Ruleset Update Summary - 2025/01/07 - v10831

Ruleset Updates
1

Summary:

30 new OPEN, 34 new PRO (30 + 4)

Added rules:

Open:

  • 2058999 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (jdcdn .life) (exploit_kit.rules)
  • 2059000 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (aiiqinga .life) (exploit_kit.rules)
  • 2059001 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (luoli8 .life) (exploit_kit.rules)
  • 2059002 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (pablogutierrez .life) (exploit_kit.rules)
  • 2059003 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (preisefurmaannerpillen .life) (exploit_kit.rules)
  • 2059004 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (rccgloveinaction .org) (exploit_kit.rules)
  • 2059005 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (teddyatuluku .org) (exploit_kit.rules)
  • 2059006 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (biznessclinic .life) (exploit_kit.rules)
  • 2059007 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (jdcdn .life) (exploit_kit.rules)
  • 2059008 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (aiiqinga .life) (exploit_kit.rules)
  • 2059009 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (luoli8 .life) (exploit_kit.rules)
  • 2059010 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (pablogutierrez .life) (exploit_kit.rules)
  • 2059011 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (preisefurmaannerpillen .life) (exploit_kit.rules)
  • 2059012 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (rccgloveinaction .org) (exploit_kit.rules)
  • 2059013 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (teddyatuluku .org) (exploit_kit.rules)
  • 2059014 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (biznessclinic .life) (exploit_kit.rules)
  • 2059015 - ET EXPLOIT_KIT LandUpdate808 Domain in DNS Lookup (pursyst .com) (exploit_kit.rules)
  • 2059016 - ET EXPLOIT_KIT LandUpdate808 Domain in TLS SNI (pursyst .com) (exploit_kit.rules)
  • 2059017 - ET EXPLOIT Microsoft LDAP Referral Response Inbound (CVE-2024-49113) (exploit.rules)
  • 2059018 - ET MALWARE CryptBot CnC Checkin (malware.rules)
  • 2059019 - ET MALWARE CryptBot Data Exfiltration Attempt (malware.rules)
  • 2059020 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (siffinisherz .sbs) (malware.rules)
  • 2059021 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (siffinisherz .sbs in TLS SNI) (malware.rules)
  • 2059022 - ET MALWARE OtterCookie CnC Domain in DNS Lookup (payloadrpc .com) (malware.rules)
  • 2059023 - ET MALWARE OtterCookie CnC Domain in DNS Lookup (w3capi .marketing) (malware.rules)
  • 2059024 - ET MALWARE OtterCookie CnC Domain in DNS Lookup (zkservice .cloud) (malware.rules)
  • 2059025 - ET MALWARE Observed OtterCookie Domain (payloadrpc .com) in TLS SNI (malware.rules)
  • 2059026 - ET MALWARE Observed OtterCookie Domain (w3capi .marketing) in TLS SNI (malware.rules)
  • 2059027 - ET MALWARE Observed OtterCookie Domain (zkservice .cloud) in TLS SNI (malware.rules)
  • 2059028 - ET INFO PacketCrypt Mining Pool in DNS Lookup (pkt .world) (info.rules)

Pro:

  • 2859520 - ETPRO EXPLOIT_KIT Observed Clickfix Domain in TLS SNI (exploit_kit.rules)
  • 2859521 - ETPRO EXPLOIT_KIT Observed DNS Query to Clickfix Domain (exploit_kit.rules)
  • 2859522 - ETPRO MALWARE TA582 Domain in DNS Lookup (malware.rules)
  • 2859523 - ETPRO MALWARE TA582 Domain in DNS Lookup (malware.rules)

Modified inactive rules:

  • 2000330 - ET P2P ed2k connection to server (p2p.rules)
  • 2001296 - ET P2P eDonkey File Status (p2p.rules)
  • 2001297 - ET P2P eDonkey File Status Request (p2p.rules)
  • 2001299 - ET P2P eDonkey Server Status (p2p.rules)
  • 2001374 - ET EXPLOIT MS04-032 Bad EMF file (exploit.rules)
  • 2001652 - ET P2P JoltID Agent New Code Download (p2p.rules)
  • 2001808 - ET P2P LimeWire P2P Traffic (p2p.rules)
  • 2001873 - ET EXPLOIT MS Exchange Link State Routing Chunk (maybe MS05-021) (exploit.rules)
  • 2001944 - ET NETBIOS MS04-007 Kill-Bill ASN1 exploit attempt (netbios.rules)
  • 2002673 - ET P2P MS Foldershare Login Detected (p2p.rules)
  • 2002887 - ET EXPLOIT SYS get_domain_index_tables Access (exploit.rules)
  • 2002888 - ET EXPLOIT SYS get_v2_domain_index_tables Privilege Escalation Attempt (exploit.rules)
  • 2003081 - ET NETBIOS NETBIOS SMB DCERPC NetrpPathCanonicalize request (possible MS06-040) (netbios.rules)
  • 2003082 - ET NETBIOS NETBIOS SMB-DS DCERPC NetrpPathCanonicalize request (possible MS06-040) (netbios.rules)
  • 2003198 - ET EXPLOIT TFTP Invalid Mode in file Get (exploit.rules)
  • 2003199 - ET EXPLOIT TFTP Invalid Mode in file Put (exploit.rules)
  • 2003308 - ET P2P Edonkey IP Request (p2p.rules)
  • 2003309 - ET P2P Edonkey IP Reply (p2p.rules)
  • 2003310 - ET P2P Edonkey Publicize File (p2p.rules)
  • 2003314 - ET P2P Edonkey Search Request (by file hash) (p2p.rules)
  • 2003315 - ET P2P Edonkey Search Reply (p2p.rules)
  • 2003316 - ET P2P Edonkey IP Query End (p2p.rules)
  • 2003318 - ET P2P Edonkey Get Sources Request (by hash) (p2p.rules)
  • 2003321 - ET P2P Edonkey Server Message (p2p.rules)
  • 2003322 - ET P2P Edonkey Server List (p2p.rules)
  • 2003323 - ET P2P Edonkey Client to Server Hello (p2p.rules)
  • 2003434 - ET EXPLOIT Trend Micro Web Interface Auth Bypass Vulnerable Cookie Attempt (exploit.rules)
  • 2003437 - ET P2P Ares over UDP (p2p.rules)
  • 2008595 - ET P2P SoulSeek P2P Server Connection (p2p.rules)
  • 2009860 - ET EXPLOIT IIS FTP Exploit - NLST Globbing Exploit (exploit.rules)
  • 2009970 - ET P2P eMule Kademlia Hello Request (p2p.rules)
  • 2009973 - ET P2P eMule KAD Network Send Username (p2p.rules)
  • 2009986 - ET P2P Octoshape UDP Session (p2p.rules)
  • 2013483 - ET MALWARE DNS query for Morto RDP worm related domain jifr.co.cc (malware.rules)
  • 2013493 - ET MALWARE DNS query for Morto RDP worm related domain qfsl.co.be (malware.rules)
  • 2013494 - ET MALWARE DNS query for Morto RDP worm related domain qfsl.co.cc (malware.rules)
  • 2013496 - ET MALWARE DNS query for Morto RDP worm related domain jifr.co.be (malware.rules)
  • 2015967 - ET P2P QVOD P2P Sharing Traffic detected (udp) payload (p2p.rules)
  • 2016600 - ET MALWARE DNS Query Sykipot Domain peocity.com (malware.rules)
  • 2016602 - ET MALWARE DNS Query Sykipot Domain skyruss.net (malware.rules)
  • 2016603 - ET MALWARE DNS Query Sykipot Domain commanal.net (malware.rules)
  • 2016604 - ET MALWARE DNS Query Sykipot Domain natareport.com (malware.rules)
  • 2016605 - ET MALWARE DNS Query Sykipot Domain photogellrey.com (malware.rules)
  • 2016606 - ET MALWARE DNS Query Sykipot Domain photogalaxyzone.com (malware.rules)
  • 2016608 - ET MALWARE DNS Query Sykipot Domain creditrept.com (malware.rules)
  • 2016609 - ET MALWARE DNS Query Sykipot Domain pollingvoter.org (malware.rules)
  • 2016610 - ET MALWARE DNS Query Sykipot Domain dfasonline.com (malware.rules)
  • 2016611 - ET MALWARE DNS Query Sykipot Domain hudsoninst.com (malware.rules)
  • 2016612 - ET MALWARE DNS Query Sykipot Domain wsurveymaster.com (malware.rules)
  • 2016613 - ET MALWARE DNS Query Sykipot Domain nhrasurvey.org (malware.rules)
  • 2016614 - ET MALWARE DNS Query Sykipot Domain pdi2012.org (malware.rules)
  • 2016615 - ET MALWARE DNS Query Sykipot Domain nceba.org (malware.rules)
  • 2016616 - ET MALWARE DNS Query Sykipot Domain linkedin-blog.com (malware.rules)
  • 2016617 - ET MALWARE DNS Query Sykipot Domain aafbonus.com (malware.rules)
  • 2016618 - ET MALWARE DNS Query Sykipot Domain milstars.org (malware.rules)
  • 2016619 - ET MALWARE DNS Query Sykipot Domain vatdex.com (malware.rules)
  • 2016620 - ET MALWARE DNS Query Sykipot Domain insightpublicaffairs.org (malware.rules)
  • 2016621 - ET MALWARE DNS Query Sykipot Domain applesea.net (malware.rules)
  • 2016622 - ET MALWARE DNS Query Sykipot Domain appledmg.net (malware.rules)
  • 2016623 - ET MALWARE DNS Query Sykipot Domain appleintouch.net (malware.rules)
  • 2016624 - ET MALWARE DNS Query Sykipot Domain seyuieyahooapis.com (malware.rules)
  • 2016625 - ET MALWARE DNS Query Sykipot Domain appledns.net (malware.rules)
  • 2016626 - ET MALWARE DNS Query Sykipot Domain emailserverctr.com (malware.rules)
  • 2016627 - ET MALWARE DNS Query Sykipot Domain dailynewsjustin.com (malware.rules)
  • 2016628 - ET MALWARE DNS Query Sykipot Domain hi-tecsolutions.org (malware.rules)
  • 2016629 - ET MALWARE DNS Query Sykipot Domain slashdoc.org (malware.rules)
  • 2016630 - ET MALWARE DNS Query Sykipot Domain photosmagnum.com (malware.rules)
  • 2016631 - ET MALWARE DNS Query Sykipot Domain resume4jobs.net (malware.rules)
  • 2016632 - ET MALWARE DNS Query Sykipot Domain searching-job.net (malware.rules)
  • 2016633 - ET MALWARE DNS Query Sykipot Domain servagency.com (malware.rules)
  • 2016634 - ET MALWARE DNS Query Sykipot Domain gsasmartpay.org (malware.rules)
  • 2016635 - ET MALWARE DNS Query Sykipot Domain tech-att.com (malware.rules)
  • 2016833 - ET EXPLOIT_KIT IE HTML+TIME ANIMATECOLOR with eval as seen in unknown EK (exploit_kit.rules)
  • 2018265 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018266 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018268 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018269 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018270 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018271 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018272 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018273 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018274 - ET MALWARE Perl/Calfbot C&C DNS request (malware.rules)
  • 2018756 - ET EXPLOIT_KIT XMLDOM Check for Presence Kaspersky AV Observed in RIG EK (exploit_kit.rules)
  • 2018757 - ET EXPLOIT_KIT XMLDOM Check for Presence TrendMicro AV Observed in RIG EK (exploit_kit.rules)
  • 2018874 - ET MALWARE Tor based locker .onion Proxy DNS lookup July 31 2014 (malware.rules)
  • 2019123 - ET MALWARE Cryptolocker .onion Proxy Domain (erhitnwfvpgajfbu) (malware.rules)
  • 2019546 - ET MALWARE Sofacy HTTP Request adawareblock.com (malware.rules)
  • 2019547 - ET MALWARE Sofacy HTTP Request adobeincorp.com (malware.rules)
  • 2019548 - ET MALWARE Sofacy HTTP Request azureon-line.com (malware.rules)
  • 2019549 - ET MALWARE Sofacy HTTP Request checkmalware.info (malware.rules)
  • 2019550 - ET MALWARE Sofacy HTTP Request checkwinframe.com (malware.rules)
  • 2019551 - ET MALWARE Sofacy HTTP Request check-fix.com (malware.rules)
  • 2019552 - ET MALWARE Sofacy HTTP Request hotfix-update.com (malware.rules)
  • 2019553 - ET MALWARE Sofacy HTTP Request microsofi.org (malware.rules)
  • 2019555 - ET MALWARE Sofacy HTTP Request scanmalware.info (malware.rules)
  • 2019556 - ET MALWARE Sofacy HTTP Request secnetcontrol.com (malware.rules)
  • 2019557 - ET MALWARE Sofacy HTTP Request securitypractic.com (malware.rules)
  • 2019558 - ET MALWARE Sofacy HTTP Request testservice24.net (malware.rules)
  • 2019559 - ET MALWARE Sofacy HTTP Request testsnetcontrol.com (malware.rules)
  • 2019560 - ET MALWARE Sofacy HTTP Request updatepc.org (malware.rules)
  • 2019561 - ET MALWARE Sofacy HTTP Request updatesoftware24.com (malware.rules)
  • 2019562 - ET MALWARE Sofacy HTTP Request windows-updater.com (malware.rules)
  • 2019563 - ET MALWARE Sofacy HTTP Request checkmalware.org (malware.rules)
  • 2019583 - ET MALWARE Sofacy HTTP Request symanttec.org (malware.rules)
  • 2019585 - ET MALWARE Sofacy HTTP Request msonlinelive.com (malware.rules)
  • 2019641 - ET MALWARE Sofacy HTTP Request malwarecheck.info (malware.rules)
  • 2019798 - ET EXPLOIT_KIT Malicious Iframe Leading to EK (exploit_kit.rules)
  • 2019920 - ET EXPLOIT_KIT Malicious JS Leading to Fiesta EK (exploit_kit.rules)
  • 2019979 - ET MALWARE Cryptolocker .onion Proxy Domain (malware.rules)
  • 2020206 - ET MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2020210 - ET MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2020213 - ET MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2020226 - ET MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2020357 - ET MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2020581 - ET MALWARE Chanitor .onion Proxy Domain (malware.rules)
  • 2020616 - ET MALWARE Teerac/CryptoFortress .onion Proxy Domain (h63rbx7gkd3gygag) (malware.rules)
  • 2020670 - ET MALWARE Cryptolocker .onion Proxy Domain (juf5pjk4sl7uojh4) (malware.rules)
  • 2020685 - ET MALWARE Cryptolocker .onion Proxy Domain (4elcqmis624seeo7) (malware.rules)
  • 2020713 - ET MALWARE 9002 RAT C&C DNS request (malware.rules)
  • 2020727 - ET MALWARE Zbot .onion Proxy Domain (3bjpwsf3fjcwtnwx) (malware.rules)
  • 2020759 - ET MALWARE Vawtrak/NeverQuest .onion Proxy Domain (otsaa35gxbcwvrqs) (malware.rules)
  • 2020760 - ET MALWARE Vawtrak/NeverQuest .onion Proxy Domain (4bpthx5z4e7n6gnb) (malware.rules)
  • 2020761 - ET MALWARE Vawtrak/NeverQuest .onion Proxy Domain (bc3ywvif4m3lnw4o) (malware.rules)
  • 2020915 - ET MALWARE CryptoLocker .onion Proxy Domain (33p5mqkaj22irv4z) (malware.rules)
  • 2020952 - ET MALWARE CryptoLocker .onion Proxy Domain (pf3tlgkpks7pu7yr) (malware.rules)
  • 2020953 - ET MALWARE CryptoLocker .onion Proxy Domain (v7lfogalalzc2c4d) (malware.rules)
  • 2021041 - ET MALWARE Teerac/CryptoFortress .onion Proxy Domain (cld7vqwcvn2bii67) (malware.rules)
  • 2021077 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (is6xsotjdy4qtgur) (malware.rules)
  • 2021115 - ET MALWARE CTB-Locker .onion Proxy Domain (tlunjscxn5n76iyz) (malware.rules)
  • 2021252 - ET MALWARE TorrentLocker .onion Proxy Domain (zbqxpjfvltb6d62m) (malware.rules)
  • 2021302 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (bpq4dub4rlivvswu) (malware.rules)
  • 2021303 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (gzc7lj4rvmkg25dm) (malware.rules)
  • 2021325 - ET MALWARE CryptoLocker .onion Proxy Domain (xvha2ctkacx2ug3b) (malware.rules)
  • 2021534 - ET MALWARE Poshcoder .onion Proxy Domain (hlvumvvclxy2nw7j) (malware.rules)
  • 2021549 - ET MALWARE CryptoLocker .onion Proxy Domain (vacdgwaw5djp5hmu) (malware.rules)
  • 2021551 - ET MALWARE Critroni .onion Proxy Domain (malware.rules)
  • 2021561 - ET MALWARE EncryptorRaas .onion Proxy Domain (613cb6owitcouepv) (malware.rules)
  • 2021849 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (malware.rules)
  • 2022145 - ET MALWARE Critroni .onion Proxy Domain (tmclybfqzgkaeilm) (malware.rules)
  • 2022191 - ET MALWARE Win32/Teslacrypt .onion Proxy Domain (tw7kaqthui5ojcez) (malware.rules)
  • 2022236 - ET MALWARE EncryptorRaas .onion Domain (75nzutdjjtnpgscz) (malware.rules)
  • 2022237 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Domain (malware.rules)
  • 2022238 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Domain (malware.rules)
  • 2022314 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (czc57cr2pn3zfn4b) (malware.rules)
  • 2022315 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (o7zeip6us33igmgw) (malware.rules)
  • 2022316 - ET MALWARE TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (vr6g2curb2kcidou) (malware.rules)
  • 2023453 - ET MALWARE Ransomware/Cerber Checkin 2 (malware.rules)
  • 2023612 - ET MALWARE Ransomware/Cerber Checkin M3 (1) (malware.rules)
  • 2023613 - ET MALWARE Ransomware/Cerber Checkin M3 (2) (malware.rules)
  • 2023614 - ET MALWARE Ransomware/Cerber Checkin M3 (3) (malware.rules)
  • 2023615 - ET MALWARE Ransomware/Cerber Checkin M3 (4) (malware.rules)
  • 2023616 - ET MALWARE Ransomware/Cerber Checkin M3 (5) (malware.rules)
  • 2023617 - ET MALWARE Ransomware/Cerber Checkin M3 (6) (malware.rules)
  • 2023618 - ET MALWARE Ransomware/Cerber Checkin M3 (7) (malware.rules)
  • 2023619 - ET MALWARE Ransomware/Cerber Checkin M3 (8) (malware.rules)
  • 2023620 - ET MALWARE Ransomware/Cerber Checkin M3 (9) (malware.rules)
  • 2023621 - ET MALWARE Ransomware/Cerber Checkin M3 (10) (malware.rules)
  • 2023622 - ET MALWARE Ransomware/Cerber Checkin M3 (11) (malware.rules)
  • 2023623 - ET MALWARE Ransomware/Cerber Checkin M3 (12) (malware.rules)
  • 2023624 - ET MALWARE Ransomware/Cerber Checkin M3 (13) (malware.rules)
  • 2023625 - ET MALWARE Ransomware/Cerber Checkin M3 (14) (malware.rules)
  • 2023626 - ET MALWARE Ransomware/Cerber Checkin M3 (15) (malware.rules)
  • 2023627 - ET MALWARE Ransomware/Cerber Checkin M3 (16) (malware.rules)
  • 2038673 - ET EXPLOIT Jira Server/Data Center 8.4.0 Remote File Read Attempt (CVE-2021-26086) M2 (exploit.rules)
  • 2800101 - ETPRO ACTIVEX CA eTrust Intrusion Detection CallCode ActiveX Control Code Execution (activex.rules)
  • 2800102 - ETPRO ACTIVEX CA eTrust Intrusion Detection CallCode ActiveX Control Code Execution (activex.rules)
  • 2800105 - ETPRO ACTIVEX VMware Workstation ActiveX Control vielib.dll Command Execution (activex.rules)
  • 2800106 - ETPRO ACTIVEX VMware Workstation ActiveX Control vielib.dll Command Execution (activex.rules)
  • 2800117 - ETPRO ACTIVEX Microsoft Internet Explorer ActiveX Object Objectsafety Implementation Code Execution clsid Attempt (activex.rules)
  • 2800118 - ETPRO ACTIVEX Microsoft Internet Explorer ActiveX Object Objectsafety Implementation Code Execution (activex.rules)
  • 2800258 - ETPRO ACTIVEX HP Software Update Tool ActiveX Control File Overwrite (activex.rules)
  • 2800259 - ETPRO ACTIVEX HP Software Update Tool ActiveX Control File Overwrite (activex.rules)
  • 2800262 - ETPRO ACTIVEX Macrovision InstallShield Update Service (activex.rules)
  • 2800264 - ETPRO ACTIVEX Macrovision InstallShield Update Service isusweb.dll (SDWUSWebAgent) (activex.rules)
  • 2800271 - ETPRO ACTIVEX Microsoft Visual FoxPro vfp6r.dll DoCmd ActiveX Control Command Execution 1 (activex.rules)
  • 2800272 - ETPRO ACTIVEX Microsoft Visual FoxPro vfp6r.dll DoCmd ActiveX Control Command Execution 2 (activex.rules)
  • 2800273 - ETPRO ACTIVEX Microsoft Rich Textbox Control SaveFile Insecure Method Arbitrary File Overwrite (activex.rules)
  • 2800274 - ETPRO ACTIVEX Microsoft Rich Textbox Control SaveFile Insecure Method Arbitrary File Overwrite (activex.rules)
  • 2800275 - ETPRO ACTIVEX Microsoft Rich Textbox Control SaveFile Insecure Method Arbitrary File Overwrite (activex.rules)
  • 2800276 - ETPRO ACTIVEX Microsoft Rich Textbox Control SaveFile Insecure Method Arbitrary File Overwrite (activex.rules)
  • 2800309 - ETPRO ACTIVEX Microsoft Office Web Components DateSource Code Execution 1 (activex.rules)
  • 2800310 - ETPRO ACTIVEX Microsoft Office Web Components DateSource Code Execution 2 (activex.rules)
  • 2800317 - ETPRO ACTIVEX CA Multiple Products ActiveX Control Use (activex.rules)
  • 2800318 - ETPRO ACTIVEX CA Multiple Products ActiveX Control ListCtrl Use (activex.rules)
  • 2800358 - ETPRO ACTIVEX Macrovision InstallShield Update Service Agent ActiveX 1 (activex.rules)
  • 2800359 - ETPRO ACTIVEX Macrovision InstallShield Update Service Agent ActiveX 2 (activex.rules)
  • 2800363 - ETPRO ACTIVEX Autodesk Multiple Products LiveUpdate ActiveX Control Code Execution 1 (activex.rules)
  • 2800364 - ETPRO ACTIVEX Autodesk Multiple Products LiveUpdate ActiveX Control Code Execution 2 (activex.rules)
  • 2800496 - ETPRO ACTIVEX Microsoft Windows DHTML Editing Component ActiveX Control Code Execution (activex.rules)
  • 2800497 - ETPRO ACTIVEX Microsoft Windows DHTML Editing Component ActiveX Control Code Execution (activex.rules)
  • 2800502 - ETPRO ACTIVEX SAP GUI WebViewer3D ActiveX Control Arbitrary File Overwrite 1 (activex.rules)
  • 2800503 - ETPRO ACTIVEX SAP GUI WebViewer3D ActiveX Control Arbitrary File Overwrite 2 (activex.rules)
  • 2800504 - ETPRO ACTIVEX SAP GUI WebViewer3D ActiveX Control Arbitrary File Overwrite 3 (activex.rules)
  • 2800505 - ETPRO ACTIVEX SAP GUI WebViewer3D ActiveX Control Arbitrary File Overwrite 4 (activex.rules)
  • 2800508 - ETPRO ACTIVEX HP LoadRunner XUpload.ocx ActiveX Control Arbitrary File Download (activex.rules)
  • 2800509 - ETPRO ACTIVEX HP LoadRunner XUpload.ocx ActiveX Control Arbitrary File Download (activex.rules)
  • 2800512 - ETPRO ACTIVEX EMC Captiva PixTools Distributed Imaging ActiveX Control File Creation (activex.rules)
  • 2800513 - ETPRO ACTIVEX EMC Captiva PixTools Distributed Imaging ActiveX Control File Creation (activex.rules)
  • 2800574 - ETPRO ACTIVEX Microsoft Access ActiveX Control Code Execution1 (activex.rules)
  • 2800575 - ETPRO ACTIVEX Microsoft Access ActiveX Control Code Execution 2 (activex.rules)
  • 2800583 - ETPRO ACTIVEX Yahoo Messenger ActiveX Control Command Execution (activex.rules)
  • 2800584 - ETPRO ACTIVEX Yahoo Messenger ActiveX Control Command Execution (activex.rules)
  • 2801236 - ETPRO ACTIVEX Microsoft WMI Administrative Tools ActiveX Control AddContextRef Method Overflow 1 (activex.rules)
  • 2801237 - ETPRO ACTIVEX Microsoft WMI Administrative Tools ActiveX Control ReleaseContext Method Overflow 2 (activex.rules)
  • 2801238 - ETPRO ACTIVEX Microsoft WMI Administrative Tools ActiveX Control AddContextRef Method Overflow (activex.rules)
  • 2801239 - ETPRO ACTIVEX Microsoft WMI Administrative Tools ActiveX Control ReleaseContext Method Overflow (activex.rules)
  • 2801255 - ETPRO ACTIVEX Microsoft Windows Data Access Components ADO Record Code Execution (activex.rules)
  • 2801256 - ETPRO ACTIVEX Microsoft Windows Data Access Components ADO Record Code Execution (activex.rules)
  • 2801917 - ETPRO ACTIVEX Cisco Secure Desktop CSDWebInstaller Code Execution 2 (activex.rules)
  • 2801918 - ETPRO ACTIVEX Cisco Secure Desktop CSDWebInstaller Code Execution (activex.rules)
  • 2801964 - ETPRO ACTIVEX Microsoft Office Web Components Remote Code Execution 1 (activex.rules)
  • 2801965 - ETPRO ACTIVEX Microsoft Office Web Components Remote Code Execution 2 (activex.rules)
  • 2801987 - ETPRO EXPLOIT_KIT Stage 3 Indicator Black Hole Exploit Kit dropper (exploit_kit.rules)
  • 2802023 - ETPRO ACTIVEX Vulnerable IE8 Developer Toolkit COM Object Use (activex.rules)
  • 2802024 - ETPRO ACTIVEX Vulnerable WBEM.SingleView.1 Object clsid Access (activex.rules)
  • 2802025 - ETPRO ACTIVEX Vulnerable WBEM.SingleView.1 Object Access (CVE-2010-3973) (activex.rules)
  • 2802030 - ETPRO ACTIVEX Vulnerable Windows Messenger Service clsid Access (activex.rules)
  • 2802031 - ETPRO ACTIVEX Vulnerable Windows Messenger Service Object Access (CVE-2011-1243) (activex.rules)
  • 2802864 - ETPRO EXPLOIT_KIT Driveby Crimepack requesting load.php (exploit_kit.rules)
  • 2802882 - ETPRO EXPLOIT_KIT Driveby Crimepack Access cp.bat (exploit_kit.rules)
  • 2802883 - ETPRO EXPLOIT_KIT Driveby Crimepack CP-ENC-XXXX.php access (exploit_kit.rules)
  • 2803611 - ETPRO ACTIVEX Citrix Access Gateway Plug-in ActiveX Code Execution - SET (activex.rules)
  • 2803612 - ETPRO ACTIVEX Citrix Access Gateway Plug-in ActiveX Code Execution (CVE-2011-2882) (activex.rules)
  • 2803850 - ETPRO ACTIVEX Microsoft Internet Explorer htmlfile ActiveX control instantiation (CVE-2011-1995) (activex.rules)
  • 2804102 - ETPRO ACTIVEX HP Protect Tools Device Access Manager for Windows arbitrary code execution (activex.rules)
  • 2804729 - ETPRO EXPLOIT_KIT Eleonore Exploit Kit (exploit_kit.rules)
  • 2805392 - ETPRO EXPLOIT_KIT Orange Exploit Kit Infector (exploit_kit.rules)
  • 2808207 - ETPRO EXPLOIT_KIT Safe/Critx/FlashPack URI Struct June 18 2014 1 (exploit_kit.rules)
  • 2808208 - ETPRO EXPLOIT_KIT Safe/Critx/FlashPack URI Struct June 18 2014 2 (exploit_kit.rules)
  • 2808212 - ETPRO EXPLOIT_KIT Safe/Critx/FlashPack URI Struct June 19 2014 1 (exploit_kit.rules)
  • 2808213 - ETPRO EXPLOIT_KIT Safe/Critx/FlashPack URI Struct June 19 2014 2 (exploit_kit.rules)
  • 2808658 - ETPRO EXPLOIT_KIT FlashPack URI Struct Thread 1 Specific (exploit_kit.rules)
  • 2808659 - ETPRO EXPLOIT_KIT FlashPack URI Struct Thread 2 Specific (exploit_kit.rules)
  • 2808900 - ETPRO MALWARE Chanitor .onion Proxy Domain (malware.rules)
  • 2809273 - ETPRO EXPLOIT_KIT DRIVEBY Magnitude Landing Dec 03 2014 (exploit_kit.rules)
  • 2809275 - ETPRO EXPLOIT_KIT DRIVEBY Magnitude IE Exploit Dec 03 2014 (exploit_kit.rules)
  • 2809383 - ETPRO MALWARE Win32/Teerac.A .onion Proxy Domain (humapzcmz744fe7y) (malware.rules)
  • 2809385 - ETPRO MALWARE Win32/Injector.BOVV .onion Proxy Domain (malware.rules)
  • 2809402 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809403 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809404 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809412 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809413 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809414 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809416 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809417 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809418 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809419 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809420 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809421 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809422 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809423 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809442 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809477 - ETPRO MALWARE Backdoor.Win32.DarkKomet.emda .onion Proxy Domain (malware.rules)
  • 2809483 - ETPRO MALWARE Win32.Zbot.tykx .onion Proxy Domain (malware.rules)
  • 2809488 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809489 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809490 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809491 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809492 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809493 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809494 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809495 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809496 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809497 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809498 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809499 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809500 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809501 - ETPRO DOS MS RADIUS DoS Vulnerability CVE-2015-0015 (dos.rules)
  • 2809545 - ETPRO EXPLOIT_KIT KaiXin Exploit Kit Java Class Jan 19 2014 (exploit_kit.rules)
  • 2809577 - ETPRO MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2809631 - ETPRO MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2809692 - ETPRO MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2809693 - ETPRO MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2809694 - ETPRO MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2809695 - ETPRO MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2809696 - ETPRO MALWARE Chanitor Variant .onion Proxy Domain (malware.rules)
  • 2809710 - ETPRO MALWARE Critroni Variant .onion Proxy Domain (malware.rules)
  • 2809821 - ETPRO MALWARE Zbot .onion Proxy Domain (malware.rules)
  • 2809827 - ETPRO MALWARE Chanitor .onion Proxy Domain (malware.rules)
  • 2809870 - ETPRO MALWARE Chanitor .onion Proxy Domain (malware.rules)
  • 2809871 - ETPRO MALWARE Chanitor .onion Proxy Domain (malware.rules)
  • 2809879 - ETPRO MALWARE Athena Variant .onion Proxy Domain (malware.rules)
  • 2809884 - ETPRO MALWARE Cryptolocker .onion Proxy Domain (udm744mfh5wbwxye) (malware.rules)
  • 2809887 - ETPRO MALWARE Win32/Injector.AEJK .onion Proxy Domain (malware.rules)
  • 2809939 - ETPRO MALWARE Teerac/CryptoFortress .onion Proxy Domain (tisoyhcp2y52ioyk) (malware.rules)
  • 2809940 - ETPRO MALWARE Teerac/CryptoFortress .onion Proxy Domain (4ptyziqllh5iyhx4) (malware.rules)
  • 2809966 - ETPRO MALWARE Cryptolocker .onion Proxy Domain (7ziwuw5b2pbezpuy) (malware.rules)
  • 2809967 - ETPRO MALWARE Cryptolocker .onion Proxy Domain (4xau3z5os5byevya) (malware.rules)
  • 2809968 - ETPRO MALWARE Cryptolocker .onion Proxy Domain (f2d2v7soksbskekh) (malware.rules)
  • 2809987 - ETPRO MALWARE Win32/Filecoder Ransomware Variant .onion Proxy Domain (malware.rules)
  • 2809989 - ETPRO MALWARE Cryptolocker .onion Proxy Domain (nne4b5ujqqedvrkh) (malware.rules)
  • 2810002 - ETPRO MALWARE Cryptorbit Ransomware .onion Proxy Domain (4sfxctgp53imlvzk) (malware.rules)
  • 2810028 - ETPRO WEB_CLIENT MS15-018 Internet Explorer Elevation of Privilege Vulnerability CVE-2015-1623 (web_client.rules)
  • 2810049 - ETPRO MALWARE Chanitor .onion Proxy Domain (xdndo2okt43cjx44) (malware.rules)
  • 2810130 - ETPRO MALWARE VaultCrypt .onion Proxy Domain (restoredz4xpmuqr) (malware.rules)
  • 2810131 - ETPRO MALWARE VaultCrypt .onion Proxy Domain (tj2es2lrxelpknfp) (malware.rules)
  • 2810132 - ETPRO MALWARE TorrentLocker .onion Proxy Domain (ndvgtf27xkhdvezr) (malware.rules)
  • 2810133 - ETPRO MALWARE CryptoLocker .onion Proxy Domain (bbsqfujyiblsrygu) (malware.rules)
  • 2810134 - ETPRO MALWARE TorrentLocker .onion Proxy Domain (a5xpevkpcmfmnaew) (malware.rules)
  • 2810142 - ETPRO MALWARE Win32/Vobfus.EK C&C DNS request (malware.rules)
  • 2810143 - ETPRO MALWARE Win32/Vobfus.EK C&C DNS request (malware.rules)
  • 2810145 - ETPRO MALWARE Win32/Vobfus.EK C&C DNS request (malware.rules)
  • 2810150 - ETPRO MALWARE Exaction Cryptolocker .onion Proxy Domain (iupfnqg2uaigwoei) (malware.rules)
  • 2810151 - ETPRO MALWARE Trojan-Spy.Win32.Zbot.urtu .onion Proxy Domain (4tsur32luets6fhe) (malware.rules)
  • 2810160 - ETPRO MALWARE Chanitor .onion Proxy Domain (xlc2opjy2iniygev) (malware.rules)
  • 2810190 - ETPRO MALWARE Critroni .onion Proxy Domain (malware.rules)
  • 2810272 - ETPRO MALWARE Poshcoder Ransomware .onion Domain (r7twae4a7jtozjwv) (malware.rules)
  • 2810292 - ETPRO MALWARE Chanitor .onion Proxy Domain (dugjdv7z3h5x4nrp) (malware.rules)
  • 2810364 - ETPRO MALWARE Chanitor .onion Proxy Domain (omi62yc6jtsd2q37) (malware.rules)
  • 2810423 - ETPRO MALWARE Chanitor .onion Proxy Domain (jsrgmlud44wtvyfj) (malware.rules)
  • 2810455 - ETPRO MALWARE Ransom.Win32.Foreign Variant .onion Proxy Domain (malware.rules)
  • 2810456 - ETPRO MALWARE Neurevt .onion Proxy Domain (malware.rules)
  • 2810476 - ETPRO MALWARE Chanitor .onion Proxy Domain (um6fsdil5ecma5kf) (malware.rules)
  • 2810583 - ETPRO EXPLOIT_KIT DRIVEBY Magnitude Landing Dec 03 2014 M2 (exploit_kit.rules)
  • 2810584 - ETPRO EXPLOIT_KIT DRIVEBY Magnitude Landing Dec 03 2014 M3 (exploit_kit.rules)
  • 2811081 - ETPRO MALWARE Pontoeb .onion Proxy Domain (malware.rules)
  • 2811082 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bXJkZF9tcmRkOm1hbWEx) (malware.rules)
  • 2811085 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZmVsaXh3YWxkXzEwOm51dHRlbmVua2Vs) (malware.rules)
  • 2811088 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YXNrYWFfYXNrYWE6MTExMzMz) (malware.rules)
  • 2811089 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUFTTmpKalVvdTZSUGttUDgxbkpVdWhiWkRreEFhSFFoWDp4) (malware.rules)
  • 2811102 - ETPRO MALWARE Ransom.Tox .onion Proxy Domain (malware.rules)
  • 2811109 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cDBybnN0YXJfd29ya2VyOnBhc3N3b3Jk) (malware.rules)
  • 2811110 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aVBvZFRvdWNoM3gzOmYxNWMxNjFm) (malware.rules)
  • 2811111 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Q29yck0ud29ya2VyOkNvcnJN) (malware.rules)
  • 2811112 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTFuM3JfQTp3aGdmcnQ2MjNn) (malware.rules)
  • 2811113 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bG91bWFsb3VAbWFpbC5jb206cmFjY29vbjI=) (malware.rules)
  • 2811114 - ETPRO MALWARE Bitcoin miner known malicious basic auth (U3A0UnRhX3dvcmtlcjphYmMxMjM=) (malware.rules)
  • 2811115 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cDBybnN0YXJfd29ya2VyOm9ybmVsaWE=) (malware.rules)
  • 2811128 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTJuM3JfQTptMW4zcmVsaXRl) (malware.rules)
  • 2811129 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2lsZW50Lm5pZ2h0OThAeWFob28uY29tXzA6cGFzc3dkMTIz) (malware.rules)
  • 2811130 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZ3VpbGQ6cmVkZW14eHg1eDI=) (malware.rules)
  • 2811131 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZGFya1NvbnNfY3J5cHQ6ZWxpYXNzc3Nzc3Nzc3M=) (malware.rules)
  • 2811132 - ETPRO MALWARE Bitcoin miner known malicious basic auth (d29ya2VyOng=) (malware.rules)
  • 2811133 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MU5NVDJmNnpFcDFnZUpUQ0NSZlltajlzemVwMTdueDNEWjo=) (malware.rules)
  • 2811134 - ETPRO MALWARE Bitcoin miner known malicious basic auth (d29ya2VyNTU1NTpzZXJ2ZXI=) (malware.rules)
  • 2811135 - ETPRO MALWARE Bitcoin miner known malicious basic auth (SDR4MHJfZGpyZWQ6ZGpyZWQ=) (malware.rules)
  • 2811145 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fY2hlY2s6b3JuZWxpYXNnYXNzc3Nzc3M=) (malware.rules)
  • 2811146 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTFuM3JfQTp4MXgyeDN4NHg1eDZ4N3g=) (malware.rules)
  • 2811147 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZHhzdHJfbWluZXI6aGVsbG8=) (malware.rules)
  • 2811148 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bmlnZ2FzOmJldHJpcHBpbg==) (malware.rules)
  • 2811149 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXNlcjY6VUI5N2FkMg==) (malware.rules)
  • 2811150 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZzp4MXgyeDN4NHg1) (malware.rules)
  • 2811151 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cXdlcnR5MTIzLjE6eA==) (malware.rules)
  • 2811152 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTFuM3JfQTpvcHkzaGd5dHJl) (malware.rules)
  • 2811153 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YWxwaGFkZWx0YS4yOnRlc3Q=) (malware.rules)
  • 2811183 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTFuM3JfQTp4RHhEaGd5dHJl) (malware.rules)
  • 2811184 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YW5vbnltb3VzLjE6LXg=) (malware.rules)
  • 2811185 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MTY5VHBSNDdKVmNMYVFYZEdZRTZMdjRQczlEYlZxSGhTaTp4) (malware.rules)
  • 2811186 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUt5eHJCcDhtSlJ0M1U2UTEyTGZ1Tkxvblo5SkhMWW5iTTp4) (malware.rules)
  • 2811200 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFzdGVybGVha2VkLnNraGE6eA==) (malware.rules)
  • 2811228 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dGVteWNoaV93b3JrZXI6MTIz) (malware.rules)
  • 2811229 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bmlnZ2FzOmJldHJpcHBpbnRyaXBwaW4=) (malware.rules)
  • 2811230 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZ3VpbGQ6cmVkZW0=) (malware.rules)
  • 2811232 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YmFyYmllLjEwMDE6eWVhaHllYWh5ZWFo) (malware.rules)
  • 2811233 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFydmlkLmRpc2ZpZzp4) (malware.rules)
  • 2811234 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXNlcm5hbWU6cGFzc3dvcmQ=) (malware.rules)
  • 2811235 - ETPRO MALWARE Bitcoin miner known malicious basic auth (RG9ndHJhaW4ubWFwaXRlOndoaXBwaXQ=) (malware.rules)
  • 2811236 - ETPRO MALWARE Bitcoin miner known malicious basic auth (am9obnJvcGVyLmdsb2JsZXI6U0hEM1ZOYXk=) (malware.rules)
  • 2811237 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aXNrOGFsb3Rfd29ya2VyOndvcmtlcg==) (malware.rules)
  • 2811265 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Rnl0ZXJzOnRoZWJlc3QxMDA=) (malware.rules)
  • 2811266 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWlzd3VlcmZlbF9Cb3Q6eA==) (malware.rules)
  • 2811267 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTFuM3JfQTpyZWZpdXZ5dHJl) (malware.rules)
  • 2811268 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YmlnYm9iMDAwMDAwMUBnbWFpbC5jb206cGFzc3dvcmQ=) (malware.rules)
  • 2811295 - ETPRO MALWARE Bitcoin miner known malicious basic auth (RG9ucnVsZXp6X0tpdGVzOmFAazgwNTg=) (malware.rules)
  • 2811296 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dWRyaV95b2NhbmlzZWV5b3VyYm9vYnM6bG9sYml0Y2hlcw==) (malware.rules)
  • 2811297 - ETPRO MALWARE Bitcoin miner known malicious basic auth (UmFub3Jhbi53b3JrZXIxOmd5M3lxY0Ft) (malware.rules)
  • 2811298 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aWxsdXNpdmUxMDE6c2xpbWppbTEwMQ==) (malware.rules)
  • 2811299 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZ3Rlc3Q6cmVkZW14eHg1eDI=) (malware.rules)
  • 2811380 - ETPRO MALWARE Bitcoin miner known malicious basic auth (b3pjb2luX1g6b2RlcnR5dXRyZQ==) (malware.rules)
  • 2811381 - ETPRO MALWARE Bitcoin miner known malicious basic auth (am9keWZvc3Rlci4xOjEyMzQ=) (malware.rules)
  • 2811382 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bmlnZ2FzOnBhc3N3b3Jk) (malware.rules)
  • 2811383 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cGhvZW5peGNjOEBnbWFpbC5jb206cGFzc3dvcmQ=) (malware.rules)
  • 2811384 - ETPRO MALWARE Bitcoin miner known malicious basic auth (NDNxZkdoY1NaS1U4d3h) (malware.rules)
  • 2811385 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWVheF93b3JrZXI6MTIzNDU2) (malware.rules)
  • 2811413 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTJuM3JfQTpyZWZpdXZ5dHJl) (malware.rules)
  • 2811414 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aHVuZGJsb2VkQGdtYWlsLm) (malware.rules)
  • 2811415 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZXhwb2ludF93b3JrZXI6ejMyMTY1NHp6) (malware.rules)
  • 2811416 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUcyOHgzMmJDcXlldkhSWWNIUDZnblNUcG5xazVyTG1meTp4) (malware.rules)
  • 2811478 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZHJhZ29uc29uQGxpc3QucnU6aGRhbW02ODQ=) (malware.rules)
  • 2811479 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TGZGYVJnTVZ3Nm1uY200ZkdMVUNGMmFrdzZNdEV0akpvODp4) (malware.rules)
  • 2811480 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bW9pX3dvcmtlcjpPbHltcGlxdWUxMw==) (malware.rules)
  • 2811481 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bW9zcWl0b29tYW46c29tZQ==) (malware.rules)
  • 2811482 - ETPRO MALWARE Bitcoin miner known malicious basic auth (am93c2llX3N0cmF0dW06cGFzc3dvcmQ=) (malware.rules)
  • 2811483 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Z29vZ2xlLmNvbTpzaGFyZQ==) (malware.rules)
  • 2811484 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dmxhZGlueTFfMDp6dXBhc3loYXE=) (malware.rules)
  • 2811518 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TGNTNHFSQkVIejlueHU5QVBEWjVvZG5GMmQ2SnI4Q3o0OTp4) (malware.rules)
  • 2811519 - ETPRO MALWARE Bitcoin miner known malicious basic auth (U3B5UGlyYXRlX2F6ZTphemU=) (malware.rules)
  • 2811520 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2hhcHBlX2N5YmVyOmI=) (malware.rules)
  • 2811521 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c3luY29feDpOT1JJamZvZWlqcmZl) (malware.rules)
  • 2811522 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aW5leHRyZW1pNV8xOjEyMzQ=) (malware.rules)
  • 2811530 - ETPRO MALWARE VBS/TrojanDownloader.Small.NBL .onion Proxy Domain (malware.rules)
  • 2811563 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWlzd3VlcmZlbF8wMDE6eA==) (malware.rules)
  • 2811582 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cHJldHR5a2l0dHlfd29ya2VyOndoYXRldmVy) (malware.rules)
  • 2811583 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cDBybnN0YXJfd29ya2VyOkplbm5hSmFtZXNvbg==) (malware.rules)
  • 2811584 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TGY5Njh2Zm5iSDZTRzRFZVdrTjVRYXhqam9mbjZSOWJYYzp4) (malware.rules)
  • 2811585 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Rmlubl9GaW5uOmFiY2QxMjM0) (malware.rules)
  • 2811586 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZGFya1NvbnNfbXJkZDpsdWRhazE=) (malware.rules)
  • 2811587 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Yml0bW9uc3RhLm5ld2M6aHVydzhwNHE=) (malware.rules)
  • 2811594 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXNlcjQ6VUI5N2FkMg==) (malware.rules)
  • 2811595 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGF0ZWFzaWNzLjE6eA==) (malware.rules)
  • 2811596 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZ3VpbGQ6cmVkZW14eHgzeDI=) (malware.rules)
  • 2811597 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TGlMdVVYbjc3TGJrbjZldTV2S3N0RHZjaGU4QlhYSFpUSjpwYXNzd29yZA==) (malware.rules)
  • 2811598 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bXVodS53b3JrZXIxOlV6REs0TERZ) (malware.rules)
  • 2811599 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXNlcjI6VUI5N2FkMg==) (malware.rules)
  • 2811600 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Y3ZjeWN2Y0B5YW5kZXgucnVfdjo3Nzc=) (malware.rules)
  • 2811601 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YWxwaGFkZWx0YS4xOnRlc3Q=) (malware.rules)
  • 2811602 - ETPRO MALWARE Bitcoin miner known malicious basic auth (U3BlbnplcnQudGVzdDoxMjM=) (malware.rules)
  • 2811616 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGFxaWRvZGdlc0BnbWFpbC5jb206cGFzc3dvcmQ=) (malware.rules)
  • 2811617 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWlkb3h0bi53b3JrZXI6bWlkb3h0bg==) (malware.rules)
  • 2811651 - ETPRO MALWARE Bitcoin miner known malicious basic auth (d29sZjk0NjYuMTp4) (malware.rules)
  • 2811652 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YXNrYWFfbmV3b25lOjExMTMzMw==) (malware.rules)
  • 2811661 - ETPRO MALWARE Zbot .onion Proxy Domain (malware.rules)
  • 2811670 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUJ5Rkx4MUpoRWoyVDFzRUFEeTkzQzhLSFRxanVreXFZYzox) (malware.rules)
  • 2811671 - ETPRO MALWARE Bitcoin miner known malicious basic auth (a2xhemltMjAwMF8zOjc3NDc=) (malware.rules)
  • 2811672 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUcySHZ0OFUyaVNlaFVvN3hlWWhpNVVFTVlaSDRrSFY4Nzp4) (malware.rules)
  • 2811673 - ETPRO MALWARE Bitcoin miner known malicious basic auth (eC54Ong=) (malware.rules)
  • 2811717 - ETPRO MALWARE Bitcoin miner known malicious basic auth (eW91eW91OnBva2V5bW9u) (malware.rules)
  • 2811719 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bXJkZF90ZXN0aW5nMjptYXNtaGFoYWFo) (malware.rules)
  • 2811730 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aHVuZGJsb2VkQGdtYWlsLmNvbV) (malware.rules)
  • 2811731 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZGFya1NvbnNfY3J5cHQ6bHVkYWt4eA==) (malware.rules)
  • 2811733 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZHVnaWRveF9kb2JhcjoxMTA4MjAwNQ==) (malware.rules)
  • 2811734 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aDRyM19jcmFjazoxMjM0NTY=) (malware.rules)
  • 2811753 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFjaG94dGFjb18xOnBlcnNpYW5vaw==) (malware.rules)
  • 2811754 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MTFkaWd6YW50QGdtYWlsLmNvbTppZGRxZDY4NA==) (malware.rules)
  • 2811755 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTFuM3JfQTphYWEzcmVsaXRl) (malware.rules)
  • 2811756 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aG9sYWtvOTNfaG9sYWtvOTM6cmVkZmllbGQ=) (malware.rules)
  • 2811757 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dG9wdGVzdHMuMzp4) (malware.rules)
  • 2811758 - ETPRO MALWARE Bitcoin miner known malicious basic auth (UXVhbnR1bVdoaXNrZXkuY29rZToxMjM0) (malware.rules)
  • 2811759 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUZIajNhc2pMZHhjN0V1Y1l0cEFydkRITUhkZVdZTlVuTjp4) (malware.rules)
  • 2811760 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cGFuZGE5MTFfcGFuZGFibHVlOnBhbmRhMQ==) (malware.rules)
  • 2811769 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXNlcjM6VUI5N2FkMg==) (malware.rules)
  • 2811770 - ETPRO MALWARE Bitcoin miner known malicious basic auth (a2VuYWJsb0Bob3RtYWlsLmNvbV8xOk4xOTkw) (malware.rules)
  • 2811771 - ETPRO MALWARE Bitcoin miner known malicious basic auth (NDUxNjU6dUpmQ0Zj) (malware.rules)
  • 2811772 - ETPRO MALWARE Bitcoin miner known malicious basic auth (d2hhdHN3cm9uZ19zdWJzOmtlbm5zdG5pY2h0) (malware.rules)
  • 2811789 - ETPRO MALWARE Bitcoin miner known malicious basic auth (WmVSMF90c3Q6dHN0) (malware.rules)
  • 2811790 - ETPRO MALWARE Bitcoin miner known malicious basic auth (b3JyaWNvbi4xMjM0NTo1NDMyMQ==) (malware.rules)
  • 2811791 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZDM4YTM5eXNfbDNrcHk6cGFzc3dvcmQ=) (malware.rules)
  • 2811792 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Y29pbm9ib3QuMjoxMjM0) (malware.rules)
  • 2811793 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fY2hlY2s6Y2hlY2s=) (malware.rules)
  • 2811811 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXBlcmlvLnZpcDo4ODg=) (malware.rules)
  • 2811812 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZG9tMTE3OGQudGVzdDpxcXExMjM=) (malware.rules)
  • 2811813 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fY2hlY2s6b3JuZWxpYXNzc3Nzc3Nzc3M=) (malware.rules)
  • 2811814 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUZvZ3lUang5RUU3YUZZWGlkSnNTbWpjazNLWTFWMmVQMTp4) (malware.rules)
  • 2811872 - ETPRO MALWARE CTB-Locker .onion Proxy Domain (malware.rules)
  • 2811899 - ETPRO MALWARE Trojan-Spy.Win32.Zbot.vpbr .onion Proxy Domain (malware.rules)
  • 2811914 - ETPRO MALWARE ZeusVM .onion Proxy Domain (malware.rules)
  • 2811915 - ETPRO MALWARE Bitcoin miner known malicious basic auth (d3JrMTpxbnBmMjQyMzU=) (malware.rules)
  • 2811916 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cHIzbTFlcmFfQm9zc25pZ2dlcjpuaXNzYm9nZ2Vy) (malware.rules)
  • 2811917 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TjRReUNBOng=) (malware.rules)
  • 2811918 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGFwcHl3b3JsZDMwMDBfMjo5ODc2NTQzMjE=) (malware.rules)
  • 2811920 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dGVMWEpkaVhLOTFOR3BYQlRZbVN6ZnBLMkVFRTNrY0o5ZG1TOnRlc3Q=) (malware.rules)
  • 2811921 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUxZMkpUYzM4MUthaG5UQW9kZHZHYkNqaER2Z2dnVlZuWDp4) (malware.rules)
  • 2811922 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MU1ZOGJjQ2NhRWVKV3BMRGJENjdvcTNTTm1LNHNXWnNpbjo=) (malware.rules)
  • 2811923 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cGFyYWRpc29zYWxlczFAZ21haWwuY29tX3ptcToxMjM0NQ==) (malware.rules)
  • 2811924 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Y29wcGVyc2hlbGxkb25AZ21haWwuY29tOg==) (malware.rules)
  • 2812057 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZmVsaXh3YWxkXzk5Om51dHRlbmVua2Vs) (malware.rules)
  • 2812058 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aXJpZGl1bXNhbGVzQGhvdG1haWwuY29tXzM6emFpbg==) (malware.rules)
  • 2812059 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXBkYXRlOnVwZGF0ZQ==) (malware.rules)
  • 2812112 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2VsamFrX2JvcmlzOmdvb2dsZQ==) (malware.rules)
  • 2812113 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aHNob3J0eTkxQGdtYWlsLmNvbTpoYWR5bjMwMDUxOTkx) (malware.rules)
  • 2812114 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bnV0c2hlbGw6YXNlcw==) (malware.rules)
  • 2812192 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TWlsZXNQOTQuRGVtQ29pbnM6MTIzNDU2) (malware.rules)
  • 2812193 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUtrZGFwRWJnV3N1RnNuZlp6OHl3dTgxVDFhVXBIZnBiRDp4) (malware.rules)
  • 2812194 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MTVUaDQzUTV0c2JUeDVTa3JVZ3ZldWk1d0oyNng2SG54cjp4) (malware.rules)
  • 2812220 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cDR1bF9uZXc6bm9tYW1lcw==) (malware.rules)
  • 2812221 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWVheF9jaGVhcDoxMjM0NTY=) (malware.rules)
  • 2812249 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUszNW4xNWU0cGZNS2FmM250MjJwUWc4UmhYa3JjZWY2bTp4) (malware.rules)
  • 2812250 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2RndHpqempAbWFpbC5jb21fMTpzMWY1MTJmcw==) (malware.rules)
  • 2812274 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZnVra2VycnJyLjE6eA==) (malware.rules)
  • 2812275 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TGlyb21pcjE0NDE4YnRjOmJ0Yw==) (malware.rules)
  • 2812276 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFnaWNzYXRhX2JvYXQ6Ym9hdA==) (malware.rules)
  • 2812303 - ETPRO MALWARE Bitcoin miner known malicious basic auth (U3RyaWNrM25fc3RyaWNrZW46c3RyaWNrM24=) (malware.rules)
  • 2812304 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZG1pdHIuZ3JpejpqcmFjbGE=) (malware.rules)
  • 2812320 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZ3VpbGQ6cmVkZW14eHgzeDJ4MQ==) (malware.rules)
  • 2812321 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MTk3d2hwUFNrM1pjakFHdTUxWEJERVMzdTlzMXdkSHBHUjplbGlnaXVz) (malware.rules)
  • 2812357 - ETPRO MALWARE Bitcoin miner known malicious basic auth (am9keWZvc3Rlcl93b3JrOjEyMzQ=) (malware.rules)
  • 2812358 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MmF3ZXNvbWU0bXlzZWxmXzE6MTIz) (malware.rules)
  • 2812360 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZGVlcG1pbmVjb29sQGdtYWlsLmNvbTpvbmM0Mnl0OW1jOXA4MjE0NTJjNDI=) (malware.rules)
  • 2812361 - ETPRO MALWARE Bitcoin miner known malicious basic auth (U1puWFN5VExzNFBSTldxblgyYWpMazgxTkhrZmVIMjhFSjp4) (malware.rules)
  • 2812362 - ETPRO MALWARE Bitcoin miner known malicious basic auth (UGwweGRfd29ya2VyMTp3b3JrZXJwYXNzMQ==) (malware.rules)
  • 2812363 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cGlua2hhdC53b3JrZXIxOmhHWWdrdmc5) (malware.rules)
  • 2812364 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2RndHpqempAbWFpbC5jb21fbG9sOmttb2w=) (malware.rules)
  • 2812365 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Z2lnYWhhc2hfbWluZXI6cGFzcw==) (malware.rules)
  • 2812366 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWx2aXNyZW5lLjY6MQ==) (malware.rules)
  • 2812367 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Y2F6YW5vdmExNjNfY2F6YW5vdmE6MTYz) (malware.rules)
  • 2812368 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cm1kYW45MC5rYXR5OmthdHlkZW1p) (malware.rules)
  • 2812373 - ETPRO MALWARE Win32/Injector.CGDU .onion Proxy Domain (malware.rules)
  • 2812436 - ETPRO MALWARE TorrentLocker .onion Proxy Domain (4nzchpngrtdhn27u) (malware.rules)
  • 2812457 - ETPRO MALWARE Sefnit .onion Proxy Domain (j2kiphmeb4m4ek66) (malware.rules)
  • 2812458 - ETPRO MALWARE Sefnit .onion Proxy Domain (qp4xhrnjuzq6glwx) (malware.rules)
  • 2812464 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MVFEQXUxVml0UXRjWVFiV1lxYmZ4c3ZzV1QxSlJVNlpVTjp4) (malware.rules)
  • 2812633 - ETPRO MALWARE CTB-Locker .onion Proxy Domain (malware.rules)
  • 2812674 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YmVuamk6eA==) (malware.rules)
  • 2812675 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MzI6MQ==) (malware.rules)
  • 2812676 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bXl0aHhfMTExOnBhdmxha2E=) (malware.rules)
  • 2812677 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Y29uTFRDaW5nLjMwOnBhc3M=) (malware.rules)
  • 2812678 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bXl0aHhfMTQ6cGF2bGFrYQ==) (malware.rules)
  • 2812693 - ETPRO MALWARE Win32/Spy.Zbot.AAQ .onion Proxy Domain (malware.rules)
  • 2812936 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZ3VpbGQ6bHVkYXh4eGt4eA==) (malware.rules)
  • 2813064 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MTJlTGlBRUFxTTZNRTlNWEE4QjhpSDdSZTZDWjY2NnE3czp4) (malware.rules)
  • 2813065 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MXpQUmg0Vjc2bkpHN2dLU1JGYmdYa3dRTkFFYUxnM0p0Ong=) (malware.rules)
  • 2813076 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bG9hZHJzMjAwOS40Ong=) (malware.rules)
  • 2813080 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZzpjZ3VpbGd1bGQ=) (malware.rules)
  • 2813081 - ETPRO MALWARE Bitcoin miner known malicious basic auth (amhkcmhidXh5LjI6eA==) (malware.rules)
  • 2813082 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aW1hZ2luYXRpb246bGl2ZWZyZWU=) (malware.rules)
  • 2813083 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZGF7igiC6sk8XWPMuuzIYDTYg3WsVEOvuMgXY9AyXwLhx40NW84tr37zG+N9vdgn5cp07qqMuH1ePsaCTQPWpxMBOg==) (malware.rules)
  • 2813084 - ETPRO MALWARE Bitcoin miner known malicious basic auth (d2VlZG1hbl9ydW5uZXI6ZHJ1Z21vbmV5) (malware.rules)
  • 2813085 - ETPRO MALWARE Bitcoin miner known malicious basic auth (am9keWZvc3Rlci4yOjEyMzQ=) (malware.rules)
  • 2813086 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFnaWNwYXRhX3JlbW90ZTphbGx5MQ==) (malware.rules)
  • 2813087 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZnJlc2hzaGl0MjJAaG90bWFpbC5jb21fMTptYXRyaXg=) (malware.rules)
  • 2813088 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWx2aXNyZW5lLjM6MQ==) (malware.rules)
  • 2814076 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YXVlcnMuMjo1NTU1NQ==) (malware.rules)
  • 2814077 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MTNDblphTDNBd1pyRndLZHlpNFRva0hiejFWVGFqcG9EYTp4) (malware.rules)
  • 2814078 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZW1fZzpyZWRkeHh4Mg==) (malware.rules)
  • 2814135 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dG44N19zdmc6dHdnOTg=) (malware.rules)
  • 2814136 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTFuZF8xOjEzNzUzMjE2) (malware.rules)
  • 2814137 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MU5GM0M3M0RfMjYwOjEyMw==) (malware.rules)
  • 2814138 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUVYZzc4YjduN2ZSUTdKa3F0dkQ1QWpyWDVKbWlqczY4cjpwYXNzMDg=) (malware.rules)
  • 2814139 - ETPRO MALWARE Bitcoin miner known malicious basic auth (VEFpUzQ2X2JpcmQ6cmVpZmVu) (malware.rules)
  • 2814172 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aDRyM196ZXViaTp6ZXViaQ==) (malware.rules)
  • 2814173 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGFwcHl3b3JsZF8zOjk4NzY1NDMyMQ==) (malware.rules)
  • 2814174 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dW1icm9sZWdlbmQuMToxMjM0NQ==) (malware.rules)
  • 2814175 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aDRyM19jaGVhcDoxMjM0NTY=) (malware.rules)
  • 2814176 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MjUwMV9BOkFaRVJUWQ==) (malware.rules)
  • 2814177 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2FiYW5AZmFjYS5iYV9zdWI6MTU2MzAz) (malware.rules)
  • 2814178 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZG1pdHJfbGFsYWxkczpodWh1YWE=) (malware.rules)
  • 2814179 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ei5lbmljYUBnbWFpbC5jb21fcmFkbmlrOnNhcmFqZXZv) (malware.rules)
  • 2814180 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVhc2VuLndvcmtlcjE6NWdnNTg3dVc=) (malware.rules)
  • 2814181 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bW9udGUyLjRjYXJsbzFAaG90bWFpbC5jb21fMTIzNDU2NzpDb3Vydml4) (malware.rules)
  • 2814247 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YXNrYWFfd29ya2VyOnBlbmlz) (malware.rules)
  • 2814248 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Z29sZF83OnBhdmxha2E=) (malware.rules)
  • 2814249 - ETPRO MALWARE Bitcoin miner known malicious basic auth (eXV5dXl1YW4uMzpydHkxMjN3ZTE=) (malware.rules)
  • 2814250 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2hyb29tc19yZWFjdG9yOnNtMGs0czIz) (malware.rules)
  • 2814251 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2hyb29tc19wbTpzbTBrNHMyMw==) (malware.rules)
  • 2814252 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MThHN1Q3eTQ5c3dUVVNYTFJVdGlyVUY5VUQyRnlpS05oUDp4eHg=) (malware.rules)
  • 2814253 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWVheF9taW5lOng=) (malware.rules)
  • 2814254 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXNlcjc2NDUuMTp4) (malware.rules)
  • 2814255 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2NhcHVsYS41OjU=) (malware.rules)
  • 2814256 - ETPRO MALWARE Bitcoin miner known malicious basic auth (amhkcmhidXh5LjE6eA==) (malware.rules)
  • 2814257 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YmlnYm9iMDAwMDAwMUBnbWFpbC5jb206eA==) (malware.rules)
  • 2814277 - ETPRO MALWARE Redlonam .onion Proxy Domain (malware.rules)
  • 2814287 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TFBjbmpzUTRtWXljeHk1WmNQdVJYQkZ4YVFDaUF4QWg5Uzp4) (malware.rules)
  • 2814288 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dW1hZGJyby5ncmlkOmdyaWQ=) (malware.rules)
  • 2814289 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bml0ZXguV29ya2VySUQ6MTIzNA==) (malware.rules)
  • 2814320 - ETPRO MALWARE Bitcoin miner known malicious basic auth (d2FzYXBfMjoxMjM=) (malware.rules)
  • 2814321 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dHJ6bml0dV9nb29kOmF1c2Nod2l0eg==) (malware.rules)
  • 2814322 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YmFkYXBwbGUuMTp4) (malware.rules)
  • 2814402 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZDM4YTM5eXNfbDNrcHk6cGFzc3dvcg==) (malware.rules)
  • 2814408 - ETPRO MALWARE Aldi Bot .onion Proxy Domain (malware.rules)
  • 2814409 - ETPRO MALWARE Critroni .onion Proxy Domain (malware.rules)
  • 2814471 - ETPRO MALWARE InfiniteLocker .onion Proxy Domain (malware.rules)
  • 2814495 - ETPRO MALWARE Java/CoinWalletStealer .onion Proxy Domain (malware.rules)
  • 2814523 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Z290bWlsay4xOjEyMzQ=) (malware.rules)
  • 2814582 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZDM4YTM5eXNfbDNrcHk6ZWwyOWRqZ2dzcw==) (malware.rules)
  • 2814583 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MTZBb0VMbjVxeEtCV3JiQ2JBZno5UnJmZm5mUjQxSDJ0WDp4) (malware.rules)
  • 2814612 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YmNteEBnbXguY29tXzA6cGFzc3dkMTIz) (malware.rules)
  • 2814653 - ETPRO EXPLOIT_KIT Magnitude URI struct Oct 27 2015 M1 T1 (exploit_kit.rules)
  • 2814919 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2hhcHBlX2tvb2tvbzprb29rb28=) (malware.rules)
  • 2814920 - ETPRO MALWARE Bitcoin miner known malicious basic auth (U2lscGguV29ya2VyMTo2NjY=) (malware.rules)
  • 2814921 - ETPRO MALWARE Bitcoin miner known malicious basic auth (QWxpc3RhaXIuYm9hdDpib2F0) (malware.rules)
  • 2814922 - ETPRO MALWARE Bitcoin miner known malicious basic auth (U3VjaFJ1c2hlc193b3JrZXI6MTIz) (malware.rules)
  • 2814923 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MU5xVjFEeTdqSDRTTFhnYmloUURSWUE5cUtncW5TZmFWSjp4) (malware.rules)
  • 2814924 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dGVteWNoaV9maWY6ZXFzc3E=) (malware.rules)
  • 2814925 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bXJ1bnpvLmJ0Ong=) (malware.rules)
  • 2814926 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cjB4X3IweDpraXR1bGppY2E=) (malware.rules)
  • 2814931 - ETPRO MALWARE Android/Spy.Agent.LP .onion Proxy Domain (malware.rules)
  • 2814981 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c3RhbmtvdmljX2xlamxhOnplbmljYQ==) (malware.rules)
  • 2814982 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTFuZF8zOjEzNzUzMjE2) (malware.rules)
  • 2814983 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGFqbnVzemthMThfaGVoZWhlOmhhaGFoYQ==) (malware.rules)
  • 2814984 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cG93NTBfbm9jazpwYXZsYWth) (malware.rules)
  • 2814985 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZXhwb2ludF9zYWt5OnozMjE2NTR6eg==) (malware.rules)
  • 2814986 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dGpzdHlsZXNfZmluZTpuaWNlMQ==) (malware.rules)
  • 2814987 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YWxkb2cyNS50aGU6dGhl) (malware.rules)
  • 2814988 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWVsb2R5XzI6cGF2bGFrYQ==) (malware.rules)
  • 2814989 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZGF2ZW1jZG9uYWxkX0pvbGx5Um9nZXI6V29vZGVuTGVn) (malware.rules)
  • 2815008 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c3dlZXRtYW4ubW9oYW1tYWQ6NTAyMDQ5) (malware.rules)
  • 2815009 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWx2aXNyZW5lLjQ6MQ==) (malware.rules)
  • 2815010 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YW50cmF4b19iaXRjb2luOm9saXZlcjkw) (malware.rules)
  • 2815011 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bG9sb3Rtb18xOjEyMzQ1Ng==) (malware.rules)
  • 2815012 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YWJvZHkxMTUuaGFueXk6YWJvZHk=) (malware.rules)
  • 2815013 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGFqbnVzemthMThfb2RiaXRjaG86MTIzNA==) (malware.rules)
  • 2815014 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TXlzdGljYWxfcGlrZToxMjM0NTY=) (malware.rules)
  • 2815015 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cHVkZ2UwMDdfbmV3Om5ldw==) (malware.rules)
  • 2815016 - ETPRO MALWARE Bitcoin miner known malicious basic auth (a2luaW1hX2s6ZGFrYTk4Mg==) (malware.rules)
  • 2815017 - ETPRO MALWARE Bitcoin miner known malicious basic auth (VGhhbmUyLjE6eA==) (malware.rules)
  • 2815062 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dGVzdHQuMTp4) (malware.rules)
  • 2815118 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aWRrOmxvbA==) (malware.rules)
  • 2815119 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFsc2FmZVVQREFURToxMjNwYXNz) (malware.rules)
  • 2815120 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c3luY29fMTp4) (malware.rules)
  • 2815202 - ETPRO MALWARE Bitcoin miner known malicious basic auth (QW1hZGV1c19IZWF0Om1vbnN0YUIxNTk=) (malware.rules)
  • 2815203 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUhhNjJTZ2FSb3laaGFpdXlMNlhNakY1OGRQeUxKcnVYcjp4) (malware.rules)
  • 2815204 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUZuejQ5eGI5eUxOS3BETTc0bzdYUlc4RWlMQW1McnRqazp4) (malware.rules)
  • 2815205 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bHRjc3Rhci4xOjEyMzQ1) (malware.rules)
  • 2815206 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUZ3ZUxWcHZnZEY4NFFyaFZ0QXZVVmtOTTZBNHFrTnZoejp4) (malware.rules)
  • 2815207 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cG9wbWVAeWEucnU6dXNlcjc2NDU=) (malware.rules)
  • 2815208 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dHlsZGl4XzE6cGFzc3dvcmQ=) (malware.rules)
  • 2815209 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MThHN1Q3eTQ5c3dUVVNYTFJVdGlyVUY5VUQyRnlpS05oUDp4eHh4eHh4eA==) (malware.rules)
  • 2815210 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFkaGF2MDA3X3B1ZGdlMDA3OnB1ZGdlMTIz) (malware.rules)
  • 2815211 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aW5zcGlyZTgwOC53MTpwYXNzd29yZA==) (malware.rules)
  • 2815212 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZDM4YTM5eXNfbDNrcHk6cGFzc3c=) (malware.rules)
  • 2815302 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YmVuaml4bG92ZUB3ZWIuZGU6bGFsYWxhMzU3) (malware.rules)
  • 2815303 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YXZhbmRhMTEyMS4xOng=) (malware.rules)
  • 2815304 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bGlwdG9ud29yazo3NDE4NTI5NjM=) (malware.rules)
  • 2815319 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aHVuZGJsb2VkQGdtYWlsLmNvbV9waW5reTE4OnR6N0JqOFh3MmFaOUw=) (malware.rules)
  • 2815351 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MUUzellEMTlkakY0cTk5aFZjVENOa1VNclM3Q0JTendlVjp4) (malware.rules)
  • 2815376 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dGVzdDEwMDpwYXNzd29yZA==) (malware.rules)
  • 2815377 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YmFyYmllLjE6eWVhaHllYWh5ZWFo) (malware.rules)
  • 2815378 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2hpbmNvbGRfbWluZXIyOnB2cjAyeHh4) (malware.rules)
  • 2815418 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFpbHB2cnBseEBnbWFpbC5jb206ZGV2aW45MDA=) (malware.rules)
  • 2815419 - ETPRO MALWARE Bitcoin miner known malicious basic auth (d2lsbG93MTQ1LjMyOjMy) (malware.rules)
  • 2815420 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c2FyYWpldm86MTU2MzAz) (malware.rules)
  • 2815421 - ETPRO MALWARE Bitcoin miner known malicious basic auth (TnlmZmVyLm55ZmZlcmM6bnlmZmVyMTIz) (malware.rules)
  • 2815439 - ETPRO MALWARE Zbot .onion Proxy Domain (malware.rules)
  • 2815509 - ETPRO MALWARE Bitcoin miner known malicious basic auth (RG9ucnVsZXp6X3dvcmtlcjphazgwNTg=) (malware.rules)
  • 2815510 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Y2hlYXA6cnVu) (malware.rules)
  • 2815511 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGl0bWFudWtfY2hlYXBlcjoxMjM=) (malware.rules)
  • 2815512 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aHVuZGJsb2VkQGdtYWlsLmNvbV9uZXR0ZXJ0ZXVmZWwzOTp0ejdCajhYdzJhWjlM) (malware.rules)
  • 2815513 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bTJuM3JfQTpvcHkzaGd5dHJl) (malware.rules)
  • 2815514 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZW50dGVzdF8xOnBhc3N3b3Jk) (malware.rules)
  • 2815515 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmFja3ouMjoy) (malware.rules)
  • 2815516 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWluaG9jYTExMUBnbWFpbC5jb21feHl6Y29pbjpwbGljazA=) (malware.rules)
  • 2815517 - ETPRO MALWARE Bitcoin miner known malicious basic auth (eGQwMDBkeEBnbWFpbC5jb206) (malware.rules)
  • 2815535 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXNlcjU6VUI5N2FkMg==) (malware.rules)
  • 2815536 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZG9taW5pY3AxMUBnbWFpbC5jb206ZG9taW5pY3AxMQ==) (malware.rules)
  • 2815537 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGl0bWFudWtfSm90dW5oZWltOjEyMw==) (malware.rules)
  • 2815538 - ETPRO MALWARE Bitcoin miner known malicious basic auth (cmVkZG9nZzIwMTI6cGFzc3dvcmQ=) (malware.rules)
  • 2815539 - ETPRO MALWARE Bitcoin miner known malicious basic auth (dXNlcl9qMGQ6VUI5N2FkMg==) (malware.rules)
  • 2815540 - ETPRO MALWARE Bitcoin miner known malicious basic auth (SmFucHI5OV9KYW5wcjk5OkxsdWM5OQ==) (malware.rules)
  • 2815541 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGVybnlvb29vQHltYWlsLmNvbTpCYXpkbWVnMQ==) (malware.rules)
  • 2815542 - ETPRO MALWARE Bitcoin miner known malicious basic auth (c3lzdGVtQGFwdGNvZGUubmV0Ojk5NjQzMzU=) (malware.rules)
  • 2815543 - ETPRO MALWARE Bitcoin miner known malicious basic auth (ZWx2aXNfcmVuZTIwMzBAaG90bWFpbC5jb206MQ==) (malware.rules)
  • 2815544 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aHVuZGJsb2VkQGdtYWlsLmNvbV93dWZmeTEzOnR6N0JqOFh3MmFaOUw=) (malware.rules)
  • 2815549 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aHVuZGJsb2VkQGdtYWlsLmNvbTp0ejdCajhYdzJhWjlM) (malware.rules)
  • 2815550 - ETPRO MALWARE Bitcoin miner known malicious basic auth (bWFzdGVybGVha2VkMTA1MzRtYXN0ZXJsZWFrZWQ6MTIz) (malware.rules)
  • 2815551 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Y29pbmJ1cmIyQHlhaG9vLmNvbV9jb2lucHJpOjQ1NDY0Nw==) (malware.rules)
  • 2815552 - ETPRO MALWARE Bitcoin miner known malicious basic auth (eGFub254LjE6LXg=) (malware.rules)
  • 2815553 - ETPRO MALWARE Bitcoin miner known malicious basic auth (MTlwTFN4SFpOZllHWEVVOWZXQjVXdFE5akx2blE0NXl5dDp4) (malware.rules)
  • 2815554 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aGl0bWFudWtfcHJhbjoxMjM=) (malware.rules)
  • 2815555 - ETPRO MALWARE Bitcoin miner known malicious basic auth (YnJldGllcy5yb290OnJvb3Q=) (malware.rules)
  • 2815556 - ETPRO MALWARE Bitcoin miner known malicious basic auth (Y29sbGF0Mms0QGhvdG1haWwuY29tOmJhN2UwNjBkZWI=) (malware.rules)
  • 2815557 - ETPRO MALWARE Bitcoin miner known malicious basic auth (aDRyM19jaHAyOjEyMzQ1Ng==) (malware.rules)
  • 2815558 - ETPRO MALWARE Bitcoin miner known malicious basic auth (b2FrczM1X21hY2hpbmUxOng=) (malware.rules)
  • 2816764 - ETPRO MALWARE Ransomware/Cerber Checkin Error ICMP Response (malware.rules)
  • 2819648 - ETPRO EXPLOIT_KIT SunDown/Xer Payload (URL Primer) (exploit_kit.rules)
  • 2820084 - ETPRO EXPLOIT_KIT CVE-2013-2551 M1 (b642) Observed in Sundown/Xer EK (exploit_kit.rules)
  • 2820655 - ETPRO EXPLOIT MS05-048 Collaboration Data Objects BO (CVE-2004-1987) (exploit.rules)
  • 2822482 - ETPRO EXPLOIT_KIT SunDown/Xer Payload (URL Primer) (exploit_kit.rules)
  • 2823586 - ETPRO MALWARE Zbot!ZA .onion Proxy Domain (malware.rules)