Summary:
0 new OPEN, 0 new PRO (0 + 0)
Modified inactive rules:
- 2017973 - ET EXPLOIT_KIT Nuclear EK CVE-2013-3918 (exploit_kit.rules)
- 2018011 - ET EXPLOIT_KIT Fiesta EK Landing Jan 24 2013 (exploit_kit.rules)
- 2018127 - ET EXPLOIT_KIT Goon EK Java JNLP URI Struct Feb 12 2014 (exploit_kit.rules)
- 2018164 - ET MALWARE Ebury SSH Rootkit data exfiltration (malware.rules)
- 2018206 - ET EXPLOIT_KIT Hello/LightsOut EK Secondary Landing (exploit_kit.rules)
- 2018207 - ET EXPLOIT_KIT LightsOut EK Exploit/Payload Request (exploit_kit.rules)
- 2018209 - ET EXPLOIT_KIT Rawin EK Java fakav.jar (exploit_kit.rules)
- 2018256 - ET MALWARE TDLv4 SSL Cert (malware.rules)
- 2018258 - ET EXPLOIT_KIT DRIVEBY Nuclear EK PDF URI Struct March 12 2014 (exploit_kit.rules)
- 2018259 - ET EXPLOIT_KIT DRIVEBY Nuclear EK CVE-2013-2551 URI Struct Nov 26 2013 (exploit_kit.rules)
- 2018261 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Landing Page Mar 12 2014 (exploit_kit.rules)
- 2018337 - ET EXPLOIT_KIT DRIVEBY Goon/Infinity EK Landing Mar 31 2014 (exploit_kit.rules)
- 2018342 - ET EXPLOIT_KIT DRIVEBY Goon/Infinity EK Landing Mar 31 2014 (exploit_kit.rules)
- 2018360 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SWF Struct (exploit_kit.rules)
- 2018361 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SWF Struct (exploit_kit.rules)
- 2018362 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SWF (exploit_kit.rules)
- 2018363 - ET EXPLOIT_KIT DRIVEBY Nuclear EK PDF (exploit_kit.rules)
- 2018441 - ET EXPLOIT_KIT Goon/Infinity URI Struct EK Landing May 05 2014 (exploit_kit.rules)
- 2018442 - ET EXPLOIT_KIT 32-byte by 32-byte PHP EK Gate with HTTP POST (exploit_kit.rules)
- 2018478 - ET MALWARE Downloader.Win32.Tesch.A Bot Command Checkin 1 (malware.rules)
- 2018492 - ET MALWARE Upatre SSL Cert May 20 2014 (malware.rules)
- 2018501 - ET EXPLOIT_KIT Gongda EK Secondary Landing (exploit_kit.rules)
- 2018502 - ET EXPLOIT_KIT Gongda EK Landing 1 (exploit_kit.rules)
- 2018503 - ET EXPLOIT_KIT Gongda EK Landing 2 (exploit_kit.rules)
- 2018515 - ET MALWARE SSL Cert Observed with Unkown Trojan (statswas) (malware.rules)
- 2018517 - ET DNS Reply Sinkhole FBI Zeus P2P 1 - 142.0.36.234 (dns.rules)
- 2018534 - ET EXPLOIT_KIT CottonCastle EK URI Struct (exploit_kit.rules)
- 2018535 - ET EXPLOIT_KIT CottonCastle EK Landing June 05 2014 (exploit_kit.rules)
- 2018536 - ET EXPLOIT_KIT CottonCastle EK Landing EK Struct (exploit_kit.rules)
- 2018544 - ET EXPLOIT_KIT CottonCastle EK Landing June 05 2014 2 (exploit_kit.rules)
- 2018545 - ET EXPLOIT_KIT CottonCastle EK Jar Download Method 2 (exploit_kit.rules)
- 2018573 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK Secondary Landing (exploit_kit.rules)
- 2018577 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK Secondary Landing 2 (exploit_kit.rules)
- 2018583 - ET EXPLOIT_KIT Sweet Orange EK Common Java Exploit (exploit_kit.rules)
- 2018593 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK CVE-2013-3918 (exploit_kit.rules)
- 2018595 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Landing May 23 2014 (exploit_kit.rules)
- 2018606 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK Secondary Landing June 25 2014 (exploit_kit.rules)
- 2018613 - ET EXPLOIT_KIT Evil EK Redirector Cookie June 27 2014 (exploit_kit.rules)
- 2018620 - ET MALWARE Downloader.Win32.Tesch.A Bot Command Checkin 2 (malware.rules)
- 2018668 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK Secondary Landing Jul 11 2014 (exploit_kit.rules)
- 2018741 - ET EXPLOIT_KIT Fiesta EK randomized javascript Gate Jul 18 2014 (exploit_kit.rules)
- 2018786 - ET EXPLOIT_KIT Sweet Orange EK CDN Landing Page (exploit_kit.rules)
- 2018794 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK Secondary Landing June 28 2014 (exploit_kit.rules)
- 2018795 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK Plugin Detect IE Exploit (exploit_kit.rules)
- 2018796 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK Plugin Detect Java Exploit (exploit_kit.rules)
- 2018797 - ET EXPLOIT_KIT Safe/CritX/FlashPack EK Plugin Detect Flash Exploit (exploit_kit.rules)
- 2018922 - ET EXPLOIT_KIT Turla/SPL EK Java Applet (exploit_kit.rules)
- 2018923 - ET EXPLOIT_KIT Turla/SPL EK Java Exploit (exploit_kit.rules)
- 2018924 - ET EXPLOIT_KIT Turla/SPL EK Java Exploit (exploit_kit.rules)
- 2018925 - ET EXPLOIT_KIT Turla/SPL EK Java Exploit Requested - /spl/ (exploit_kit.rules)
- 2018965 - ET EXPLOIT_KIT Malvertising Leading to EK Aug 19 2014 M3 (exploit_kit.rules)
- 2018966 - ET EXPLOIT_KIT Malvertising Leading to EK Aug 19 2014 M1 (exploit_kit.rules)
- 2018967 - ET EXPLOIT_KIT Malvertising Leading to EK Aug 19 2014 M2 (exploit_kit.rules)
- 2018987 - ET EXPLOIT_KIT Sweet Orange EK Thread Specific Java Exploit (exploit_kit.rules)
- 2018995 - ET EXPLOIT_KIT Archie EK CVE-2014-0515 Aug 24 2014 (exploit_kit.rules)
- 2018996 - ET EXPLOIT_KIT Archie EK CVE-2014-0497 Aug 24 2014 (exploit_kit.rules)
- 2018997 - ET EXPLOIT_KIT Archie EK Secondary Landing Aug 24 2014 (exploit_kit.rules)
- 2018998 - ET EXPLOIT_KIT Archie EK Landing Aug 24 2014 (exploit_kit.rules)
- 2019004 - ET EXPLOIT_KIT FlashPack EK Exploit Flash Post Aug 25 2014 (exploit_kit.rules)
- 2019005 - ET EXPLOIT_KIT FlashPack EK Redirect Aug 25 2014 (exploit_kit.rules)
- 2019006 - ET EXPLOIT_KIT FlashPack EK Exploit Landing Aug 25 2014 (exploit_kit.rules)
- 2019007 - ET EXPLOIT_KIT FlashPack EK JS Include Aug 25 2014 (exploit_kit.rules)
- 2019023 - ET EXPLOIT_KIT BleedingLife EK Variant Aug 26 2014 (exploit_kit.rules)
- 2019072 - ET EXPLOIT_KIT RIG EK Landing URI Struct (exploit_kit.rules)
- 2019073 - ET EXPLOIT_KIT NullHole EK Landing Redirect Aug 27 2014 (exploit_kit.rules)
- 2019097 - ET EXPLOIT_KIT Archie EK SilverLight URI Struct (exploit_kit.rules)
- 2019098 - ET EXPLOIT_KIT Archie EK Sending Plugin-Detect Data (exploit_kit.rules)
- 2019100 - ET EXPLOIT_KIT FlashPack EK Redirect Sept 01 2014 (exploit_kit.rules)
- 2019124 - ET MALWARE Cryptolocker .onion Proxy Domain in SNI (malware.rules)
- 2019131 - ET EXPLOIT_KIT Astrum EK Landing (exploit_kit.rules)
- 2019154 - ET EXPLOIT_KIT Sweet Orange EK Java Exploit (exploit_kit.rules)
- 2019167 - ET EXPLOIT_KIT Nuclear EK Silverlight URI Struct (exploit_kit.rules)
- 2019180 - ET EXPLOIT_KIT Malvertising Leading to EK Aug 19 2014 M4 (exploit_kit.rules)
- 2019183 - ET EXPLOIT_KIT Fiesta EK Gate (exploit_kit.rules)
- 2019184 - ET EXPLOIT_KIT Fiesta EK Silverlight Based Redirect (exploit_kit.rules)
- 2019189 - ET EXPLOIT_KIT Nuclear EK CVE-2013-2551 URI Struct Sept 17 2014 (exploit_kit.rules)
- 2019195 - ET EXPLOIT_KIT Nuclear EK Redirect Sept 18 2014 (exploit_kit.rules)
- 2019209 - ET EXPLOIT_KIT DRIVEBY Nuclear EK PDF Struct (no alert) (exploit_kit.rules)
- 2019210 - ET EXPLOIT_KIT DRIVEBY Nuclear EK PDF (exploit_kit.rules)
- 2019226 - ET EXPLOIT_KIT DRIVEBY Nuclear EK 2013-3918 (exploit_kit.rules)
- 2019286 - ET MALWARE Job314 EK Payload Checkin (malware.rules)
- 2019287 - ET EXPLOIT_KIT DRIVEBY Job314 EK Landing (exploit_kit.rules)
- 2019305 - ET MALWARE Dyre SSL Cert 1 (malware.rules)
- 2019306 - ET MALWARE Dyre SSL Cert 2 (malware.rules)
- 2019307 - ET MALWARE Dyre SSL Cert 3 (malware.rules)
- 2019358 - ET EXPLOIT_KIT Nuclear EK Payload URI Struct Oct 5 2014 (no alert) (exploit_kit.rules)
- 2019359 - ET EXPLOIT_KIT Nuclear EK Payload URI Struct Oct 5 2014 (exploit_kit.rules)
- 2019479 - ET EXPLOIT_KIT Job314 EK URI Exploit/Payload Struct (exploit_kit.rules)
- 2019480 - ET EXPLOIT_KIT Job314 EK URI Landing Struct (exploit_kit.rules)
- 2019505 - ET MALWARE BlackEnergy SSL Cert (malware.rules)
- 2019518 - ET MALWARE Win32/Chanitor.A Domain in SNI (malware.rules)
- 2019594 - ET EXPLOIT_KIT FlashPack EK Plugin-Detect Post (exploit_kit.rules)
- 2019628 - ET MALWARE AnubisNetworks Sinkhole SSL Cert lolcat - specific IPs (malware.rules)
- 2019635 - ET MALWARE ROM/BackOff C2 SSL Cert (malware.rules)
- 2019638 - ET EXPLOIT_KIT Evil EK Redirector Cookie Nov 03 2014 (exploit_kit.rules)
- 2019645 - ET MALWARE Bedep SSL Cert (malware.rules)
- 2019646 - ET MALWARE Bedep SSL Cert (malware.rules)
- 2019656 - ET EXPLOIT_KIT Archie EK Exploit Flash URI Struct (exploit_kit.rules)
- 2019657 - ET EXPLOIT_KIT Archie EK Exploit Flash URI Struct (exploit_kit.rules)
- 2019658 - ET EXPLOIT_KIT Archie EK Exploit SilverLight URI Struct (exploit_kit.rules)
- 2019659 - ET EXPLOIT_KIT Archie EK Exploit IE URI Struct (exploit_kit.rules)
- 2019676 - ET EXPLOIT_KIT Nuclear EK Payload URI Struct Nov 07 2014 (exploit_kit.rules)
- 2019677 - ET EXPLOIT_KIT Archie EK Exploit Flash URI Struct (exploit_kit.rules)
- 2019679 - ET MALWARE Archie EK Payload Checkin POST (malware.rules)
- 2019684 - ET EXPLOIT_KIT Evil EK Redirector Cookie Nov 07 2014 (exploit_kit.rules)
- 2019685 - ET EXPLOIT_KIT Archie EK Landing URI Struct (exploit_kit.rules)
- 2019689 - ET EXPLOIT_KIT Job314 EK Landing Nov 10 2014 (exploit_kit.rules)
- 2019690 - ET EXPLOIT_KIT Archie EK Landing Nov 10 2014 (exploit_kit.rules)
- 2019722 - ET EXPLOIT_KIT Archie EK Landing Nov 17 2014 (exploit_kit.rules)
- 2019724 - ET EXPLOIT_KIT Archie EK Flash Exploit URI Struct Nov 17 2014 (exploit_kit.rules)
- 2019725 - ET EXPLOIT_KIT Archie EK Flash Exploit URI Struct 2 Nov 17 2014 (exploit_kit.rules)
- 2019726 - ET EXPLOIT_KIT Archie EK Landing URI Struct 2 Nov 17 2014 (exploit_kit.rules)
- 2019727 - ET EXPLOIT_KIT NullHole EK Exploit URI Struct (exploit_kit.rules)
- 2019742 - ET EXPLOIT_KIT SPL2 EK Landing Nov 18 2014 (exploit_kit.rules)
- 2019743 - ET EXPLOIT_KIT SPL2 EK PluginDetect Data Hash Nov 18 2014 (exploit_kit.rules)
- 2019744 - ET EXPLOIT_KIT SPL2 EK JS HashLib Nov 18 2014 (exploit_kit.rules)
- 2019745 - ET EXPLOIT_KIT SPL2 EK Flash Exploit Nov 18 2014 (exploit_kit.rules)
- 2019765 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SWF (exploit_kit.rules)
- 2019768 - ET EXPLOIT_KIT Archie EK T2 PD Struct Nov 20 2014 (exploit_kit.rules)
- 2019769 - ET EXPLOIT_KIT Archie EK T2 Landing Struct Nov 20 2014 (exploit_kit.rules)
- 2019770 - ET EXPLOIT_KIT Archie EK T2 SWF Exploit Struct Nov 20 2014 (exploit_kit.rules)
- 2019844 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Exploit Struct (exploit_kit.rules)
- 2019845 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SWF (exploit_kit.rules)
- 2019846 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SWF (exploit_kit.rules)
- 2019872 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Payload (flowbits set) (exploit_kit.rules)
- 2019873 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Payload (exploit_kit.rules)
- 2019892 - ET EXPLOIT_KIT Malicious Iframe Leading to EK Dec 08 2014 (exploit_kit.rules)
- 2019895 - ET EXPLOIT_KIT Malicious Redirect Leading to EK Dec 08 2014 (exploit_kit.rules)
- 2019917 - ET EXPLOIT_KIT Nuclear EK SilverLight Exploit (exploit_kit.rules)
- 2019973 - ET EXPLOIT_KIT Archie EK T2 Activity Dec 18 2014 (exploit_kit.rules)
- 2019989 - ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 22 2014 Video (exploit_kit.rules)
- 2019990 - ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 22 2014 Player (exploit_kit.rules)
- 2019991 - ET EXPLOIT_KIT Evil Redirector Leading to EK Dec 22 2014 Search (exploit_kit.rules)
- 2020300 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Exploit Struct Jan 23 2015 (exploit_kit.rules)
- 2020311 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SWF M2 (exploit_kit.rules)
- 2020312 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SWF M2 (exploit_kit.rules)
- 2020317 - ET EXPLOIT_KIT DRIVEBY Nuclear EK SilverLight M2 (exploit_kit.rules)
- 2020318 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Landing Jan 27 2015 M1 (exploit_kit.rules)
- 2020319 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Landing Jan 27 2015 M2 (exploit_kit.rules)
- 2020342 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Landing Feb 01 2015 M2 (exploit_kit.rules)
- 2020352 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Landing Feb 03 2015 M2 (exploit_kit.rules)
- 2020354 - ET EXPLOIT_KIT DRIVEBY Nuclear EK Landing Feb 03 2015 M2 (exploit_kit.rules)
- 2020408 - ET EXPLOIT_KIT Evil Redirector Leading to EK Feb 11 2015 Banner (exploit_kit.rules)
- 2020409 - ET EXPLOIT_KIT Evil Redirector Leading to EK Feb 11 2015 Blog (exploit_kit.rules)
- 2020429 - ET EXPLOIT_KIT Uknown EK Java Exploit (exploit_kit.rules)
- 2020584 - ET EXPLOIT_KIT Sweet Orange EK Flash Exploit IE March 03 2015 (exploit_kit.rules)
- 2020626 - ET EXPLOIT_KIT Fiesta EK Landing URI Struct March 6 2015 (exploit_kit.rules)
- 2020698 - ET EXPLOIT_KIT Evil Redirector Leading to EK March 16 2015 (exploit_kit.rules)
- 2020712 - ET ADWARE_PUP AdWare.Win32.BetterSurf.b SSL Cert (adware_pup.rules)
- 2020715 - ET EXPLOIT_KIT Evil Redirector Leading to EK Mar 19 2015 (exploit_kit.rules)
- 2020726 - ET EXPLOIT_KIT RIG EK Landing March 20 2015 M2 (exploit_kit.rules)
- 2020736 - ET CURRENT_EVENTS Unauthorized SSL Cert for Google Domains (current_events.rules)
- 2020743 - ET EXPLOIT_KIT HanJuan EK Landing March 24 2015 M1 (exploit_kit.rules)
- 2020744 - ET EXPLOIT_KIT HanJuan EK Landing March 24 2015 M2 (exploit_kit.rules)
- 2020832 - ET EXPLOIT_KIT Evil Redirector Leading to EK Apr 2 2015 (exploit_kit.rules)
- 2020840 - ET EXPLOIT_KIT Malicious Redirect Leading to EK Apr 03 2015 (exploit_kit.rules)
- 2020841 - ET EXPLOIT_KIT Nuclear EK Landing Apr 03 2015 (exploit_kit.rules)
- 2020842 - ET EXPLOIT_KIT Nuclear EK Landing Apr 03 2015 (exploit_kit.rules)
- 2020865 - ET EXPLOIT_KIT Nuclear EK Landing Apr 08 2015 (exploit_kit.rules)
- 2020889 - ET MALWARE Vobus/Beebone Sinkhole DNS Reply (malware.rules)
- 2020903 - ET EXPLOIT_KIT SPL2 EK Post-Compromise Data Dump M1 (exploit_kit.rules)
- 2020904 - ET EXPLOIT_KIT SPL2 EK Post-Compromise Data Dump M2 (exploit_kit.rules)
- 2020905 - ET EXPLOIT_KIT SPL2 EK Post-Compromise Data Dump M3 (exploit_kit.rules)
- 2020950 - ET EXPLOIT_KIT Sundown EK Landing Apr 20 2015 (exploit_kit.rules)
- 2020951 - ET EXPLOIT_KIT Sundown EK Flash Exploit Apr 20 2015 (exploit_kit.rules)
- 2020975 - ET EXPLOIT_KIT Nuclear EK Landing Apr 22 2015 (exploit_kit.rules)
- 2020983 - ET EXPLOIT_KIT Fiesta EK Java Exploit Apr 23 2015 (exploit_kit.rules)
- 2020984 - ET EXPLOIT_KIT Fiesta EK PDF Exploit Apr 23 2015 (exploit_kit.rules)
- 2020990 - ET EXPLOIT_KIT Sundown EK Secondary Landing T1 M2 Apr 24 2015 (exploit_kit.rules)
- 2021014 - ET MALWARE TorrentLocker SSL Cert (malware.rules)
- 2021021 - ET MALWARE Kaspersky Sinkhole DNS Reply (malware.rules)
- 2021022 - ET MALWARE Wapack Labs Sinkhole DNS Reply (malware.rules)
- 2021033 - ET EXPLOIT_KIT CottonCastle/Niteris EK Landing URI Struct April 29 2015 M1 (exploit_kit.rules)
- 2021034 - ET EXPLOIT_KIT CottonCastle/Niteris EK Landing URI Struct April 29 2015 M2 (exploit_kit.rules)
- 2021035 - ET EXPLOIT_KIT CottonCastle/Niteris EK Java Exploit URI Struct April 29 2015 (exploit_kit.rules)
- 2021036 - ET EXPLOIT_KIT CottonCastle/Niteris EK URI Struct April 29 2015 (exploit_kit.rules)
- 2021037 - ET EXPLOIT_KIT CottonCastle/Niteris EK Payload April 29 2015 (exploit_kit.rules)
- 2021038 - ET EXPLOIT_KIT CottonCastle/Niteris EK POST Beacon April 29 2015 (exploit_kit.rules)
- 2021039 - ET EXPLOIT_KIT CottonCastle/Niteris EK Landing April 29 2015 (exploit_kit.rules)
- 2021042 - ET EXPLOIT_KIT CottonCastle/Niteris EK Exploit Struct April 30 2015 (exploit_kit.rules)
- 2021043 - ET EXPLOIT_KIT CottonCastle/Niteris EK SWF Exploit April 30 2015 (exploit_kit.rules)
- 2021044 - ET EXPLOIT_KIT CottonCastle/Niteris EK SWF Exploit April 30 2015 (exploit_kit.rules)
- 2021045 - ET EXPLOIT_KIT CottonCastle/Niteris EK SilverLight Exploit April 30 2015 (exploit_kit.rules)
- 2021054 - ET EXPLOIT_KIT Magnitude EK Flash Payload ShellCode Apr 23 2015 (exploit_kit.rules)
- 2021061 - ET MALWARE Ursnif SSL Cert (malware.rules)
- 2021064 - ET EXPLOIT_KIT CottonCastle/Niteris EK Receiving Payload May 7 2015 (exploit_kit.rules)
- 2021090 - ET EXPLOIT_KIT DNSChanger EK Landing May 12 2015 (exploit_kit.rules)
- 2021134 - ET MALWARE JavaScriptBackdoor SSL Cert (malware.rules)
- 2021137 - ET EXPLOIT_KIT Sundown EK Landing May 21 2015 M2 (exploit_kit.rules)
- 2021141 - ET EXPLOIT_KIT DNSChanger EK Landing URI Struct May 22 2015 (exploit_kit.rules)
- 2021177 - ET WEB_CLIENT Fake AV Phone Scam Landing June 2 2015 (web_client.rules)
- 2021181 - ET WEB_CLIENT Fake AV Phone Scam Landing June 4 2015 M1 (web_client.rules)
- 2021182 - ET WEB_CLIENT Fake AV Phone Scam Landing June 4 2015 M2 (web_client.rules)
- 2021183 - ET WEB_CLIENT Fake AV Phone Scam Landing June 4 2015 M3 (web_client.rules)
- 2021194 - ET MALWARE Qadars WebInject SSL Cert (malware.rules)
- 2021206 - ET WEB_CLIENT Fake AV Phone Scam Landing June 8 2015 M1 (web_client.rules)
- 2021207 - ET WEB_CLIENT Fake AV Phone Scam Landing June 8 2015 M2 (web_client.rules)
- 2021254 - ET MALWARE Torrentlocker C2 Domain in SNI (malware.rules)
- 2021256 - ET WEB_CLIENT Fake AV Phone Scam Landing June 11 2015 M2 (web_client.rules)
- 2021258 - ET WEB_CLIENT Fake AV Phone Scam Landing June 11 2015 M3 (web_client.rules)
- 2021279 - ET MALWARE Backdoor.Elise SSL Cert (malware.rules)
- 2021285 - ET WEB_CLIENT Fake AV Phone Scam Landing June 16 2015 M1 (web_client.rules)
- 2021286 - ET WEB_CLIENT Fake AV Phone Scam Landing June 16 2015 M2 (web_client.rules)
- 2021289 - ET MALWARE Malicious SSL certificate detected (FindPOS) (malware.rules)
- 2021294 - ET WEB_CLIENT Fake AV Phone Scam Landing June 17 2015 M1 (web_client.rules)
- 2021295 - ET WEB_CLIENT Fake AV Phone Scam Landing June 17 2015 M2 (web_client.rules)
- 2021305 - ET EXPLOIT_KIT CottonCastle/Niteris EK Landing URI Struct June 19 2015 M3 (exploit_kit.rules)
- 2021307 - ET EXPLOIT_KIT CottonCastle/Niteris EK Exploit URI Struct June 19 2015 (exploit_kit.rules)
- 2021308 - ET EXPLOIT_KIT CottonCastle/Niteris EK Payload June 19 2015 (exploit_kit.rules)
- 2021309 - ET EXPLOIT_KIT CottonCastle/Niteris EK Flash Exploit URI Struct June 19 2015 (exploit_kit.rules)
- 2021310 - ET EXPLOIT_KIT CottonCastle/Niteris EK Landing June 19 2015 (exploit_kit.rules)
- 2021357 - ET WEB_CLIENT Fake AV Phone Scam Landing June 26 2015 M1 (web_client.rules)
- 2021358 - ET WEB_CLIENT Fake AV Phone Scam Landing June 26 2015 M2 (web_client.rules)
- 2021359 - ET WEB_CLIENT Fake AV Phone Scam Landing June 26 2015 M3 (web_client.rules)
- 2021365 - ET WEB_CLIENT Fake AV Phone Scam Landing June 26 2015 M4 (web_client.rules)
- 2021366 - ET WEB_CLIENT Fake AV Phone Scam Stylesheet June 26 2015 (web_client.rules)
- 2021368 - ET WEB_CLIENT Fake AV Phone Scam Landing June 26 2015 M6 (web_client.rules)
- 2021370 - ET MALWARE Dridex SSL Cert 30 June 2015 (malware.rules)
- 2021372 - ET MALWARE Dridex SSL Cert 1 July 2015 (malware.rules)
- 2021373 - ET EXPLOIT_KIT NullHole EK Landing URI struct (exploit_kit.rules)
- 2021424 - ET MALWARE APT CozyCar SSL Cert 7 (malware.rules)
- 2021425 - ET MALWARE APT CozyCar SSL Cert 8 (malware.rules)
- 2021435 - ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 17 (exploit_kit.rules)
- 2021500 - ET WEB_CLIENT Fake AV Phone Scam Landing July 20 2015 M1 (web_client.rules)
- 2021559 - ET EXPLOIT_KIT Evil Redirector Leading to EK Jul 29 (exploit_kit.rules)
- 2021615 - ET MALWARE Dridex Downloader SSL Certificate (malware.rules)
- 2021620 - ET EXPLOIT_KIT Nuclear EK Exploit URI Struct Aug 12 (exploit_kit.rules)
- 2021630 - ET MALWARE MS Terminal Server Single Character Login possible Morto inbound (malware.rules)
- 2021637 - ET EXPLOIT_KIT CottonCastle/Niteris EK Secondary Landing Aug 17 2015 (exploit_kit.rules)
- 2021638 - ET EXPLOIT_KIT CottonCastle/Niteris EK Landing Aug 17 2015 (exploit_kit.rules)
- 2021639 - ET EXPLOIT_KIT CottonCastle/Niteris EK Secondary Landing URI Struct Aug 17 2015 (exploit_kit.rules)
- 2021640 - ET EXPLOIT_KIT CottonCastle/Niteris EK Exploit URI Struct Aug 17 2015 (exploit_kit.rules)
- 2021699 - ET EXPLOIT_KIT Magnitude EK Landing Aug 21 2015 (exploit_kit.rules)
- 2021708 - ET EXPLOIT_KIT Nuclear EK IE Exploit Aug 23 2015 (exploit_kit.rules)
- 2021740 - ET EXPLOIT_KIT Evil Redirector Leading to EK Aug 31 2015 T2 (BizCN) (exploit_kit.rules)
- 2021772 - ET MALWARE Malicious SSL certificate detected (FindPOS) (malware.rules)
- 2021811 - ET WEB_CLIENT Fake AV Phone Scam Landing Sept 21 2015 (web_client.rules)
- 2021841 - ET EXPLOIT_KIT Evil Redirector Leading to EK Sept 25 2015 (exploit_kit.rules)
- 2021848 - ET WEB_CLIENT Evil Redirector from iframe Sep 29 2015 (web_client.rules)
- 2021867 - ET MALWARE Winlock/Torrentlocker SSL Cert (malware.rules)
- 2021868 - ET MALWARE Winlock/Torrentlocker SSL Cert (malware.rules)
- 2021869 - ET MALWARE Winlock/Torrentlocker SSL Cert (malware.rules)
- 2021894 - ET MALWARE Winlock/Torrentlocker SSL Cert (malware.rules)
- 2021939 - ET EXPLOIT_KIT Magnitude EK Landing Oct 08 2015 (exploit_kit.rules)
- 2021963 - ET WEB_CLIENT Fake Virus Phone Scam Landing Oct 19 M1 (web_client.rules)
- 2021964 - ET WEB_CLIENT Fake Virus Phone Scam Landing Oct 19 M2 (web_client.rules)
- 2021966 - ET WEB_CLIENT Fake Virus Phone Scam Landing Oct 19 M4 (web_client.rules)
- 2021967 - ET WEB_CLIENT Fake Virus Phone Scam Redirector Oct 19 M1 (web_client.rules)
- 2021968 - ET WEB_CLIENT Fake Virus Phone Scam Redirector Oct 19 M2 (web_client.rules)
- 2021974 - ET WEB_CLIENT Fake Virus Phone Scam Redirector Oct 19 M3 (web_client.rules)
- 2021975 - ET WEB_CLIENT Fake Virus Phone Scam Landing Oct 19 M5 (web_client.rules)
- 2022001 - ET EXPLOIT_KIT Evil Redirector Leading to EK Oct 26 2015 (exploit_kit.rules)
- 2022010 - ET WEB_CLIENT Fake AV Phone Scam Landing Oct 29 (web_client.rules)
- 2022011 - ET WEB_CLIENT Fake Virus Phone Scam Landing Oct 30 (web_client.rules)
- 2022021 - ET MALWARE Malicious SSL certificate detected (Spy.Shiz CnC) (malware.rules)
- 2022030 - ET WEB_CLIENT Fake Virus Phone Scam Landing Nov 4 M2 (web_client.rules)
- 2022031 - ET WEB_CLIENT Fake Virus Phone Scam JS Landing Nov 4 (web_client.rules)
- 2022032 - ET WEB_CLIENT Fake Virus Phone Scam GET Nov 4 (web_client.rules)
- 2022033 - ET WEB_CLIENT Fake Virus Phone Scam Landing Nov 4 M1 (web_client.rules)
- 2022040 - ET EXPLOIT_KIT Evil Redirector Leadking to EK Nov 2015 (exploit_kit.rules)
- 2022064 - ET MALWARE Win32/HideWindows.C IRC Checkin (malware.rules)
- 2022079 - ET WEB_CLIENT Fake AV Phone Scam Landing Nov 11 (web_client.rules)
- 2022092 - ET WEB_CLIENT Fake Virus Phone Scam Landing Nov 16 (web_client.rules)
- 2022103 - ET WEB_CLIENT Fake Virus Phone Scam Landing Nov 16 (web_client.rules)
- 2022304 - ET EXPLOIT_KIT Evil Redirect Leading to EK Dec 22 2015 (Proxy Filtering) (exploit_kit.rules)
- 2022312 - ET EXPLOIT_KIT Evil Redirector Leading to EK Mon Dec 26 2015 (exploit_kit.rules)
- 2022313 - ET EXPLOIT_KIT Evil Redirector Leading to EK Mon Dec 26 2015 2 (exploit_kit.rules)
- 2022320 - ET WEB_CLIENT Tech Support Phone Scam Landing Dec 30 M2 (web_client.rules)
- 2022327 - ET MALWARE BlackEnergy SSL Cert (malware.rules)
- 2022338 - ET EXPLOIT_KIT Evil Redirector Leading to EK Jan 6th 2016 M1 (exploit_kit.rules)
- 2022341 - ET EXPLOIT_KIT Evil Redirector Leading to EK Jan 6th 2016 M2 (exploit_kit.rules)
- 2022364 - ET WEB_CLIENT Fake Virus Phone Scam Landing Jan 13 M1 (web_client.rules)
- 2022365 - ET WEB_CLIENT Fake Virus Phone Scam Landing Jan 13 M2 (web_client.rules)
- 2022366 - ET WEB_CLIENT Fake Virus Phone Scam Landing Jan 13 M3 (web_client.rules)
- 2022409 - ET WEB_CLIENT Fake AV Phone Scam Landing Jan 26 2016 (web_client.rules)
- 2022464 - ET EXPLOIT_KIT Evil Redirector Leading to EK Jan 27 2016 (Evil Keitaro FB Set) (exploit_kit.rules)
- 2022465 - ET EXPLOIT_KIT Evil Redirector Leading to EK (Known Evil Keitaro TDS) (exploit_kit.rules)
- 2022496 - ET EXPLOIT_KIT Evil Redirector Leading to EK Feb 07 2016 (exploit_kit.rules)
- 2022530 - ET WEB_CLIENT Fake Virus Phone Scam Landing Feb 17 (web_client.rules)
- 2022571 - ET MALWARE Malicious SSL certificate detected (Geodo MITM) (malware.rules)
- 2022602 - ET WEB_CLIENT Microsoft Fake Support Phone Scam Mar 7 (web_client.rules)
- 2022613 - ET MALWARE Malicious SSL certificate detected (Ursnif Injects) (malware.rules)
- 2022619 - ET WEB_CLIENT Fake AV Phone Scam Landing Mar 15 (web_client.rules)
- 2022621 - ET EXPLOIT_KIT Evil Redirector Leading to EK Mar 15 2016 M2 (exploit_kit.rules)
- 2022630 - ET EXPLOIT_KIT Evil Redirector Leading to EK Mar 19 2016 M2 (exploit_kit.rules)
- 2022649 - ET WEB_CLIENT Fake AV Phone Scam Mar 23 (web_client.rules)
- 2022695 - ET WEB_CLIENT Fake AV Phone Scam Landing Apr 1 (web_client.rules)
- 2022724 - ET EXPLOIT_KIT Evil Redirector Leading to EK April 12 2016 M1 (exploit_kit.rules)
- 2022751 - ET EXPLOIT_KIT Evil Redirector Leading to EK Apr 20 2016 (exploit_kit.rules)
- 2022752 - ET EXPLOIT_KIT Evil Redirector Leading to EK Apr 21 2016 M2 (exploit_kit.rules)
- 2022770 - ET EXPLOIT_KIT Evil Redirector Leading to EK Apr 27 2016 (fbset) (exploit_kit.rules)
- 2022771 - ET EXPLOIT_KIT Evil Redirector Leading to EK Apr 27 2016 (exploit_kit.rules)
- 2022799 - ET MALWARE Malicious SSL certificate detected (Ursnif Injects) (malware.rules)
- 2022802 - ET WEB_CLIENT Microsoft Fake Support Phone Scam May 10 (web_client.rules)
- 2022853 - ET WEB_CLIENT Tech Support Phone Scam Landing M4 Jun 3 (web_client.rules)
- 2022855 - ET WEB_CLIENT Tech Support Phone Scam Landing M3 Jun 3 (web_client.rules)
- 2022856 - ET WEB_CLIENT Tech Support Phone Scam Landing M1 Jun 3 (web_client.rules)
- 2022857 - ET WEB_CLIENT Tech Support Phone Scam Landing M2 Jun 3 (web_client.rules)
- 2022859 - ET EXPLOIT_KIT Evil Redirector Leading to EK Jun 03 2016 (exploit_kit.rules)
- 2022904 - ET EXPLOIT_KIT Evil Redirector Leading to EK Jun 15 2016 (exploit_kit.rules)
- 2022909 - ET EXPLOIT_KIT Evil Redirect Leading to EK Jun 22 2016 M1 (exploit_kit.rules)
- 2022910 - ET EXPLOIT_KIT Evil Redirect Leading to EK Jun 22 2016 M2 (exploit_kit.rules)
- 2022926 - ET WEB_CLIENT Tech Support Phone Scam Landing Jun 29 M2 (web_client.rules)
- 2022928 - ET WEB_CLIENT Tech Support Phone Scam Landing Jun 29 M4 (web_client.rules)
- 2022954 - ET WEB_CLIENT Tech Support Phone Scam Landing M1 Jul 7 (web_client.rules)
- 2022955 - ET WEB_CLIENT Tech Support Phone Scam Landing M2 Jul 7 (web_client.rules)
- 2022957 - ET EXPLOIT_KIT Evil Redirector Leading To EK Jul 10 M1 (exploit_kit.rules)
- 2022981 - ET WEB_CLIENT Tech Support Phone Scam Landing Jul 21 M2 (web_client.rules)
- 2022984 - ET EXPLOIT_KIT Evil Redirect Leading to EK Mar 30 M3 (exploit_kit.rules)
- 2022991 - ET WEB_CLIENT Tech Support Phone Scam Landing Jul 29 M1 (web_client.rules)
- 2022993 - ET WEB_CLIENT Tech Support Phone Scam Landing Jul 29 M3 (web_client.rules)
- 2022994 - ET WEB_CLIENT Tech Support Phone Scam Landing Jul 29 M4 (web_client.rules)
- 2022995 - ET EXPLOIT_KIT Evil Redirector Leading To EK Jul 30 M1 (exploit_kit.rules)
- 2023032 - ET MALWARE ProjectSauron Remsec CnC Beacon (hardcoded HTTP headers) (malware.rules)
- 2023037 - ET WEB_CLIENT Tech Support Phone Scam Landing Aug 10 M1 (web_client.rules)
- 2023038 - ET WEB_CLIENT Tech Support Phone Scam Landing Aug 10 M2 (web_client.rules)
- 2023039 - ET WEB_CLIENT Tech Support Phone Scam Landing Aug 10 M3 (web_client.rules)
- 2023040 - ET WEB_CLIENT Tech Support Phone Scam Landing Aug 10 M4 (web_client.rules)
- 2023041 - ET WEB_CLIENT Tech Support Phone Scam Landing Aug 10 M5 (web_client.rules)
- 2023051 - ET WEB_CLIENT Tech Support Phone Scam Landing Aug 12 M1 (web_client.rules)
- 2023052 - ET WEB_CLIENT Tech Support Phone Scam Landing Aug 12 M2 (web_client.rules)
- 2023186 - ET EXPLOIT_KIT Evil Redirector Leading to EK Sep 12 2016 (Flash) (exploit_kit.rules)
- 2023250 - ET EXPLOIT_KIT Evil Redirector Leading to EK Sep 19 2016 (EItest Inject) (exploit_kit.rules)
- 2023252 - ET EXPLOIT_KIT Evil Redirector Leading to EK Sep 20 2016 (exploit_kit.rules)
- 2023270 - ET EXPLOIT_KIT SunDown EK Flash Exploit Sep 22 2016 (exploit_kit.rules)
- 2023271 - ET EXPLOIT_KIT SunDown EK NOP Sled Sep 22 2016 (b641) (exploit_kit.rules)
- 2023272 - ET EXPLOIT_KIT SunDown EK NOP Sled Sep 22 2016 (b642) (exploit_kit.rules)
- 2023274 - ET EXPLOIT_KIT SunDown EK Slight Sep 22 2016 (b641) (exploit_kit.rules)
- 2023277 - ET EXPLOIT_KIT SunDown EK CVE-2015-0016 Sep 22 2016 (b641) (exploit_kit.rules)
- 2023278 - ET EXPLOIT_KIT SunDown EK CVE-2015-0016 Sep 22 2016 (b642) (exploit_kit.rules)
- 2023280 - ET EXPLOIT_KIT SunDown EK CVE-2016-0189 Sep 22 2016 (b641) (exploit_kit.rules)
- 2023281 - ET EXPLOIT_KIT SunDown EK CVE-2016-0189 Sep 22 2016 (b642) (exploit_kit.rules)
- 2023283 - ET EXPLOIT_KIT SunDown EK CVE-2013-2551 Sep 22 2016 (b641) (exploit_kit.rules)
- 2023284 - ET EXPLOIT_KIT SunDown EK CVE-2013-2551 Sep 22 2016 (b642) (exploit_kit.rules)
- 2023285 - ET EXPLOIT_KIT SunDown EK CVE-2013-2551 Sep 22 2016 (b643) (exploit_kit.rules)
- 2023290 - ET MALWARE BleedingLife EK Payload Request (malware.rules)
- 2023291 - ET MALWARE BleedingLife EK Payload Delivered (malware.rules)
- 2023342 - ET MALWARE Malicious SSL certificate detected (Powershell Trojan) (malware.rules)
- 2023343 - ET EXPLOIT_KIT Evil Redirector Leading to EK EITest Inject Oct 17 2016 (exploit_kit.rules)
- 2023352 - ET EXPLOIT_KIT Evil Redirector Leading to EK Oct 19 2016 (exploit_kit.rules)
- 2023353 - ET EXPLOIT_KIT Evil Redirector Leading to EK Oct 19 2016 T2 (exploit_kit.rules)
- 2023473 - ET EXPLOIT_KIT DNSChanger EK Secondary Landing Oct 31 2016 (exploit_kit.rules)
- 2023480 - ET EXPLOIT_KIT Sundown/Xer EK Landing Jul 06 2016 M1 (exploit_kit.rules)
- 2023547 - ET EXPLOIT_KIT Evil Redirector Leading to EK EITest Inject Oct 17 2016 M3 (exploit_kit.rules)
- 2023752 - ET WEB_CLIENT Tech Support Phone Scam Landing M2 Jan 20 2017 (web_client.rules)
- 2023757 - ET WEB_CLIENT Fake AV Phone Scam Landing Jan 24 (web_client.rules)
- 2023869 - ET WEB_CLIENT Fake AV Phone Scam Landing Feb 2 (web_client.rules)
- 2024343 - ET EXPLOIT_KIT Terror EK Landing URI T1 Jun 02 2017 (exploit_kit.rules)
- 2024356 - ET EXPLOIT_KIT SunDown EK RIP Landing M2 B641 (exploit_kit.rules)
- 2024357 - ET EXPLOIT_KIT SunDown EK RIP Landing M2 B642 (exploit_kit.rules)
- 2024358 - ET EXPLOIT_KIT SunDown EK RIP Landing M2 B643 (exploit_kit.rules)
- 2024361 - ET EXPLOIT_KIT SunDown EK RIP Landing M3 B643 (exploit_kit.rules)
- 2024365 - ET WEB_CLIENT Tech Support Phone Scam Landing (warning.mp3) Jan 24 2017 (web_client.rules)
- 2024606 - ET EXPLOIT_KIT Disdain EK URI Struct Aug 23 2017 M1 (exploit_kit.rules)
- 2024607 - ET EXPLOIT_KIT Disdain EK URI Struct Aug 23 2017 M2 (exploit_kit.rules)
- 2024612 - ET EXPLOIT_KIT Disdain EK Landing Aug 23 2017 (exploit_kit.rules)
- 2024845 - ET WEB_CLIENT Tech Support Phone Scam Landing M2 Oct 16 2016 (web_client.rules)
- 2025038 - ET EXPLOIT_KIT Evil Redirector Leading to EK Feb 24 2016 (Evil Keitaro FB Set) (exploit_kit.rules)
- 2025039 - ET EXPLOIT_KIT Evil Redirector Leading to EK Feb 29 2016 (Evil Keitaro FB Set) (exploit_kit.rules)
- 2807554 - ETPRO MALWARE Trojan-DDoS.Win32.Agent.bi Checkin (malware.rules)
- 2807738 - ETPRO MALWARE Win32.Parite.B CnC (OUTBOUND) (malware.rules)
- 2807762 - ETPRO MALWARE Win32/Killav.CM Checkin (malware.rules)
- 2807820 - ETPRO MALWARE Backdoor.Win32.Hupigon Checkin (AMD) (malware.rules)
- 2807924 - ETPRO EXPLOIT_KIT DRIVEBY Goon/Infinity EK Landing Apr 02 2014 (exploit_kit.rules)
- 2807932 - ETPRO EXPLOIT_KIT DRIVEBY Goon/Infinity EK Landing Apr 07 2014 (exploit_kit.rules)
- 2808325 - ETPRO EXPLOIT_KIT SweetOrange EK Thread Specific Landing URI Struct Jul 10 2014 (exploit_kit.rules)
- 2808381 - ETPRO EXPLOIT_KIT SweetOrange EK Thread 2 Specific Landing URI Struct Jul 16 2014 (exploit_kit.rules)
- 2808509 - ETPRO ADWARE_PUP PUP Win32/Soft32Downloader.D SSL Cert Observed (adware_pup.rules)
- 2808750 - ETPRO EXPLOIT_KIT Flashpack EK Thread 3 Sep 05 2014 (exploit_kit.rules)
- 2808789 - ETPRO ADWARE_PUP AdWare.Win32.EoRezo SSL Cert (adware_pup.rules)
- 2808823 - ETPRO MALWARE Gozi/Ursnif/Papras SSL Cert (malware.rules)
- 2808899 - ETPRO MALWARE Win32/Spy.Zbot.ACB SSL Cert (malware.rules)
- 2809128 - ETPRO ADWARE_PUP SUSPICIOUS GEO IP Check (Optimizer Pro) (adware_pup.rules)
- 2809436 - ETPRO MALWARE GenericKD.2034766 Checkin (malware.rules)
- 2809655 - ETPRO MALWARE Win32/Plugx.L Keepalive Request (malware.rules)
- 2809656 - ETPRO MALWARE Win32/Plugx.L Keepalive Response (malware.rules)
- 2809851 - ETPRO MALWARE Cobalt Strike Covert DNS CnC Channel TXT Lookup (tcp) (malware.rules)
- 2809899 - ETPRO MALWARE Trojan-Ransom.Win32.Foreign.lrov SSL Certificate (malware.rules)
- 2809908 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Feb 28 2015 (web_client.rules)
- 2809909 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Feb 28 2015 (web_client.rules)
- 2809923 - ETPRO MALWARE Win32/Spy.Shiz.NCO SSL Cert (malware.rules)
- 2809924 - ETPRO MALWARE Win32/Spy.Shiz.NCO SSL Cert (malware.rules)
- 2809925 - ETPRO MALWARE Win32/Spy.Shiz.NCO SSL Cert (malware.rules)
- 2810068 - ETPRO MALWARE Win32/HideProcess Retrieving config for likely click fraud (malware.rules)
- 2810080 - ETPRO MALWARE Win32/Teerac.A Ransomware SSL Cert (malware.rules)
- 2810082 - ETPRO MALWARE Win32/Teerac.A Ransomware SSL Cert (malware.rules)
- 2810108 - ETPRO MALWARE Win32/Spy.Shiz SSL Cert (malware.rules)
- 2810109 - ETPRO MALWARE Win32/Spy.Shiz SSL Cert (malware.rules)
- 2810110 - ETPRO MALWARE Win32/Spy.Shiz SSL Cert (malware.rules)
- 2810164 - ETPRO MALWARE Win32/Tepoyx.A SSL Cert (malware.rules)
- 2810354 - ETPRO MALWARE Win32/Spy.Shiz SSL Cert (malware.rules)
- 2810879 - ETPRO EXPLOIT_KIT Nuclear EK Landing April 30 2015 M4 (exploit_kit.rules)
- 2810880 - ETPRO EXPLOIT_KIT Nuclear EK Landing April 30 2015 M1 (exploit_kit.rules)
- 2810881 - ETPRO EXPLOIT_KIT Nuclear EK Landing April 30 2015 M2 (exploit_kit.rules)
- 2810882 - ETPRO EXPLOIT_KIT Nuclear EK Landing April 30 2015 M3 (exploit_kit.rules)
- 2810891 - ETPRO MALWARE Spy.Zbot.YW SSL Certificate (malware.rules)
- 2810899 - ETPRO WEB_CLIENT Evil Redirector Leading to EK/Malware (web_client.rules)
- 2810900 - ETPRO WEB_CLIENT Evil Redirector Leading to EK/Malware (web_client.rules)
- 2810941 - ETPRO EXPLOIT_KIT Fiesta EK Landing May 11 2015 (exploit_kit.rules)
- 2810987 - ETPRO MALWARE Win32/Spy.Shiz SSL Cert (malware.rules)
- 2811046 - ETPRO MALWARE TorrentLocker SSL Cert (malware.rules)
- 2811076 - ETPRO MALWARE Upatre SSL Cert (malware.rules)
- 2811249 - ETPRO MALWARE Naikon Domain in SNI (malware.rules)
- 2811579 - ETPRO MALWARE Malicious SSL certificate detected (Meterpreter) (malware.rules)
- 2811656 - ETPRO EXPLOIT_KIT SunDown EK Landing June 23 2015 (exploit_kit.rules)
- 2811657 - ETPRO EXPLOIT_KIT SunDown EK Flash June 23 2015 M1 (exploit_kit.rules)
- 2811659 - ETPRO EXPLOIT_KIT SunDown EK Flash June 23 2015 M2 (exploit_kit.rules)
- 2811873 - ETPRO MALWARE Win32/IRCBot.NJC SSL Cert (malware.rules)
- 2811876 - ETPRO MALWARE CryptoLocker SSL Cert (malware.rules)
- 2812077 - ETPRO MALWARE Java/Adwind SSL Cert (malware.rules)
- 2812089 - ETPRO EXPLOIT_KIT Nuclear EK Exploit URI Struct Jul 21 M1 (exploit_kit.rules)
- 2812090 - ETPRO EXPLOIT_KIT Nuclear EK Exploit URI Struct Jul 21 M2 (exploit_kit.rules)
- 2812098 - ETPRO MALWARE Java/Adwind SSL Cert (malware.rules)
- 2812132 - ETPRO MALWARE Malicious SSL certificate detected (Dridex CnC) (malware.rules)
- 2812198 - ETPRO EXPLOIT_KIT Magnitude EK SilverLight Exploit Jul 28 2015 M1 (exploit_kit.rules)
- 2812199 - ETPRO EXPLOIT_KIT Magnitude EK SilverLight Exploit Jul 28 2015 M2 (exploit_kit.rules)
- 2812377 - ETPRO MALWARE Malicious SSL certificate detected (Dridex) (malware.rules)
- 2812448 - ETPRO MALWARE Win64/Wedex.A SSL Cert (malware.rules)
- 2812451 - ETPRO MALWARE Possibly Targeted Win32/Senta!rfn Downloading Binary (malware.rules)
- 2812522 - ETPRO MALWARE Ursnif SSL Cert (malware.rules)
- 2812554 - ETPRO WEB_CLIENT CottonCastle/Niteris EK Redirector Struct Aug 20 2015 (web_client.rules)
- 2812555 - ETPRO WEB_CLIENT CottonCastle/Niteris EK Redirector Struct Aug 20 2015 (web_client.rules)
- 2812625 - ETPRO EXPLOIT_KIT Malicious Redirect Leading to EK Aug 21 2015 T1 (exploit_kit.rules)
- 2812627 - ETPRO EXPLOIT_KIT Malicious Redirect Leading to EK Aug 21 2015 T3 (exploit_kit.rules)
- 2812628 - ETPRO EXPLOIT_KIT Malicious Redirect Leading to EK Aug 21 2015 T4 (exploit_kit.rules)
- 2812776 - ETPRO MALWARE Malicious SSL certificate detected (malware.rules)
- 2812802 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Aug 31 2015 M1 (web_client.rules)
- 2812823 - ETPRO MALWARE Malicious SSL certificate detected (Fareit CnC) (malware.rules)
- 2812926 - ETPRO MALWARE Win32/Filecoder.DI Ransomware SSL Cert (malware.rules)
- 2813089 - ETPRO MALWARE Qadars SSL Cert (malware.rules)
- 2813090 - ETPRO MALWARE Qadars SSL Cert (malware.rules)
- 2813092 - ETPRO MALWARE TorrentLocker SSL Cert (malware.rules)
- 2814015 - ETPRO MALWARE TorrentLocker SSL Cert (malware.rules)
- 2814020 - ETPRO MALWARE Winlock/CryptoLocker2 SSL Cert (malware.rules)
- 2814027 - ETPRO MALWARE TorrentLocker SSL Cert (malware.rules)
- 2814035 - ETPRO MALWARE Shifu SSL Cert (malware.rules)
- 2814059 - ETPRO MALWARE Pupy RAT SSL Cert (malware.rules)
- 2814168 - ETPRO EXPLOIT_KIT Nuclear EK Landing URI Struct Sep 30 2015 (exploit_kit.rules)
- 2814238 - ETPRO MALWARE Qadars SSL Cert (malware.rules)
- 2814259 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Oct 06 2015 (web_client.rules)
- 2814324 - ETPRO EXPLOIT_KIT Nuclear EK Landing URI Struct Oct 12 (exploit_kit.rules)
- 2814388 - ETPRO EXPLOIT_KIT possible Nuclear EK DHE traffic server to client (exploit_kit.rules)
- 2814415 - ETPRO MALWARE Malicious SSL certificate detected (KINS CnC) (malware.rules)
- 2814494 - ETPRO EXPLOIT_KIT Nuclear EK Landing Oct 20 2015 M3 (exploit_kit.rules)
- 2814569 - ETPRO EXPLOIT_KIT Sundown/Xer EK URI struct Oct 25 2015 M1 (exploit_kit.rules)
- 2814584 - ETPRO MALWARE Upatre SSL Cert (malware.rules)
- 2814619 - ETPRO MALWARE Shifu SSL Cert (malware.rules)
- 2814635 - ETPRO MALWARE Shifu ATS SSL Cert (malware.rules)
- 2814654 - ETPRO EXPLOIT_KIT Malicious Redirect Leading to EK Oct 29 T4 (exploit_kit.rules)
- 2814655 - ETPRO MALWARE Shifu ATS SSL Cert (malware.rules)
- 2814656 - ETPRO MALWARE Shifu ATS SSL Cert (malware.rules)
- 2814658 - ETPRO EXPLOIT_KIT Magnitude EK Landing Oct 29 2015 (exploit_kit.rules)
- 2814665 - ETPRO MALWARE Shifu SSL Cert (malware.rules)
- 2814668 - ETPRO MALWARE Malicious SSL certificate detected (Meterpreter) (malware.rules)
- 2814673 - ETPRO MALWARE Malicious SSL certificate detected (Ursnif CnC) (malware.rules)
- 2814674 - ETPRO MALWARE Shifu SSL Cert (malware.rules)
- 2814675 - ETPRO MALWARE Ursnif Injects SSL Cert (malware.rules)
- 2814684 - ETPRO EXPLOIT_KIT Malicious Redirect Leading to EK Oct 30 2015 (exploit_kit.rules)
- 2814722 - ETPRO MALWARE NewPOSThings SSL Cert (malware.rules)
- 2814750 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2814751 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2814774 - ETPRO MALWARE Ursnif Injects SSL Cert (malware.rules)
- 2814784 - ETPRO MALWARE Shifu SSL Cert (malware.rules)
- 2814785 - ETPRO MALWARE Shifu SSL Cert (malware.rules)
- 2814786 - ETPRO MALWARE Shifu SSL Cert (malware.rules)
- 2814795 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Nov 06 2015 (web_client.rules)
- 2814798 - ETPRO WEB_CLIENT Evil Redirector leading to EK M2 (web_client.rules)
- 2814799 - ETPRO WEB_CLIENT Evil Redirector leading to EK Nov 02 M2 (web_client.rules)
- 2814863 - ETPRO MALWARE Ursnif Injects SSL Cert (malware.rules)
- 2814904 - ETPRO MALWARE PowerSploit SSL Cert (malware.rules)
- 2815122 - ETPRO EXPLOIT_KIT Malicious Redirect Leading to EK Nov 28 2015 (exploit_kit.rules)
- 2815180 - ETPRO EXPLOIT_KIT Nuclear EK Landing URI struct Dec 03 2015 M1 (exploit_kit.rules)
- 2815185 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2815186 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2815187 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2815219 - ETPRO MALWARE Ursnif Injects SSL Cert (malware.rules)
- 2815221 - ETPRO EXPLOIT_KIT Nuclear EK Flash Exploit Dec 03 2015 (exploit_kit.rules)
- 2815222 - ETPRO EXPLOIT_KIT Nuclear EK Flash Exploit Dec 03 2015 (exploit_kit.rules)
- 2815234 - ETPRO MALWARE Gootkit Injects SSL Cert (malware.rules)
- 2815278 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2815284 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2815306 - ETPRO MALWARE Ursnif Injects SSL Cert (malware.rules)
- 2815317 - ETPRO MALWARE Gootkit Injects SSL Cert (malware.rules)
- 2815333 - ETPRO MALWARE Gootkit Injects SSL Cert (malware.rules)
- 2815341 - ETPRO MALWARE Qadars SSL Cert (malware.rules)
- 2815379 - ETPRO MALWARE Upatre SSL Cert Dec 15 (malware.rules)
- 2815406 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2815422 - ETPRO MALWARE Gootkit Injects SSL Cert (malware.rules)
- 2815425 - ETPRO MALWARE Malicious SSL certificate detected (Ursnif CnC) (malware.rules)
- 2815484 - ETPRO EXPLOIT_KIT Nuclear EK Flash Exploit URI struct Dec 27 2015 (exploit_kit.rules)
- 2815622 - ETPRO MALWARE Sacto SSL Cert (malware.rules)
- 2815703 - ETPRO MALWARE Maldoc Downloader SSL Cert Jan 08 (malware.rules)
- 2815748 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M1 (exploit_kit.rules)
- 2815749 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M2 (exploit_kit.rules)
- 2815750 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M3 (exploit_kit.rules)
- 2815751 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M4 (exploit_kit.rules)
- 2815752 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M5 (exploit_kit.rules)
- 2815753 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M6 (exploit_kit.rules)
- 2815754 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M7 (exploit_kit.rules)
- 2815755 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M8 (exploit_kit.rules)
- 2815756 - ETPRO EXPLOIT_KIT Nuclear EK Payload Jan 12 2016 M9 (exploit_kit.rules)
- 2815766 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Dec 13 2015 (web_client.rules)
- 2815814 - ETPRO MALWARE Qadars Injects SSL Cert (malware.rules)
- 2815945 - ETPRO MALWARE Observed Malvertising Domain SSL Cert (malware.rules)
- 2815972 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2815986 - ETPRO MALWARE Dridex Fakes/Redirects SSL Cert (malware.rules)
- 2816002 - ETPRO MALWARE Observed Malvertising Domain SSL Cert (malware.rules)
- 2816003 - ETPRO MALWARE Observed Malvertising Domain SSL Cert (malware.rules)
- 2816004 - ETPRO MALWARE Observed Malvertising Domain SSL Cert (malware.rules)
- 2816025 - ETPRO EXPLOIT_KIT RIG EK Landing Jan 29 M3 (exploit_kit.rules)
- 2816035 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2816036 - ETPRO MALWARE Dridex Fakes SSL Cert (malware.rules)
- 2816037 - ETPRO MALWARE Python/Kaazar SSL Cert (malware.rules)
- 2816046 - ETPRO MALWARE Dridex Fakes/Redirects SSL Cert (malware.rules)
- 2816067 - ETPRO EXPLOIT_KIT Nuclear EK Flash Version PostBack T2 Feb 03 2016 (exploit_kit.rules)
- 2816079 - ETPRO MALWARE Dridex Downloader SSL Cert (malware.rules)
- 2816226 - ETPRO EXPLOIT_KIT SunDown EK Landing Feb 13 2016 M1 (exploit_kit.rules)
- 2816227 - ETPRO EXPLOIT_KIT SunDown EK Landing Feb 13 2016 M2 (exploit_kit.rules)
- 2816228 - ETPRO EXPLOIT_KIT SunDown EK Landing Feb 13 2016 M3 (exploit_kit.rules)
- 2816232 - ETPRO WEB_CLIENT SSL Redirector Leading to EK Feb 13 2016 (web_client.rules)
- 2816302 - ETPRO MALWARE Evil Redirector to EK SSL Cert (malware.rules)
- 2816303 - ETPRO MALWARE Evil Redirector to EK SSL Cert (malware.rules)
- 2816304 - ETPRO MALWARE Evil Redirector to EK SSL Cert (malware.rules)
- 2816333 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2816389 - ETPRO WEB_CLIENT Evil Redirector Leading to EK EITest Feb 25 (web_client.rules)
- 2816404 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Feb 26 2016 (web_client.rules)
- 2816406 - ETPRO MALWARE Win32/Tepoyx Banking Injects SSL Certificate (malware.rules)
- 2816606 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Mar 09 (web_client.rules)
- 2816671 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2816708 - ETPRO MALWARE Observed Malvertizing Domain SSL Cert (malware.rules)
- 2816750 - ETPRO MALWARE Observed Malvertising Domain SSL Cert in Client Hello (malware.rules)
- 2816786 - ETPRO MALWARE Ransom MSIL/Ryzerlo.A SSL Cert Observed (malware.rules)
- 2816798 - ETPRO MALWARE Observerd Malvertising Domain SSL Cert (malware.rules)
- 2816808 - ETPRO EXPLOIT_KIT RIG EK Flash Exploit Mar 29 2016 (exploit_kit.rules)
- 2816831 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Mar 30 M1 (web_client.rules)
- 2816832 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Mar 30 M2 (web_client.rules)
- 2816834 - ETPRO MALWARE Observed Malvertizing Domain SSL Cert (malware.rules)
- 2816835 - ETPRO MALWARE Observed Malvertizing Domain SSL Cert (malware.rules)
- 2816894 - ETPRO MALWARE Observed Malvertising Domain SSL Cert in Client Hello (malware.rules)
- 2819662 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Apr 11 M1 (web_client.rules)
- 2819663 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Apr 11 M2 (web_client.rules)
- 2819701 - ETPRO EXPLOIT_KIT SunDown/Xer EK Flash Exploit Apr 12 2016 (exploit_kit.rules)
- 2819784 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Apr 13 2016 (web_client.rules)
- 2819880 - ETPRO EXPLOIT_KIT Nuclear EK Flash Version IE PostBack M1 Apr 20 2016 (exploit_kit.rules)
- 2819900 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Apr 21 2016 (web_client.rules)
- 2819901 - ETPRO ADWARE_PUP Win32/Dartsmound SSL Certificate Detected (adware_pup.rules)
- 2819902 - ETPRO MALWARE Tinba Banker Injects Domain SSL Cert (malware.rules)
- 2819906 - ETPRO WEB_CLIENT Evil Redirector to EK Apr 22 2016 (web_client.rules)
- 2819907 - ETPRO ADWARE_PUP Win32/Dartsmound SSL Certificate Detected 2 (adware_pup.rules)
- 2820010 - ETPRO MALWARE Observerd Malvertising Domain SSL Cert (malware.rules)
- 2820093 - ETPRO EXPLOIT_KIT Sundown/Xer EK Landing May 05 2016 M2 (b641) (exploit_kit.rules)
- 2820094 - ETPRO EXPLOIT_KIT Sundown/Xer EK Landing May 05 2016 M2 (b642) (exploit_kit.rules)
- 2820209 - ETPRO EXPLOIT_KIT Hunter EK SilverLight Exploit Construct May 14 2016 (exploit_kit.rules)
- 2820210 - ETPRO EXPLOIT_KIT Hunter EK URI Struct May 14 2016 (exploit_kit.rules)
- 2820211 - ETPRO EXPLOIT_KIT Hunter EK Landing May 14 2016 (exploit_kit.rules)
- 2820212 - ETPRO EXPLOIT_KIT Hunter EK URI Struct May 14 2016 M2 (exploit_kit.rules)
- 2820274 - ETPRO MALWARE Ixeshe SSL Cert (malware.rules)
- 2820431 - ETPRO MALWARE Redirector.Paco SSL Certificate Detected (searchly.org) (malware.rules)
- 2820511 - ETPRO MALWARE Dridex Injects SSL Cert (malware.rules)
- 2820563 - ETPRO EXPLOIT_KIT Magnitude EK Landing Jun 10 2016 (exploit_kit.rules)
- 2820738 - ETPRO MALWARE Malicious SSL certificate detected (Ursnif Injects) (malware.rules)
- 2820739 - ETPRO MALWARE Malicious SSL certificate detected (Ursnif Injects) (malware.rules)
- 2820754 - ETPRO EXPLOIT_KIT Magnitude EK Landing Jun 20 2016 (exploit_kit.rules)
- 2820755 - ETPRO EXPLOIT_KIT Sundown EK Payload June 20 2016 M1 (exploit_kit.rules)
- 2820756 - ETPRO EXPLOIT_KIT SunDown EK Payload June 20 2016 M2 (exploit_kit.rules)
- 2820776 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Keitaro Jun 21 2016 T2 (web_client.rules)
- 2820789 - ETPRO MALWARE Malicious SSL certificate detected (Ursnif Injects) (malware.rules)
- 2820790 - ETPRO MALWARE Malicious SSL certificate detected (Gootkit Injects) (malware.rules)
- 2820791 - ETPRO MALWARE Ursnif Injects Domain in SNI (malware.rules)
- 2820792 - ETPRO MALWARE Ursnif Injects Domain in SNI (malware.rules)
- 2820793 - ETPRO MALWARE Ursnif Injects Domain in SNI (malware.rules)
- 2820794 - ETPRO MALWARE Ursnif Injects Domain in SNI (malware.rules)
- 2820817 - ETPRO MALWARE Malicious SSL certificate detected (Ursnif Injects) (malware.rules)
- 2820840 - ETPRO EXPLOIT_KIT SunDown EK Flash Exploit M2 June 20 2016 (exploit_kit.rules)
- 2820893 - ETPRO EXPLOIT_KIT Sednit EK PluginDetect Post back June 27 2016 (exploit_kit.rules)
- 2820898 - ETPRO EXPLOIT_KIT CVE-2014-6332 as Observed in Sednit EK M1 (exploit_kit.rules)
- 2820899 - ETPRO EXPLOIT_KIT CVE-2014-6332 as Observed in Sednit EK M2 (exploit_kit.rules)
- 2820953 - ETPRO MALWARE SBDH Toolkit SSL Cert (malware.rules)
- 2820975 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Keitaro Jul 05 2016 T1 (web_client.rules)
- 2820981 - ETPRO MALWARE Malicious SSL certificate detected (Malware C2) (malware.rules)
- 2820988 - ETPRO EXPLOIT_KIT Sundown/Xer EK Landing M2 Jul 06 2016 (exploit_kit.rules)
- 2821053 - ETPRO MALWARE Malicious SSL certificate detected (Malware C2) (malware.rules)
- 2821106 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK SutraTDS Jul 13 2016 T1 (exploit_kit.rules)
- 2821141 - ETPRO MALWARE Malicious SSL certificate detected (Gootkit Injects) (malware.rules)
- 2821159 - ETPRO MALWARE Evil Redirector to EK SSL Cert (malware.rules)
- 2821309 - ETPRO EXPLOIT_KIT Evil Redirect Leading to EK (AdGholas Activity) (exploit_kit.rules)
- 2821310 - ETPRO EXPLOIT_KIT Evil Redirect Leading to EK (AdGholas Sending Link in Header) (exploit_kit.rules)
- 2821317 - ETPRO MALWARE W32/VenusLocker Ransomware SSL Certificate Detected (malware.rules)
- 2821342 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Keitaro Jul 25 2016 T1 (web_client.rules)
- 2821388 - ETPRO MALWARE Evil Redirector to EK SSL Cert Aug 1 2016 T1 (malware.rules)
- 2821389 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Keitaro Aug 1 2016 T1 (web_client.rules)
- 2821525 - ETPRO MALWARE Malicious SSL certificate detected (Zeus Injects) (malware.rules)
- 2821792 - ETPRO MALWARE Win32/Maptrepol.A SSL Certificate Detected (malware.rules)
- 2821808 - ETPRO MALWARE Malicious SSL certificate detected (Dreambot/Gozi CnC) (malware.rules)
- 2821857 - ETPRO MALWARE Observed Malicious Domain SSL Cert in SNI (Zeus Panda) (malware.rules)
- 2822002 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Keitaro Sep 6 2016 T1 (web_client.rules)
- 2822142 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Keitaro Sep 16 2016 (web_client.rules)
- 2822212 - ETPRO EXPLOIT_KIT Astrum EK Flash Exploit URI Struct (exploit_kit.rules)
- 2822216 - ETPRO EXPLOIT_KIT Astrum EK Plugin Detect Reporitng URI Struct (exploit_kit.rules)
- 2822217 - ETPRO EXPLOIT_KIT Astrum EK Payload Download (exploit_kit.rules)
- 2822428 - ETPRO EXPLOIT_KIT SunDown EK Flash Exploit Artifact Oct 05 2016 (exploit_kit.rules)
- 2822451 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Keitaro Oct 02 2016 (web_client.rules)
- 2822452 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Keitaro Oct 06 2016 (web_client.rules)
- 2822476 - ETPRO EXPLOIT_KIT Bizarro SunDown EK Landing Oct 07 2016 M1 (exploit_kit.rules)
- 2822477 - ETPRO EXPLOIT_KIT Bizarro SunDown EK Landing Oct 07 2016 M2 (exploit_kit.rules)
- 2822478 - ETPRO EXPLOIT_KIT Bizarro SunDown EK Landing Oct 07 2016 M3 (exploit_kit.rules)
- 2822479 - ETPRO EXPLOIT_KIT Bizarro SunDown EK Landing Oct 07 2016 M4 (exploit_kit.rules)
- 2822480 - ETPRO EXPLOIT_KIT Bizarro SunDown EK Landing Oct 07 2016 M5 (exploit_kit.rules)
- 2822481 - ETPRO EXPLOIT_KIT Bizarro SunDown EK Landing Oct 07 2016 M6 (exploit_kit.rules)
- 2822576 - ETPRO MALWARE StrongPity SSL Cert 2 (malware.rules)
- 2822598 - ETPRO MALWARE Win32/CONFUCIUS_B SSL Cert (malware.rules)
- 2822660 - ETPRO MALWARE Malicious SSL certificate detected (Gootkit CnC) (malware.rules)
- 2822690 - ETPRO EXPLOIT_KIT Bizarro SunDown EK Flash Exploit Oct 17 2016 (exploit_kit.rules)
- 2822781 - ETPRO MALWARE Observed PS Empire Downloader SSL Cert via MalDoc Oct 20 (malware.rules)
- 2822861 - ETPRO MALWARE JS/CardSkimming SSL Certificate Detected (malware.rules)
- 2823021 - ETPRO EXPLOIT_KIT Astrum EK Flash Oct 31 2016 (exploit_kit.rules)
- 2823039 - ETPRO MALWARE RedTeam SSL Cert (malware.rules)
- 2823059 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK Keitaro TDS Nov 01 2016 (exploit_kit.rules)
- 2823077 - ETPRO EXPLOIT_KIT GreenFlash SunDown EK Flash Exploit (exploit_kit.rules)
- 2823173 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK Keitaro TDS Nov 01 2016 (exploit_kit.rules)
- 2823193 - ETPRO MALWARE Observed MalDoc Downloader SSL Cert Nov 09 (malware.rules)
- 2823202 - ETPRO MALWARE Observed Malicious Domain SSL Cert in SNI (Remoto BR CnC) (malware.rules)
- 2823243 - ETPRO MALWARE Observed Malicious Ransomware SSL Cert (WickedLocker) (malware.rules)
- 2823244 - ETPRO MALWARE Observed Malicious Ransomware Domain SSL Cert in SNI (Hidden-Tear Variant) (malware.rules)
- 2823245 - ETPRO MALWARE Observed Malicious Ransomware Domain SSL Cert in SNI (Hidden-Tear Variant) (malware.rules)
- 2823247 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK Keitaro TDS Nov 14 2016 (exploit_kit.rules)
- 2823255 - ETPRO EXPLOIT_KIT Magnitude EK Landing Nov 14 2016 (exploit_kit.rules)
- 2823256 - ETPRO EXPLOIT_KIT Magnitude EK Landing Nov 14 2016 M2 (exploit_kit.rules)
- 2823332 - ETPRO EXPLOIT_KIT Evil iframe Redirect to EK Nov 17 2016 (exploit_kit.rules)
- 2823339 - ETPRO EXPLOIT_KIT Sundown/Xer EK Landing Page Nov 17 2016 (exploit_kit.rules)
- 2823453 - ETPRO EXPLOIT_KIT Astrum EK Landing Nov 23 2016 M1 (exploit_kit.rules)
- 2823454 - ETPRO EXPLOIT_KIT Astrum EK Landing Nov 23 2016 M2 (exploit_kit.rules)
- 2823455 - ETPRO EXPLOIT_KIT Astrum EK Flash Exploit Nov 23 2016 M1 (exploit_kit.rules)
- 2823533 - ETPRO EXPLOIT_KIT SunDown EK Landing Nov 30 M2 (exploit_kit.rules)
- 2823539 - ETPRO EXPLOIT_KIT Evil scriptjs Redirect to EK Nov 29 2016 (exploit_kit.rules)
- 2823854 - ETPRO EXPLOIT_KIT SunDown EK Landing Dec 13 2016 (exploit_kit.rules)
- 2823855 - ETPRO EXPLOIT_KIT SunDown EK Flash Exploit Dec 13 2016 (exploit_kit.rules)
- 2823857 - ETPRO EXPLOIT_KIT SunDown EK Payload Dec 13 2016 M2 (exploit_kit.rules)
- 2823894 - ETPRO EXPLOIT_KIT Magnitude EK Landing Dec 14 2016 (exploit_kit.rules)
- 2824030 - ETPRO MALWARE Observed Malicious JS Downloader SSL Cert (malware.rules)
- 2824050 - ETPRO EXPLOIT_KIT SunDown EK Landing Dec 27 2016 (exploit_kit.rules)
- 2824233 - ETPRO EXPLOIT_KIT Evil Redirect to Magnitude EK Jan 05 2017 (exploit_kit.rules)
- 2824449 - ETPRO EXPLOIT_KIT GreenFlash SunDown EK Flash Exploit 2017-01-17 (exploit_kit.rules)
- 2824776 - ETPRO EXPLOIT_KIT SunDown EK Flash Exploit Dec 13 2016 M2 (exploit_kit.rules)
- 2825526 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK Keitaro TDS Mar 17 2017 (exploit_kit.rules)
- 2826087 - ETPRO WEB_CLIENT Evil Redirector Leading to Malicious Download Apr 19 2017 (web_client.rules)
- 2826133 - ETPRO EXPLOIT_KIT Astrum EK Activity M1 Apr 26 2017 (exploit_kit.rules)
- 2826134 - ETPRO EXPLOIT_KIT Astrum EK Activity M2 Apr 26 2017 (exploit_kit.rules)
- 2826393 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK Keitaro TDS May 15 2017 (exploit_kit.rules)
- 2826627 - ETPRO WEB_CLIENT Evil Redirector Leading to RigEK Jun 05 2017 (web_client.rules)
- 2826927 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Jun 28 2017 (SSL Cert) (web_client.rules)
- 2827052 - ETPRO WEB_CLIENT Evil Redirector Leading to EK (Known Evil Keitaro TDS) Jul 07 2017 (web_client.rules)
- 2827154 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK Keitaro TDS July 16 2017 (exploit_kit.rules)
- 2827157 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK Keitaro TDS July 16 2017 2 (exploit_kit.rules)
- 2827286 - ETPRO WEB_CLIENT Evil Redirector Leading to EK (Known Evil Keitaro TDS) Jul 25 2017 (web_client.rules)
- 2827610 - ETPRO WEB_CLIENT Evil Redirector iFrame Observed Aug 18 2017 (web_client.rules)
- 2827611 - ETPRO WEB_CLIENT Evil Redirector iFrame Leading to EK Aug 18 2017 (web_client.rules)
- 2827725 - ETPRO WEB_CLIENT Malicious Redirector (SocEng) DNS Request (web_client.rules)
- 2827799 - ETPRO EXPLOIT_KIT RIG EK Flash Exploit Sep 05 2017 (FWS) (exploit_kit.rules)
- 2827800 - ETPRO EXPLOIT_KIT RIG EK Flash Exploit Sep 05 2017 (CWS) (exploit_kit.rules)
- 2828027 - ETPRO EXPLOIT_KIT GrandSoft EK Exploit Usage Sep 22 2017 (exploit_kit.rules)
- 2828052 - ETPRO WEB_CLIENT Evil Redirector Leading to EK Sep 25 2017 Domain in SNI (web_client.rules)
- 2828506 - ETPRO EXPLOIT_KIT Evil Redirector Leading to EK Keitaro TDS Nov 2 2017 2 (exploit_kit.rules)
- 2828539 - ETPRO EXPLOIT_KIT Evil Redirector Leading to MalDoc Keitaro TDS Nov 6 2017 (exploit_kit.rules)
- 2829088 - ETPRO EXPLOIT_KIT Magnitude EK Landing 2 M1 2017-12-27 (exploit_kit.rules)
- 2829089 - ETPRO EXPLOIT_KIT Magnitude EK Landing 2 M2 2017-12-27 (exploit_kit.rules)
- 2829090 - ETPRO EXPLOIT_KIT Magnitude EK Landing 2 M3 2017-12-27 (exploit_kit.rules)
- 2829091 - ETPRO EXPLOIT_KIT Magnitude EK Payload URI Struct 2017-12-27 (exploit_kit.rules)
- 2829092 - ETPRO EXPLOIT_KIT Magnitude EK Payload Inbound 2017-12-27 (exploit_kit.rules)