Summary:
0 new OPEN, 0 new PRO (0 + 0)
Modified inactive rules:
- 2025416 - ET MALWARE StrongPity APT SSL Certificate Detected (malware.rules)
- 2025438 - ET MALWARE Cobalt Group SSL Certificate Detected (malware.rules)
- 2025445 - ET MALWARE [PTsecurity] Ursnif Socks5 Proxy Connection (malware.rules)
- 2026581 - ET MALWARE JavaRAT CnC Checkin (malware.rules)
- 2026584 - ET MALWARE JavaRAT Sending Screen Size (malware.rules)
- 2026587 - ET MALWARE JavaRAT Requesting Screenshot (malware.rules)
- 2026987 - ET MALWARE JS/Agent.NZH CnC Response (malware.rules)
- 2028984 - ET MALWARE Win32/1xxbot CnC Checkin (malware.rules)
- 2029187 - ET MALWARE XServer Backdoor Communication Setup Request (malware.rules)
- 2029188 - ET MALWARE XServer Backdoor Communication Setup Initiate (malware.rules)
- 2029284 - ET MALWARE Win32/MillionLoader CnC Activity (Inbound) (malware.rules)
- 2029293 - ET MALWARE MilkyBoy CnC Activity (malware.rules)
- 2029298 - ET MALWARE Nexus Stealer CnC Data Exfil (malware.rules)
- 2029341 - ET MALWARE Amadey Stealer CnC - BotKiller Module Checkin (malware.rules)
- 2029802 - ET MALWARE FTCode Stealer Init Activity (malware.rules)
- 2029925 - ET MALWARE Win32/CONFUCIUS_B External IP Check to CnC M2 (malware.rules)
- 2030141 - ET MALWARE MSIL/Modi RAT CnC Command Inbound (in) (malware.rules)
- 2030183 - ET MALWARE BigLock Ransomware CnC Activity (gen) (malware.rules)
- 2030184 - ET MALWARE BigLock Ransomware CnC Activity (id) (malware.rules)
- 2030342 - ET MOBILE_MALWARE ActionSpy CnC (POST) (mobile_malware.rules)
- 2030625 - ET MALWARE Win32/PurpleWave Stealer Requesting Config (malware.rules)
- 2030626 - ET MALWARE Win32/PurpleWave Stealer CnC Exfil (malware.rules)
- 2030900 - ET MALWARE Moist Stealer CnC Exfil (malware.rules)
- 2031217 - ET MALWARE Win32/SDBbot CnC Checkin (malware.rules)
- 2031435 - ET MALWARE AHK.CREDSTEALER.A CnC Exfil (malware.rules)
- 2031479 - ET MALWARE ElectroRAT Command from Server (Screenshot) (malware.rules)
- 2031480 - ET MALWARE ElectroRAT Command from Server (Get folder content) (malware.rules)
- 2032343 - ET MALWARE Valyria Maldoc Activity (GET) (malware.rules)
- 2032914 - ET MALWARE [FIREEYE] SLIGHTPULSE Webshell Activity M1 (malware.rules)
- 2032947 - ET MALWARE Ares Activity (POST) (malware.rules)
- 2033021 - ET MALWARE Lemon_Duck Powershell CnC Activity M15 (malware.rules)
- 2033033 - ET MALWARE BazaLoader CnC Activity (malware.rules)
- 2033044 - ET MALWARE Malicious Second Stage Payload Inbound 2021-02-19 (malware.rules)
- 2033182 - ET MALWARE ChaChi RAT Client CnC (POST) (malware.rules)
- 2033184 - ET MALWARE ChaChi RAT Client CnC (POST) (malware.rules)
- 2033482 - ET EXPLOIT ysoserial Payload in HTTP URI (Groovy1) M1 (exploit.rules)
- 2033483 - ET EXPLOIT ysoserial Payload in HTTP URI (Groovy1) M2 (exploit.rules)
- 2033484 - ET EXPLOIT ysoserial Payload in HTTP URI (Groovy1) M3 (exploit.rules)
- 2033524 - ET EXPLOIT ysoserial Payload in HTTP Header (Groovy1) M1 (exploit.rules)
- 2033525 - ET EXPLOIT ysoserial Payload in HTTP Header (Groovy1) M2 (exploit.rules)
- 2033526 - ET EXPLOIT ysoserial Payload in HTTP Header (Groovy1) M3 (exploit.rules)
- 2033566 - ET EXPLOIT HTTP POST Request With ysoserial In Request Body (Groovy1) M1 (exploit.rules)
- 2033567 - ET EXPLOIT HTTP POST Request With ysoserial In Request Body (Groovy1) M2 (exploit.rules)
- 2033568 - ET EXPLOIT HTTP POST Request With ysoserial In Request Body (Groovy1) M3 (exploit.rules)
- 2033659 - ET MALWARE Win32/TrickBot CnC Initial Checkin M2 (malware.rules)
- 2033796 - ET MALWARE Cobalt Strike Malleable C2 (Custom Profile) (malware.rules)
- 2033913 - ET MALWARE Win32/Mingloa CnC Checkin (malware.rules)
- 2033981 - ET MALWARE Gamaredon Maldoc Activity (GET) (malware.rules)
- 2034039 - ET MALWARE Win32/Voltron/Spectre Stealer Download Activity (GET) (malware.rules)
- 2034083 - ET MALWARE Win32/Fake Anti-Pegasus AV CnC Exfil (malware.rules)
- 2034087 - ET MALWARE Gamaredon Related Maldoc Activity (GET) (malware.rules)
- 2034088 - ET MALWARE ELF/MachO.Netwire Connectivity Check (malware.rules)
- 2034147 - ET MALWARE Gamaredon Related Maldoc Activity (GET) (malware.rules)
- 2034156 - ET MALWARE Gamaredon Maldoc Remote Template Retrieval (GET) (malware.rules)
- 2034157 - ET MALWARE Gamaredon Maldoc Remote Template Retrieval (GET) (malware.rules)
- 2034230 - ET MALWARE Win32/JSWORM Ransomware Style Geo IP Check M1 (malware.rules)
- 2034231 - ET MALWARE Win32/JSWORM Ransomware Style Geo IP Check M2 (malware.rules)
- 2034410 - ET MALWARE LNK/Agent.GX CnC Traffic (malware.rules)
- 2034437 - ET MALWARE Win32/Trojan.Nymeria CnC (malware.rules)
- 2034442 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M1 (malware.rules)
- 2034443 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M2 (malware.rules)
- 2034444 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M3 (malware.rules)
- 2034445 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M4 (malware.rules)
- 2034446 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M5 (malware.rules)
- 2034447 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M6 (malware.rules)
- 2034448 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M7 (malware.rules)
- 2034450 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M9 (malware.rules)
- 2034451 - ET MALWARE Win32/Trojan.Nymeria CnC Activity (GET) M10 (malware.rules)
- 2034474 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2034475 - ET MALWARE Gamaredon Related Maldoc Activity (GET) (malware.rules)
- 2034483 - ET MALWARE ABCbot CnC Exfil (malware.rules)
- 2034645 - ET MALWARE APT15/NICKEL Related CnC Activity (POST) (malware.rules)
- 2034683 - ET MALWARE Linux/Tsunami Downloader (malware.rules)
- 2034684 - ET MALWARE Linux/Tsunami Remote Shell M1 (malware.rules)
- 2034739 - ET MALWARE DCRat CnC Activity M11 (malware.rules)
- 2034740 - ET MALWARE DCRat CnC Activity M12 (malware.rules)
- 2034741 - ET MALWARE DCRat CnC Activity M13 (malware.rules)
- 2034875 - ET MALWARE Maldoc Retrieving Remote Template (GET) (malware.rules)
- 2034982 - ET MALWARE Win32/ClipBanker.OC CnC Activity M1 (malware.rules)
- 2034983 - ET MALWARE Win32/ClipBanker.OC CnC Activity M2 (malware.rules)
- 2035007 - ET MALWARE Gamaredon Related Maldoc Activity (GET) (malware.rules)
- 2035031 - ET MALWARE StrifeWater Rat CnC Activity (malware.rules)
- 2035040 - ET MALWARE StrifeWater RAT CnC Activity M2 (malware.rules)
- 2035041 - ET MALWARE Win32/Variant.Zusy.402698 Checkin (malware.rules)
- 2035064 - ET MALWARE Office Macro Emotet Download URI Nov 24 2021 (malware.rules)
- 2035097 - ET ADWARE_PUP Win32/GameHack.ADW CnC Activity (adware_pup.rules)
- 2035098 - ET MALWARE Win32/Trojan.Agent.FSTT CnC Activity (malware.rules)
- 2035099 - ET MALWARE Win32/Pteranodon CnC Exfil (POST) (malware.rules)
- 2035117 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035118 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035131 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035132 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035166 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035167 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035168 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035169 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035170 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035171 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035188 - ET MALWARE Win32/Spy.Socelars.S CnC Activity M4 (GET) (malware.rules)
- 2035197 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035198 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035199 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035200 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035207 - ET MALWARE MSIL/GenKryptik.FQRH Download Request (malware.rules)
- 2035221 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035253 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035254 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035255 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035368 - ET MALWARE MSIL/TrojanDownloader.Agent.JVN CnC Checkin (malware.rules)
- 2035370 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2035425 - ET MALWARE MuddyWater APT Related Activity (POST) (malware.rules)
- 2035426 - ET MALWARE MuddyWater APT Related Activity (GET) (malware.rules)
- 2035449 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035459 - ET MALWARE MSIL/TrojanDownloader.Agent.KUO CnC Activity M1 (malware.rules)
- 2035460 - ET MALWARE MSIL/TrojanDownloader.Agent.KUO CnC Activity M2 (malware.rules)
- 2035477 - ET MALWARE rat-test CnC Response (malware.rules)
- 2035517 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2035552 - ET MALWARE Mustang Panda APT Related Activity (GET) (malware.rules)
- 2035560 - ET MALWARE Win32/Pterodo Activity (POST) (malware.rules)
- 2035605 - ET MALWARE Win32/TrojanDownloader.Agent.GEM CnC Command Fetch (malware.rules)
- 2035624 - ET MALWARE TransparentTribe APT Related Activity (POST) (malware.rules)
- 2035689 - ET MALWARE Win32/PlugX/Talisman Activity (POST) (malware.rules)
- 2035696 - ET MALWARE Win32/WindowsDefender Bypass Download Request (malware.rules)
- 2035729 - ET MALWARE Win32/POWERPLANT CnC Exfil (Query) (malware.rules)
- 2035730 - ET MALWARE Win32/POWERPLANT CnC Exfil (INIT) (malware.rules)
- 2035735 - ET MALWARE Win32/LOADOUT CnC Activity (malware.rules)
- 2035900 - ET MALWARE Win32/Farfli.CUY Downloader (malware.rules)
- 2035915 - ET MALWARE Cobalt Strike Related Activity (GET) (malware.rules)
- 2035917 - ET MALWARE TransparentTribe APT Related Activity (POST) (malware.rules)
- 2036210 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2036211 - ET MALWARE Malicious VBS Sending System Information (POST) (malware.rules)
- 2036213 - ET MALWARE Gamaredon APT Related Activity (GET) (malware.rules)
- 2036228 - ET MALWARE Gamaredon APT Related Maldoc Activity (GET) (malware.rules)
- 2036281 - ET MALWARE Win64/CobaltStrike.Beacon.J CnC Checkin (malware.rules)
- 2036282 - ET MALWARE Cobalt Strike X-Client Header (notevil) (malware.rules)
- 2036308 - ET MALWARE Win32/Blacktech Plead CnC Activity (GET) (malware.rules)
- 2036309 - ET MALWARE BlackTech FlagPro Dropper Activity (GET) (malware.rules)
- 2036317 - ET MALWARE Zingo/GinzoStealer Data Command List Fetch (malware.rules)
- 2036390 - ET MALWARE DPRK APT Related Maldoc Activity (POST) (malware.rules)
- 2036425 - ET MOBILE_MALWARE Android/FakeWallet.D Activity (GET) (mobile_malware.rules)
- 2036509 - ET MALWARE Kimsuky APT PebbleDash Related Activity (GET) (malware.rules)
- 2036512 - ET MALWARE PoshC2 - Observed Default URI Structure M3 (malware.rules)
- 2036513 - ET MALWARE PoshC2 - Observed Default URI Structure M4 (malware.rules)
- 2036681 - ET MALWARE Downloader/Win.MalXll.R466354 Payload Request (malware.rules)
- 2036824 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2036825 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2036876 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2036881 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2036966 - ET MALWARE Aoqin Dragon APT Related Activity (GET) (malware.rules)
- 2036973 - ET MALWARE Aoqin Dragon APT Related Activity (GET) (malware.rules)
- 2036982 - ET MALWARE Loxes/Mongall Related CnC Beacon M3 (GET) (malware.rules)
- 2036983 - ET MALWARE MalDoc Retrieving Qbot Payload 2022-06-14 (malware.rules)
- 2036999 - ET MALWARE Maldoc Retrieving Payload 2022-06-15 (malware.rules)
- 2037746 - ET MALWARE MSIL/PSW.Discord.AIY CnC Exfil (malware.rules)
- 2037766 - ET MALWARE Win32/H0lyGh0st Ransomware CnC Activity (GET Public Key) (malware.rules)
- 2037767 - ET MALWARE Win32/H0lyGh0st Ransomware Exfil Activity (POST) (malware.rules)
- 2037768 - ET MALWARE Win32/H0lyGh0st Ransomware CnC Response (malware.rules)
- 2037774 - ET MALWARE Win32/H0lyGh0st CnC Activity (malware.rules)
- 2037789 - ET MALWARE JS.SocGholish CnC Activity (POST) (malware.rules)
- 2037797 - ET MALWARE APT29/CloakedUrsa Google Drive Authentication (POST) (malware.rules)
- 2037829 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2037830 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2037831 - ET MALWARE Cobalt Strike Activity (GET) (malware.rules)
- 2037863 - ET MALWARE Trojan.Dropper.HTML.Agent Payload (malware.rules)
- 2037910 - ET MALWARE ENV Variable Data Exfiltration Attempt (HTTP POST) (malware.rules)
- 2038634 - ET MOBILE_MALWARE Android.Trojan.Banker.XJ Activity (mobile_malware.rules)
- 2038700 - ET ADWARE_PUP Win32/ReImageRepair.T CnC Cookie Pattern (adware_pup.rules)
- 2038772 - ET MALWARE Chinese Based APT Related Malware Sending System Information (POST) (malware.rules)
- 2038843 - ET MALWARE Brute Ratel CnC Activity (json-c2) M1 (malware.rules)
- 2038844 - ET MALWARE Brute Ratel CnC Activity (json-c2) M2 (malware.rules)
- 2039019 - ET MALWARE Win32/Variant.Babar.74963 CnC Exfil (malware.rules)
- 2039156 - ET MALWARE HTML/Qbot Dropper (.zip) (malware.rules)
- 2829166 - ETPRO MALWARE Bitcoin Miner Known Malicious Basic Auth (NDNRemFNVm5SS1lpc1E…) (malware.rules)
- 2829382 - ETPRO MALWARE CrimeScene IRC Bot Checkin (malware.rules)
- 2829721 - ETPRO MALWARE AfraidBeefcake IRC CnC Checkin (malware.rules)
- 2829996 - ETPRO MALWARE MSIL/Safen Screenshot Exfil via FTP (malware.rules)
- 2831784 - ETPRO MALWARE Hawkeye Keylogger SMTP Checkin M3 (malware.rules)
- 2832030 - ETPRO MALWARE SYSCON Data Exfil via FTP (malware.rules)
- 2832098 - ETPRO MALWARE MSIL/Crimson CnC Checkin (malware.rules)
- 2832141 - ETPRO MALWARE MSIL/Agent.BNB CnC Checkin via FTP (malware.rules)
- 2832504 - ETPRO MALWARE MSIL/SeekerBot IRC Checkin (malware.rules)
- 2832851 - ETPRO MALWARE MSIL/Agent.BLB Checkin via FTP (malware.rules)
- 2833200 - ETPRO MALWARE Win32/BR.Banload CnC Checkin Activity (malware.rules)
- 2833400 - ETPRO MALWARE EvilVNC Backdoor CnC Checkin (malware.rules)
- 2833707 - ETPRO MALWARE SYSCON FTP Windows Log Exfil (malware.rules)
- 2833708 - ETPRO MALWARE SYSCON FTP Process Log Exfil (malware.rules)
- 2833709 - ETPRO MALWARE SYSCON FTP Screenshot Exfil (malware.rules)
- 2833972 - ETPRO MALWARE Abadon Backdoor CnC Checkin (malware.rules)
- 2834315 - ETPRO MALWARE Unk.Backdoor CnC Checkin (malware.rules)
- 2834394 - ETPRO MALWARE Ave Maria RAT Checkin (malware.rules)
- 2834800 - ETPRO MALWARE Supreme RAT CnC Response (malware.rules)
- 2835109 - ETPRO MALWARE Observed Malicious JScript Downloader Inbound (malware.rules)
- 2838020 - ETPRO MALWARE Zeropadypt/Limbo/Ouroboros Ransomware CnC Checkin (malware.rules)
- 2839851 - ETPRO MALWARE Win32/AgentTesla FTP STOR Command (malware.rules)
- 2839876 - ETPRO MALWARE Win32/Cyborg Keylogger FTP STOR Command (malware.rules)
- 2839878 - ETPRO MALWARE Win32/AgentTesla FTP STOR Command M2 (malware.rules)
- 2839922 - ETPRO MALWARE Cyborg Keylogger FTP STOR Command (malware.rules)
- 2840030 - ETPRO MALWARE Sifrelendi Ransomware Checkin via FTP (malware.rules)
- 2840194 - ETPRO MALWARE Win32/Unk.Stealer CnC Data Exfil (malware.rules)
- 2840362 - ETPRO MALWARE ChikonStealer CnC Data Exfil (malware.rules)
- 2840619 - ETPRO MALWARE Win32/Fpox Data Exfil (malware.rules)
- 2840891 - ETPRO MALWARE DarkRAT Variant CnC Checkin (malware.rules)
- 2841257 - ETPRO MALWARE MalDoc Retrieving Malicious Payload (malware.rules)
- 2841878 - ETPRO MALWARE Observed Office Doc with Reversed Strings Inbound (malware.rules)
- 2842035 - ETPRO MALWARE Win32/Agent.ABLU Connectivity Check (malware.rules)
- 2842455 - ETPRO MALWARE Win64/Spy.Agent.CB CnC Activity (malware.rules)
- 2843206 - ETPRO MALWARE ToxicEye Stealer Checkin via Telegram (malware.rules)
- 2843403 - ETPRO MALWARE Win32/SSTS Bot CnC Checkin (malware.rules)
- 2843404 - ETPRO MALWARE Win32/SSTS Bot CnC Requesting Commands (malware.rules)
- 2843711 - ETPRO MALWARE MalDoc Requesting Payload 2020-07-27 (malware.rules)
- 2843752 - ETPRO MALWARE Win32/Valak Stealer v51 CnC Activity M2 (malware.rules)
- 2843824 - ETPRO MALWARE Win32/BleazIT CnC Checkin (malware.rules)
- 2843895 - ETPRO MALWARE Win32/Randrew.A!bit CnC Checkin (malware.rules)
- 2844308 - ETPRO MALWARE Win32/Stealer.tnf CnC Exfil (malware.rules)
- 2844311 - ETPRO MALWARE Win64/Spy.Agent.CL CnC Activity (malware.rules)
- 2844365 - ETPRO MOBILE_MALWARE Android/KCPro Spyware CnC Activity (mobile_malware.rules)
- 2844730 - ETPRO MALWARE MalDoc Retrieving Payload 2020-10-02 (malware.rules)
- 2844884 - ETPRO MALWARE MSIL/Kryptik.YAP CnC Checkin (malware.rules)
- 2844885 - ETPRO MALWARE Win32/Zpevdo.B Variant CnC Checkin (malware.rules)
- 2844991 - ETPRO MALWARE Bazaloader Variant CnC Activity (malware.rules)
- 2845409 - ETPRO MALWARE MSIL/JjnnoBot CnC Checkin (malware.rules)
- 2845410 - ETPRO MALWARE MSIL/JjnnoBot CnC Requesting Command (malware.rules)
- 2845411 - ETPRO MALWARE Unk.MSI.Loader CnC Activity (malware.rules)
- 2845816 - ETPRO MOBILE_MALWARE Android/Plankton.I Checkin (mobile_malware.rules)
- 2845965 - ETPRO MALWARE Win32/Chapak.emqd Stealer Exfiltrating System Information (malware.rules)
- 2846086 - ETPRO MALWARE MalDoc Retrieving Payload 2020-12-17 (malware.rules)
- 2846265 - ETPRO MALWARE Redline - SendClientInfo Request (malware.rules)
- 2847740 - ETPRO MALWARE Trojan:Script/Phonzy.A!ml CnC Activity M2 (malware.rules)
- 2847942 - ETPRO MALWARE Valyria Maldoc Activity (GET) (malware.rules)
- 2848101 - ETPRO MALWARE MSIL/Browsstl.GA!MTB Stealer CnC Exfil (malware.rules)
- 2848197 - ETPRO MALWARE Win32/Woreflint Activity (POST) (malware.rules)
- 2848200 - ETPRO MALWARE RedLine - GetUpdates Request (malware.rules)
- 2848217 - ETPRO MALWARE Unk.MalDoc CnC Exfil (malware.rules)
- 2848345 - ETPRO MALWARE MSIL/NM.Stealer CnC Data Exfil (malware.rules)
- 2848373 - ETPRO MALWARE MSIL/HELLRAZOR Stealer CnC Exfil (malware.rules)
- 2848416 - ETPRO MALWARE Avalon Stealer Variant CnC Exfil (malware.rules)
- 2848808 - ETPRO MALWARE ZiggyStealer CnC Activity (malware.rules)
- 2849516 - ETPRO MALWARE Win32/ZXRMCTROL CnC Activity (malware.rules)
- 2849590 - ETPRO MALWARE Win32/Unk.Loader.msxyz Activity (malware.rules)
- 2849604 - ETPRO MALWARE Win32/SsStealer CnC Exfil (malware.rules)
- 2849676 - ETPRO MALWARE Win32/Ratfishes Checkin (malware.rules)
- 2849793 - ETPRO MALWARE Win32/Unk.DiscordGrabber CnC Activity (malware.rules)
- 2849956 - ETPRO MALWARE TeamTNT Chimaera Checkin (malware.rules)
- 2850057 - ETPRO MALWARE Unk.MalDoc/PowerShell Loader CnC Checkin (malware.rules)
- 2850087 - ETPRO MALWARE Win32/VERTEX Stealer CnC Activity (GET) (malware.rules)
- 2850103 - ETPRO MALWARE MalDoc Reporting Infection 2021-10-04 (malware.rules)
- 2850598 - ETPRO MALWARE Ettersilent MalDoc C2 Beacon (malware.rules)
- 2850614 - ETPRO MALWARE Win32/Lmbmiad Downloader (.cmd) (malware.rules)
- 2850615 - ETPRO MALWARE Win32/Lmbmiad Downloader (.dll) (malware.rules)
- 2850617 - ETPRO MALWARE Win32/Lmbmiad Downloader (.ps1) (malware.rules)
- 2850657 - ETPRO MALWARE Valyria Maldoc/BazarLoader Activity (GET) (malware.rules)
- 2850671 - ETPRO MALWARE Valyria CnC Activity (GET) (malware.rules)
- 2850800 - ETPRO MALWARE Valyria Maldoc Activity (GET) (malware.rules)
- 2850831 - ETPRO MALWARE Valyria Maldoc Activity (GET) (malware.rules)
- 2850838 - ETPRO MALWARE DCRAT CnC Activity (GET) (malware.rules)
- 2850839 - ETPRO MALWARE DCRAT CnC Response (malware.rules)
- 2850865 - ETPRO MALWARE VBS/CageyChameleon CnC Beacon (malware.rules)
- 2850871 - ETPRO MALWARE Win32/Spy.Banker CnC Exfil (POST) (malware.rules)
- 2850940 - ETPRO MALWARE Win32/TrojanDownloader.Agent.DSF CnC Activity (malware.rules)
- 2850941 - ETPRO MALWARE Win32/TrojanDownloader.Agent.DSF CnC Activity (malware.rules)
- 2851042 - ETPRO MALWARE Trojan:Win32/Sabsik Payload Request M2 (malware.rules)
- 2851043 - ETPRO MALWARE Trojan:Win32/Sabsik Payload Request M1 (malware.rules)
- 2851114 - ETPRO MALWARE Win32/OnlyLogger Connectivity Check M2 (malware.rules)
- 2851131 - ETPRO MALWARE FinderBot Checkin/Requesting Payload M2 (malware.rules)
- 2851180 - ETPRO MALWARE Trojan:Win32/Sabsik Payload Request M2 (malware.rules)
- 2851205 - ETPRO MALWARE Win32/LokiBot Payload Download Request M1 (malware.rules)
- 2851206 - ETPRO MALWARE Win32/LokiBot Payload Download Request M2 (malware.rules)
- 2851233 - ETPRO MALWARE YouTube Profile Exfil Via Telegram (malware.rules)
- 2851285 - ETPRO MALWARE jpg Image Request (set) (malware.rules)
- 2851289 - ETPRO MALWARE MSIL/TrojanDropper.Agent.FKR CnC Exfil (malware.rules)
- 2851337 - ETPRO MALWARE User32.dll Download via Powershell (malware.rules)
- 2851530 - ETPRO MALWARE Maldoc Sending System Information (GET) (malware.rules)
- 2851531 - ETPRO MALWARE MS Office Macro Qbot Download URI Apr 26 2022 (malware.rules)
- 2851535 - ETPRO MALWARE Win32/Ursnif CnC Payload Request (malware.rules)
- 2851550 - ETPRO MALWARE Win32/MetaStealer Fake Avast AV Update (GET) (malware.rules)
- 2851572 - ETPRO MALWARE MalDoc Retrieving Qbot Payload 2022-05-03 (malware.rules)
- 2851580 - ETPRO MALWARE Win32/Trojan.Agent.FRPG Exfil Activity (POST) (malware.rules)
- 2851638 - ETPRO MALWARE PoshC2 CnC Response (200) M1 (malware.rules)
- 2851639 - ETPRO MALWARE PoshC2 CnC Response (200) M2 (malware.rules)
- 2851640 - ETPRO MALWARE PoshC2 CnC Response (200) M3 (malware.rules)
- 2851641 - ETPRO MALWARE PoshC2 CnC Response (200) M4 (malware.rules)
- 2851711 - ETPRO MALWARE Win32/Kryptik.HPRB Payload Request (GET) (malware.rules)
- 2851740 - ETPRO MALWARE Powershell Pak-Loader Download (malware.rules)
- 2851879 - ETPRO MALWARE LNK/TrojanDownloader.Agent.AS CnC Activity M1 (malware.rules)
- 2851880 - ETPRO MALWARE LNK/TrojanDownloader.Agent.AS CnC Activity M2 (malware.rules)
- 2851881 - ETPRO MALWARE LNK/TrojanDownloader.Agent.ASS CnC Activity M3 (malware.rules)
- 2851932 - ETPRO MALWARE MSIL/Kryptik.AFSX CnC Checkin (malware.rules)
- 2851979 - ETPRO MALWARE VBA/TrojanDownloader.Agent.SME CnC Activity (malware.rules)
- 2852063 - ETPRO MALWARE Win32/Trojan-Dropper.MSIL.Sysn.gen CnC Exfil (malware.rules)