)
  • 2014055 - ET MALWARE Win32/Hilgild!gen.A CnC Communication (malware.rules)
  • 2014146 - ET MALWARE Win32/Spy.Banker Reporting Via SMTP (malware.rules)
  • 2014361 - ET MALWARE Win32/Protux.B Download Update (malware.rules)
  • 2014616 - ET MALWARE Win32/Usteal.B Checkin (malware.rules)
  • 2014957 - ET MALWARE Backdoor Win32/Hupigon.CK Client Idle (malware.rules)
  • 2018018 - ET MALWARE Win32/Antilam.2_0 Sending Data over SMTP (malware.rules)
  • 2018616 - ET MALWARE Win32/Sharik C2 Incoming Crafted Request (malware.rules)
  • 2019519 - ET MALWARE Win32/Chanitor.A DNS Lookup (malware.rules)
  • 2019710 - ET MALWARE VBS/Autorun.J Checkin (malware.rules)
  • 2019909 - ET MALWARE Win32/Critroni Tor DNS Proxy lookup (malware.rules)
  • 2020025 - ET MALWARE Win32/Spy.Agent.OHT - AnunakAPT TCP Checkin 2 (malware.rules)
  • 2020222 - ET MALWARE Win32/Nitol.A Checkin M2 (malware.rules)
  • 2020671 - ET MALWARE Win32/Rofin.A CnC traffic (OUTBOUND) (malware.rules)
  • 2021930 - ET MALWARE MSIL/Banker.M Requesting Binary from SQL (malware.rules)
  • 2021931 - ET MALWARE MSIL/Banker.M Downloading Binary from SQL (malware.rules)
  • 2022064 - ET MALWARE Win32/HideWindows.C IRC Checkin (malware.rules)
  • 2022191 - ET MALWARE Win32/Teslacrypt .onion Proxy Domain (tw7kaqthui5ojcez) (malware.rules)
  • 2022346 - ET MALWARE Win32/Bulta DNS Lookup (kugo.f3322.net) (malware.rules)
  • 2022347 - ET MALWARE Win32/Bulta DNS Lookup (yk.ftwxw.com) (malware.rules)
  • 2026987 - ET MALWARE JS/Agent.NZH CnC Response (malware.rules)
  • 2029240 - ET MALWARE Win32/Filecoder.NZK Variant (malware.rules)
  • 2033109 - ET MALWARE ELF/Facefish Empty Payload (set) (malware.rules)
  • 2033110 - ET MALWARE ELF/Facefish Server Response (201) (malware.rules)
  • 2033111 - ET MALWARE ELF/Facefish Client Response (202) (malware.rules)
  • 2033112 - ET MALWARE ELF/Facefish Session Closing (400) (malware.rules)
  • 2034020 - ET MALWARE JS/Spy.Agent.AW Download (malware.rules)
  • 2034293 - ET MALWARE Win32/Ciadoor.10.UPX CnC Activity M1 (malware.rules)
  • 2034294 - ET MALWARE Win32/Ciadoor.10.UPX CnC Activity M2 (malware.rules)
  • 2034359 - ET MALWARE Win32/LNK/Agent.GX Javascript Downloader M1 (malware.rules)
  • 2034360 - ET MALWARE Win32/LNK/Agent.GX Javascript Downloader M2 (malware.rules)
  • 2035211 - ET MALWARE Win32/QuasarRAT CnC Traffic (malware.rules)
  • 2035604 - ET MALWARE Observed DNS Query to Win32/TrojanDownloader.Agent.GEM Domain (malware.rules)
  • 2035693 - ET MALWARE Win32/Killav.CM CnC Response (malware.rules)
  • 2035694 - ET MALWARE Win32/Killav.CM Checkin M2 (malware.rules)
  • 2035753 - ET MALWARE MSIL/Unk.CoinMiner Downloader (malware.rules)
  • 2035944 - ET MALWARE Observed DNS Query to VBS/Agent.PUK Domain (malware.rules)
  • 2035945 - ET MALWARE Observed DNS Query to VBS/Agent.PUK Domain (malware.rules)
  • 2036295 - ET MALWARE Win32/ChromeBack CnC Checkin (malware.rules)
  • 2036296 - ET MALWARE Win32/ChromeBack Browser Hijacker Query Redirection (malware.rules)
  • 2036297 - ET MALWARE Win32/ChromeBack Browser Hijacker Sync (malware.rules)
  • 2036354 - ET MALWARE Win32/Agent.VAZ Bot CnC Checkin (StatusTime) (malware.rules)
  • 2036355 - ET MALWARE Win32/Agent.VAZ Bot CnC Checkin (Comands) (malware.rules)
  • 2036356 - ET MALWARE Win32/Agent.VAZ Bot CnC Checkin (Checkupdate) (malware.rules)
  • 2036357 - ET MALWARE Win32/Agent.VAZ Bot CnC Checkin M1 (malware.rules)
  • 2038795 - ET MALWARE MSIL/TrojanDownloader.Agent.ITY Screenshot Upload Attempt (malware.rules)
  • 2039603 - ET MALWARE JS/AlterSave Skimmer Payload Inbound M1 (malware.rules)
  • 2039604 - ET MALWARE JS/AlterSave Skimmer Payload Inbound M2 (malware.rules)
  • 2045213 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M3 (malware.rules)
  • 2801635 - ETPRO MALWARE Win32/Rimecud.B Checkin (malware.rules)
  • 2803276 - ETPRO MALWARE Win32/Ramnit.A PING INBOUND (malware.rules)
  • 2803512 - ETPRO MALWARE Win32/Agent.QU Checkin (malware.rules)
  • 2803718 - ETPRO MALWARE Win32/Vundo.B Checkin (malware.rules)
  • 2803791 - ETPRO MALWARE Win32/Plingky.A Checkin (malware.rules)
  • 2803805 - ETPRO MALWARE Win32/Hermes.B@mm User-Agent (Hermes) (malware.rules)
  • 2803807 - ETPRO MALWARE Win32/Sefnit.O Checkin (malware.rules)
  • 2803812 - ETPRO MALWARE Win32/Sefnit.K Checkin (malware.rules)
  • 2803813 - ETPRO MALWARE Win32/Rimod Checkin (malware.rules)
  • 2803834 - ETPRO MALWARE Win32/Isnup.B Checkin (malware.rules)
  • 2803862 - ETPRO MALWARE Win32/Tiptuf.A Checkin (malware.rules)
  • 2803866 - ETPRO MALWARE Win32/Nosrawec.C Checkin (malware.rules)
  • 2803875 - ETPRO MALWARE Win32/Agent.KA Checkin (malware.rules)
  • 2803885 - ETPRO MALWARE Win32/Calelk.C User-Agent (Informer) (malware.rules)
  • 2803922 - ETPRO MALWARE Win32/Usteal.A Checkin (malware.rules)
  • 2803941 - ETPRO MALWARE Win32/Bofang.B Checkin (malware.rules)
  • 2803948 - ETPRO MALWARE Win32/Trafog!rts Checkin (malware.rules)
  • 2803981 - ETPRO MALWARE Win32/Banload.ACI Checkin (malware.rules)
  • 2803986 - ETPRO MALWARE Win32/Agent.CS Checkin (malware.rules)
  • 2803988 - ETPRO MALWARE Win32/Toshinc.A Checkin (malware.rules)
  • 2803995 - ETPRO MALWARE Win32/Kryptik.UNM User-Agent (bansol) (malware.rules)
  • 2804002 - ETPRO MALWARE Win32/Rimecud.A User-Agent (stalone) (malware.rules)
  • 2804021 - ETPRO MALWARE Win32/Tibia.AB Checkin (malware.rules)
  • 2804023 - ETPRO MALWARE Win32/Rimecud.A User-Agent (chuck) (malware.rules)
  • 2804025 - ETPRO MALWARE Win32/Kryptik.UNM User-Agent (wolf) (malware.rules)
  • 2804036 - ETPRO MALWARE Win32/Kryptik.UNM User-Agent (dieter) (malware.rules)
  • 2804046 - ETPRO MALWARE Win32/Kryptik.UOM Checkin (malware.rules)
  • 2804048 - ETPRO MALWARE Win32/Malushka.A Checkin (malware.rules)
  • 2804049 - ETPRO MALWARE Win32/Malushka.A User-Agent (netboom) (malware.rules)
  • 2804052 - ETPRO MALWARE Win32/Kryptik.UOM Checkin (malware.rules)
  • 2804056 - ETPRO MALWARE Win32/Banload.ADT Checkin (malware.rules)
  • 2804057 - ETPRO MALWARE Win32/Rimecud.A User-Agent (solders) (malware.rules)
  • 2804060 - ETPRO MALWARE Win32/Rimecud.A User-Agent (cadara) (malware.rules)
  • 2804084 - ETPRO MALWARE Win32/Banker.YB Checkin (malware.rules)
  • 2804163 - ETPRO MALWARE Win32/Banker.XO Checkin (malware.rules)
  • 2804223 - ETPRO MALWARE Win32/Nuwar.gen!lds Checkin (malware.rules)
  • 2804263 - ETPRO MALWARE Win32/Karagany.A Checkin (malware.rules)
  • 2804301 - ETPRO MALWARE Win32/TrojanDownloader.Banload.QOM Checkin (malware.rules)
  • 2804303 - ETPRO MALWARE Win32/Klovbot.B Checkin (malware.rules)
  • 2804311 - ETPRO MALWARE Win32/Comroki Checkin (malware.rules)
  • 2804385 - ETPRO MALWARE Win32/SouGouDownloader.A User-Agent (SouGouDownloader) (malware.rules)
  • 2804410 - ETPRO MALWARE Win32/Banload.AGV User-Agent (BOTPA5BG8S) (malware.rules)
  • 2804443 - ETPRO MALWARE Win32/Banload.gen!B Checkin (malware.rules)
  • 2804469 - ETPRO MALWARE Win32/Sality.R Checkin (malware.rules)
  • 2804564 - ETPRO MALWARE Win32/TrojanDownloader.Banload.QUC Checkin (malware.rules)
  • 2804572 - ETPRO MALWARE Win32/Bucriv.B Checkin (malware.rules)
  • 2804629 - ETPRO MALWARE Win32/Banker.VBY Checkin (malware.rules)
  • 2804630 - ETPRO MALWARE Win32/Delf.CM Checkin (malware.rules)
  • 2804656 - ETPRO MALWARE Win32/TrojanDownloader.Banload.QOT Checkin (malware.rules)
  • 2804661 - ETPRO MALWARE Win32/Spy.Banker.XAG Checkin (malware.rules)
  • 2804686 - ETPRO MALWARE Win32/Masteseq.AC Checkin (malware.rules)
  • 2804739 - ETPRO MALWARE Win32/Spy.Banker.VER Checkin (malware.rules)
  • 2804787 - ETPRO MALWARE Win32/AgentBypass.gen!K Checkin (malware.rules)
  • 2804788 - ETPRO MALWARE Win32/Pilrurl.A Checkin (malware.rules)
  • 2804818 - ETPRO MALWARE Win32/TrojanDownloader.Banload.QWQ Checkin (malware.rules)
  • 2804885 - ETPRO MALWARE Win32/TrojanDownloader.Banload.QYJ Checkin (malware.rules)
  • 2804905 - ETPRO MALWARE Win32/Horst.gen!C Checkin (malware.rules)
  • 2804941 - ETPRO MALWARE Win32/Karagany.E Checkin 1 (malware.rules)
  • 2805011 - ETPRO MALWARE Win32/Banload.ALK Checkin (malware.rules)
  • 2805027 - ETPRO MALWARE Win32/TrojanDownloader.Banload.RDL Checkin (malware.rules)
  • 2805073 - ETPRO MALWARE Win32/Banker.AHM Checkin (malware.rules)
  • 2805097 - ETPRO MALWARE Win32/Vbinder.CO Checkin (malware.rules)
  • 2805109 - ETPRO MALWARE Win32/Hupigon.DZ User-Agent (IEFILES.INS) (malware.rules)
  • 2805131 - ETPRO MALWARE Win32/Banload.AMO Checkin (malware.rules)
  • 2805182 - ETPRO MALWARE Win32/BitCoinMiner.A Checkin (malware.rules)
  • 2805185 - ETPRO MALWARE Win32/Biloky.A Checkin (malware.rules)
  • 2805191 - ETPRO MALWARE Win32/TrojanDownloader.Banload.QYE Checkin (malware.rules)
  • 2805207 - ETPRO MALWARE Win32/Delf.W Checkin (malware.rules)
  • 2805224 - ETPRO MALWARE Win32/TrojanDownloader.Banload.OKO Checkin (malware.rules)
  • 2805248 - ETPRO MALWARE Win32/ProxyChanger.EI Checkin (malware.rules)
  • 2805276 - ETPRO MALWARE Win32/AgentBypass.gen!G Checkin (malware.rules)
  • 2805281 - ETPRO MALWARE Win32/Spy.Banker.TXN Checkin (malware.rules)
  • 2805290 - ETPRO MALWARE Win32/VBInject.QW User-Agent (Sek8War) (malware.rules)
  • 2805302 - ETPRO MALWARE Win32/Raven.gen!A Checkin (malware.rules)
  • 2805311 - ETPRO MALWARE Win32/Rustock.E Checkin (malware.rules)
  • 2805312 - ETPRO MALWARE Win32/VBInject.RT Checkin (malware.rules)
  • 2805361 - ETPRO MALWARE Win32/Vwealer.BQ Checkin (malware.rules)
  • 2805376 - ETPRO MALWARE Win32/ProxyChanger.J Checkin (malware.rules)
  • 2805377 - ETPRO MALWARE Win32/Wadolin.A Checkin 2 (malware.rules)
  • 2805388 - ETPRO MALWARE Win32/FakePlus Checkin (malware.rules)
  • 2805399 - ETPRO MALWARE Win32/Rochap.A Checkin (malware.rules)
  • 2805403 - ETPRO MALWARE Win32/Pift Drop/Checkin (malware.rules)
  • 2805414 - ETPRO MALWARE Win32/Vundo.HIY Checkin (malware.rules)
  • 2805437 - ETPRO MALWARE Win32/PSW.VB.NIH Checkin (malware.rules)
  • 2805580 - ETPRO MALWARE Win32/Tufik.A Checkin (malware.rules)
  • 2805623 - ETPRO MALWARE Win32/Banload.ALA CnC Response (malware.rules)
  • 2805676 - ETPRO MALWARE Win32/FakeMSA.gen!A Checkin (malware.rules)
  • 2805733 - ETPRO MALWARE Win32/Virut.BN Checkin 3 (malware.rules)
  • 2805747 - ETPRO MALWARE Win32/Zegost.B CnC (malware.rules)
  • 2805839 - ETPRO MALWARE Win32/Tibs.gen!G / Trojan-Downloader.Win32.Zlob.jsq Checkin (malware.rules)
  • 2806076 - ETPRO MALWARE Win32/Carberp.A Checkin 3 (malware.rules)
  • 2807154 - ETPRO MALWARE Win32/Gapz CnC (malware.rules)
  • 2807796 - ETPRO MALWARE Win32/Quervar.C DNS query to Domain kaspersky.localnet (malware.rules)
  • 2808055 - ETPRO MALWARE MSIL/RapidStealer.A FTP Activity 1 (malware.rules)
  • 2808057 - ETPRO MALWARE MSIL/RapidStealer.A FTP Activity 2 (malware.rules)
  • 2808281 - ETPRO MALWARE Password Stealer MSIL/Petun.A Sending Info (malware.rules)
  • 2808284 - ETPRO MALWARE Win32/Malex.gen!E Email Report (malware.rules)
  • 2808295 - ETPRO MALWARE Win32/Hostil.B Infection Report Mail (malware.rules)
  • 2808403 - ETPRO MALWARE Win32/PowerLoader.B Checkin response (malware.rules)
  • 2808792 - ETPRO MALWARE Win32/FlyAgent variant MYSQL C2 (malware.rules)
  • 2808809 - ETPRO MALWARE Win32/Critroni Tor DNS Proxy lookup (malware.rules)
  • 2809137 - ETPRO MALWARE Win32/GameHack.RU Checkin via SQL (malware.rules)
  • 2809227 - ETPRO MALWARE Win32/Joviddy.A Checkin via IRC (malware.rules)
  • 2809318 - ETPRO MALWARE Win32/Chanitor.A .onion Proxy domain lookup (malware.rules)
  • 2809341 - ETPRO MALWARE VBS/Cechip.A SSH Banner Checkin 2 (malware.rules)
  • 2809352 - ETPRO MALWARE Win32/ChkBot.A IRC Checkin (malware.rules)
  • 2809383 - ETPRO MALWARE Win32/Teerac.A .onion Proxy Domain (humapzcmz744fe7y) (malware.rules)
  • 2809385 - ETPRO MALWARE Win32/Injector.BOVV .onion Proxy Domain (malware.rules)
  • 2809655 - ETPRO MALWARE Win32/Plugx.L Keepalive Request (malware.rules)
  • 2809656 - ETPRO MALWARE Win32/Plugx.L Keepalive Response (malware.rules)
  • 2809807 - ETPRO MALWARE Win32/Critroni Tor DNS Proxy lookup (malware.rules)
  • 2809808 - ETPRO MALWARE Win32/Critroni Tor DNS Proxy lookup (malware.rules)
  • 2809887 - ETPRO MALWARE Win32/Injector.AEJK .onion Proxy Domain (malware.rules)
  • 2809992 - ETPRO MALWARE Win32/Critroni Tor DNS Proxy lookup (malware.rules)
  • 2809999 - ETPRO MALWARE Win32/Pitou.B (malware.rules)
  • 2810056 - ETPRO MALWARE Win32/Delf.SOM Variant Checkin (malware.rules)
  • 2810282 - ETPRO MALWARE Win32/Escad Variant DNS Lookup (dns01.zzux.com) (malware.rules)
  • 2810487 - ETPRO MALWARE Win32/Sirefef CnC via DNS (malware.rules)
  • 2811056 - ETPRO MALWARE Win32/Spy.POSCardStealer.N DNS Lookup (mail.rumpleskin.org) (malware.rules)
  • 2811530 - ETPRO MALWARE VBS/TrojanDownloader.Small.NBL .onion Proxy Domain (malware.rules)
  • 2811635 - ETPRO MALWARE Win32/Ceatrg.A CnC Beacon M1 (malware.rules)
  • 2812068 - ETPRO MALWARE Win32/Ransomware Inbound PowerShell Payload (malware.rules)
  • 2812072 - ETPRO MALWARE Unknown Trojan Dropped by Win32/Inexsmar.A Checkin (malware.rules)
  • 2812156 - ETPRO MALWARE MSIL/Mictanort.A Checkin (malware.rules)
  • 2812373 - ETPRO MALWARE Win32/Injector.CGDU .onion Proxy Domain (malware.rules)
  • 2812447 - ETPRO MALWARE Win64/Wedex.A DNS Lookup (aexp.nyc) (malware.rules)
  • 2812540 - ETPRO MALWARE Win32/Setaclod.A Checkin (malware.rules)
  • 2812603 - ETPRO MALWARE Win32/Genasom.FO Malicious Redirect (malware.rules)
  • 2812693 - ETPRO MALWARE Win32/Spy.Zbot.AAQ .onion Proxy Domain (malware.rules)
  • 2814216 - ETPRO MALWARE Win32/Orxlocker.A Ransomware DNS Lookup (rkcgwcsfwhvuvgli) (malware.rules)
  • 2814419 - ETPRO MALWARE JS/RecJS DNS Lookup (poonahost.endofinternet.net) (malware.rules)
  • 2814420 - ETPRO MALWARE JS/RecJS DNS Lookup (askleonri.isteingeek.de) (malware.rules)
  • 2814421 - ETPRO MALWARE JS/RecJS DNS Lookup (edrimake.endofinternet.net) (malware.rules)
  • 2814422 - ETPRO MALWARE JS/RecJS DNS Lookup (qkmakein.endofinternet.net) (malware.rules)
  • 2814423 - ETPRO MALWARE JS/RecJS DNS Lookup (cuninn.servebbs.com) (malware.rules)
  • 2814424 - ETPRO MALWARE JS/RecJS DNS Lookup (grihostad.servebbs.com) (malware.rules)
  • 2814425 - ETPRO MALWARE JS/RecJS DNS Lookup (askpotubeda.isteingeek.de) (malware.rules)
  • 2814427 - ETPRO MALWARE JS/RecJS DNS Lookup (griahost.servebbs.com) (malware.rules)
  • 2814557 - ETPRO MALWARE Win32/Wedex TXT DNS Lookup 1 (malware.rules)
  • 2814558 - ETPRO MALWARE Win32/Wedex TXT DNS Lookup 2 (malware.rules)
  • 2814559 - ETPRO MALWARE Win32/Wedex TXT DNS Lookup 3 (malware.rules)
  • 2815064 - ETPRO MALWARE Win32/Kitkiot.A CnC Outbound (malware.rules)
  • 2815159 - ETPRO MALWARE Win32/Qbot CnC (malware.rules)
  • 2815996 - ETPRO MALWARE MSIL/Spy.Banker.DJ .onion Proxy Domain (malware.rules)
  • 2816316 - ETPRO MALWARE Win32/Agent.XRA (Robo) DNS Lookup (malware.rules)
  • 2816318 - ETPRO MALWARE Win32/Agent.XRA (Robo) DNS Lookup (malware.rules)
  • 2816447 - ETPRO MALWARE MSIL/Spy.Agent.QN CnC Init Beacon (malware.rules)
  • 2816640 - ETPRO MALWARE Win32/TrojanDownloader.Banload Downloading Module (malware.rules)
  • 2819708 - ETPRO MALWARE MSIL/Injector.OUH CnC Server Reply (malware.rules)
  • 2819791 - ETPRO MALWARE MSIL/Injector.OVU CnC Keep-Alive (malware.rules)
  • 2820366 - ETPRO MALWARE MSIL/Banker.M Requesting Binary from SQL 2 (malware.rules)
  • 2821206 - ETPRO MALWARE HackTool Win32/ChromePass sending stolen data via SMTP 1 (malware.rules)
  • 2821207 - ETPRO MALWARE HackTool Win32/ChromePass sending stolen data via SMTP 2 (malware.rules)
  • 2821212 - ETPRO MALWARE Win32/TrojanDownloader.Agent.CGY .onion Proxy Domain (malware.rules)
  • 2821314 - ETPRO MALWARE Win32/TrojanDownloader.Agent.CGY .onion Proxy Domain (malware.rules)
  • 2821316 - ETPRO MALWARE Win32/TrojanDownloader.Agent.CGY .onion Proxy Domain (malware.rules)
  • 2823404 - ETPRO MALWARE Win32/Ranscrape Ransomware Onion Domain Lookup (malware.rules)
  • 2826594 - ETPRO MALWARE Win32/Spy.Agent.OTK Keylogger Checkin (malware.rules)
  • 2828115 - ETPRO MALWARE MSIL/Injector.BSL CnC Activity (Start) (malware.rules)
  • 2828128 - ETPRO MALWARE MSIL/Unk.Stealer Exfil via FTP M2 (malware.rules)
  • 2828650 - ETPRO MALWARE MSIL/Agent.SFZ RAT CnC Response Beacon (malware.rules)
  • 2828822 - ETPRO MALWARE VBS/BoletoMestre IRC Checkin (malware.rules)
  • 2829068 - ETPRO MALWARE MSIL/Elm0d RAT CnC Activity (malware.rules)
  • 2829108 - ETPRO MALWARE MSIL/Tiny.R CnC Checkin (Infoback) (malware.rules)
  • 2829110 - ETPRO MALWARE Win32/Crimson Variant CnC Checkin (malware.rules)
  • 2829996 - ETPRO MALWARE MSIL/Safen Screenshot Exfil via FTP (malware.rules)
  • 2830130 - ETPRO MALWARE Win32/APosT.cxt CnC Beacon (malware.rules)
  • 2830148 - ETPRO MALWARE MSIL/BackdoorAgent.BBT CnC Checkin (malware.rules)
  • 2830149 - ETPRO MALWARE MSIL/BackdoorAgent.BBT CnC Initial Beacon (Inbound) (malware.rules)
  • 2830589 - ETPRO MALWARE MSIL/Opprysr Backdoor CnC Checkin (malware.rules)
  • 2832098 - ETPRO MALWARE MSIL/Crimson CnC Checkin (malware.rules)
  • 2832141 - ETPRO MALWARE MSIL/Agent.BNB CnC Checkin via FTP (malware.rules)
  • 2832504 - ETPRO MALWARE MSIL/SeekerBot IRC Checkin (malware.rules)
  • 2832851 - ETPRO MALWARE MSIL/Agent.BLB Checkin via FTP (malware.rules)
  • 2836860 - ETPRO MALWARE Win32/Unk.SEE_N02 CnC Keep-Alive (Outbound) (malware.rules)
  • 2837549 - ETPRO MALWARE Win32/DDoS.tf CnC Checkin (malware.rules)
  • 2837823 - ETPRO MALWARE Win32/Wexw Backdoor Checkin (malware.rules)
  • 2839972 - ETPRO MALWARE Win32/njRAT Variant CnC Activity (GPL) (malware.rules)
  • 2847971 - ETPRO MALWARE MSIL/Agent.UL Variant CnC Activity (malware.rules)
  • 2849725 - ETPRO MALWARE Win32/StormKitty/a310Logger Exfil via SMTP (malware.rules)
  • 2850292 - ETPRO MALWARE MSIL/TrojanDownloader.Age CnC Activity (malware.rules)
  • 2850350 - ETPRO MALWARE MSIL/Agent.DPU Reverse Shell M3 (malware.rules)
  • 2850647 - ETPRO MALWARE Win32/Lmbmiad .ps1 Backdoor (malware.rules)
  • 2851313 - ETPRO MALWARE VBS/TrojanDownloader.Agent.WVY Obfuscated ShellExecute Command (SilentlyContinue) (malware.rules)