[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Wed Jul 13 18:04:29 EDT 2005


[***] Results from Oinkmaster started Wed Jul 13 20:00:04 2005 [***]

[///]     Modified active rules:     [///]

 2001225 - BLEEDING-EDGE Malware Statblaster Receiving New configuration (bleeding-malware.rules)
 2001307 - BLEEDING-EDGE Malware Wild Tangent Agent Installation (bleeding-malware.rules)
 2001309 - BLEEDING-EDGE Malware Wild Tangent Agent Checking In (bleeding-malware.rules)
 2001310 - BLEEDING-EDGE Malware Wild Tangent Agent Traffic (bleeding-malware.rules)
 2001314 - BLEEDING-EDGE Malware Wild Tangent Agent (bleeding-malware.rules)
 2001317 - BLEEDING-EDGE Malware Webhancer Data Upload (bleeding-malware.rules)
 2001318 - BLEEDING-EDGE MALWARE Adwave Agent Access (bleeding-malware.rules)
 2001322 - BLEEDING-EDGE Malware Wild Tangent New Install (bleeding-malware.rules)
 2001325 - BLEEDING-EDGE Malware Websearch.com Spyware (bleeding-malware.rules)
 2001450 - BLEEDING-EDGE MALWARE Wintools Download/Configure (bleeding-malware.rules)
 2001510 - BLEEDING-EDGE Malware SurfAssistant.com Spyware Install (bleeding-malware.rules)
 2001514 - BLEEDING-EDGE Malware SurfAssistant.com Spyware Reporting (bleeding-malware.rules)
 2001517 - BLEEDING-EDGE Malware Websearch.com Outbound Dialer Retrieval (bleeding-malware.rules)
 2001520 - BLEEDING-EDGE Malware Spywaremover Activity (bleeding-malware.rules)
 2001523 - BLEEDING-EDGE Malware Statblaster Receiving New configuration (bleeding-malware.rules)
 2001524 - BLEEDING-EDGE Malware Statblaster Code Download (bleeding-malware.rules)
 2001646 - BLEEDING-EDGE Malware Toprebates.com Install (bleeding-malware.rules)
 2001647 - BLEEDING-EDGE Malware Toprebates.com Install (bleeding-malware.rules)
 2001648 - BLEEDING-EDGE Malware Toprebates.com User Confirming Membership (bleeding-malware.rules)
 2001650 - BLEEDING-EDGE Malware Search Scout Related Spyware (bleeding-malware.rules)
 2001653 - BLEEDING-EDGE Malware Search Scout Related Spyware (bleeding-malware.rules)
 2001677 - BLEEDING-EDGE Malware Webhancer Data Post (bleeding-malware.rules)
 2001678 - BLEEDING-EDGE Malware Webhancer Agent Activity (bleeding-malware.rules)
 2001731 - BLEEDING-EDGE Malware SurfSidekick Activity (bleeding-malware.rules)
 2001992 - BLEEDING-EDGE Malware SurfSidekick Download (bleeding-malware.rules)
 2001993 - BLEEDING-EDGE Malware SurfSidekick Dictionary Download (bleeding-malware.rules)
 2001994 - BLEEDING-EDGE Malware SurfSidekick Activity (bleeding-malware.rules)
 2002008 - BLEEDING-EDGE Malware Wild Tangent Install (bleeding-malware.rules)


[---]         Removed rules:         [---]

 2002072 - BLEEDING-EDGE Malware UtilMind Spyware User Agent Activity (bleeding-malware.rules)
 2002084 - BLEEDING-EDGE POLICY Possible Terrorism Related Content (bleeding-policy.rules)
 2002085 - BLEEDING-EDGE POLICY Possible Terrorism Related Email (bleeding-policy.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (28):
        2001225 || BLEEDING-EDGE Malware Statblaster Receiving New configuration || url,securityresponse.symantec.com/avcenter/venc/data/adware.statblaster.html
        2001307 || BLEEDING-EDGE Malware Wild Tangent Agent Installation || url,www.wildtangent.com || url,www.spyany.com/program/article_spw_rm_WildTangent.html
        2001309 || BLEEDING-EDGE Malware Wild Tangent Agent Checking In || url,www.wildtangent.com || url,www.spyany.com/program/article_spw_rm_WildTangent.html
        2001310 || BLEEDING-EDGE Malware Wild Tangent Agent Traffic || url,www.wildtangent.com || url,www.spyany.com/program/article_spw_rm_WildTangent.html
        2001314 || BLEEDING-EDGE Malware Wild Tangent Agent || url,www.wildtangent.com || url,www.spyany.com/program/article_spw_rm_WildTangent.html
        2001317 || BLEEDING-EDGE Malware Webhancer Data Upload || url,securityresponse.symantec.com/avcenter/venc/data/spyware.webhancer.html
        2001318 || BLEEDING-EDGE MALWARE Adwave Agent Access || url,www.intermute.com/spyware/HuntBar.html
        2001322 || BLEEDING-EDGE Malware Wild Tangent New Install || url,www.wildtangent.com || url,www.spyany.com/program/article_spw_rm_WildTangent.html
        2001325 || BLEEDING-EDGE Malware Websearch.com Spyware || McAfee,131461
        2001450 || BLEEDING-EDGE MALWARE Wintools Download/Configure || url,www.intermute.com/spyware/HuntBar.html
        2001510 || BLEEDING-EDGE Malware SurfAssistant.com Spyware Install || url,securityresponse.symantec.com/avcenter/venc/data/adware.sa.html
        2001514 || BLEEDING-EDGE Malware SurfAssistant.com Spyware Reporting || url,securityresponse.symantec.com/avcenter/venc/data/adware.sa.html
        2001517 || BLEEDING-EDGE Malware Websearch.com Outbound Dialer Retrieval || McAfee,131461
        2001520 || BLEEDING-EDGE Malware Spywaremover Activity || url,securityresponse.symantec.com/avcenter/venc/data/adware.topantispyware.html
        2001523 || BLEEDING-EDGE Malware Statblaster Receiving New configuration || url,securityresponse.symantec.com/avcenter/venc/data/adware.statblaster.html
        2001524 || BLEEDING-EDGE Malware Statblaster Code Download || url,securityresponse.symantec.com/avcenter/venc/data/adware.statblaster.html
        2001646 || BLEEDING-EDGE Malware Toprebates.com Install || url,securityresponse.symantec.com/avcenter/venc/data/adware.webrebates.html
        2001647 || BLEEDING-EDGE Malware Toprebates.com Install || url,securityresponse.symantec.com/avcenter/venc/data/adware.webrebates.html
        2001648 || BLEEDING-EDGE Malware Toprebates.com User Confirming Membership || url,securityresponse.symantec.com/avcenter/venc/data/adware.webrebates.html
        2001650 || BLEEDING-EDGE Malware Search Scout Related Spyware || url,securityresponse.symantec.com/avcenter/venc/data/adware.searchscout.html
        2001653 || BLEEDING-EDGE Malware Search Scout Related Spyware || url,securityresponse.symantec.com/avcenter/venc/data/adware.searchscout.html
        2001677 || BLEEDING-EDGE Malware Webhancer Data Post || url,securityresponse.symantec.com/avcenter/venc/data/spyware.webhancer.html
        2001678 || BLEEDING-EDGE Malware Webhancer Agent Activity || url,securityresponse.symantec.com/avcenter/venc/data/spyware.webhancer.html
        2001731 || BLEEDING-EDGE Malware SurfSidekick Activity || url,securityresponse.symantec.com/avcenter/venc/data/adware.surfsidekick.html
        2001992 || BLEEDING-EDGE Malware SurfSidekick Download || url,securityresponse.symantec.com/avcenter/venc/data/adware.surfsidekick.html
        2001993 || BLEEDING-EDGE Malware SurfSidekick Dictionary Download || url,securityresponse.symantec.com/avcenter/venc/data/adware.surfsidekick.html
        2001994 || BLEEDING-EDGE Malware SurfSidekick Activity || url,securityresponse.symantec.com/avcenter/venc/data/adware.surfsidekick.html
        2002008 || BLEEDING-EDGE Malware Wild Tangent Install || McAfee,122249

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-policy.rules (2):
        # Terrorist Rules
        # by: Greg Martin - gmartin at ...3106...

     -> Removed from bleeding-sid-msg.map (31):
        2001225 || BLEEDING-EDGE Malware Statblaster Receiving New configuration
        2001307 || BLEEDING-EDGE Malware Wild Tangent Agent Installation
        2001309 || BLEEDING-EDGE Malware Wild Tangent Agent Checking In
        2001310 || BLEEDING-EDGE Malware Wild Tangent Agent Traffic
        2001314 || BLEEDING-EDGE Malware Wild Tangent Agent
        2001317 || BLEEDING-EDGE Malware Webhancer Data Upload
        2001318 || BLEEDING-EDGE MALWARE Adwave Agent Access
        2001322 || BLEEDING-EDGE Malware Wild Tangent New Install
        2001325 || BLEEDING-EDGE Malware Websearch.com Spyware
        2001450 || BLEEDING-EDGE MALWARE Wintools Download/Configure
        2001510 || BLEEDING-EDGE Malware SurfAssistant.com Spyware Install
        2001514 || BLEEDING-EDGE Malware SurfAssistant.com Spyware Reporting
        2001517 || BLEEDING-EDGE Malware Websearch.com Outbound Dialer Retrieval
        2001520 || BLEEDING-EDGE Malware Spywaremover Activity
        2001523 || BLEEDING-EDGE Malware Statblaster Receiving New configuration
        2001524 || BLEEDING-EDGE Malware Statblaster Code Download
        2001646 || BLEEDING-EDGE Malware Toprebates.com Install
        2001647 || BLEEDING-EDGE Malware Toprebates.com Install
        2001648 || BLEEDING-EDGE Malware Toprebates.com User Confirming Membership
        2001650 || BLEEDING-EDGE Malware Search Scout Related Spyware
        2001653 || BLEEDING-EDGE Malware Search Scout Related Spyware
        2001677 || BLEEDING-EDGE Malware Webhancer Data Post
        2001678 || BLEEDING-EDGE Malware Webhancer Agent Activity
        2001731 || BLEEDING-EDGE Malware SurfSidekick Activity
        2001992 || BLEEDING-EDGE Malware SurfSidekick Download
        2001993 || BLEEDING-EDGE Malware SurfSidekick Dictionary Download
        2001994 || BLEEDING-EDGE Malware SurfSidekick Activity
        2002008 || BLEEDING-EDGE Malware Wild Tangent Install
        2002072 || BLEEDING-EDGE Malware UtilMind Spyware User Agent Activity || url,www.utilmind.com/scripts/webthief.html
        2002084 || BLEEDING-EDGE POLICY Possible Terrorism Related Content
        2002085 || BLEEDING-EDGE POLICY Possible Terrorism Related Email





More information about the Snort-sigs mailing list