[Snort-sigs] Emerging Threats Daily Signature Changes

emerging at ...3335... emerging at ...3335...
Sat Mar 22 17:00:10 EDT 2008


[***] Results from Oinkmaster started Sat Mar 22 17:00:10 2008 [***]

[+++]          Added rules:          [+++]

 2008039 - ET TROJAN Egspy Infection Report Email (bleeding-virus.rules)
 2008040 - ET MALWARE Privacyprotector Related Spyware User-Agent (Ssol NetInstaller) (bleeding-malware.rules)
 2008043 - ET MALWARE Suspicious User-Agent (c\:\windows) (bleeding-malware.rules)
20078041 - ET TROJAN Hupigon CnC init (variant abb) (bleeding-virus.rules)
20078042 - ET TROJAN Hupigon CnC Data Post (variant abb) (bleeding-virus.rules)


[///]     Modified active rules:     [///]

 2003649 - ET TROJAN Hupigon User Agent Detected (SykO) (bleeding-virus.rules)
 2003932 - ET TROJAN Hupigon User Agent Detected (IE_7.0) (bleeding-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-sid-msg.map (7):
        2003649 || ET TROJAN Hupigon User Agent Detected (SykO)
        2003932 || ET TROJAN Hupigon User Agent Detected (IE_7.0)
        2008039 || ET TROJAN Egspy Infection Report Email || url,research.sunbelt-software.com/threatdisplay.aspx?name=EgySpy&threatid=48410
        2008040 || ET MALWARE Privacyprotector Related Spyware User-Agent (Ssol NetInstaller)
        2008043 || ET MALWARE Suspicious User-Agent (c\:\windows)
        20078041 || ET TROJAN Hupigon CnC init (variant abb)
        20078042 || ET TROJAN Hupigon CnC Data Post (variant abb)

     -> Added to bleeding-sid-msg.map.txt (7):
        2003649 || ET TROJAN Hupigon User Agent Detected (SykO)
        2003932 || ET TROJAN Hupigon User Agent Detected (IE_7.0)
        2008039 || ET TROJAN Egspy Infection Report Email || url,research.sunbelt-software.com/threatdisplay.aspx?name=EgySpy&threatid=48410
        2008040 || ET MALWARE Privacyprotector Related Spyware User-Agent (Ssol NetInstaller)
        2008043 || ET MALWARE Suspicious User-Agent (c\:\windows)
        20078041 || ET TROJAN Hupigon CnC init (variant abb)
        20078042 || ET TROJAN Hupigon CnC Data Post (variant abb)

     -> Added to bleeding-virus.rules (1):
        #Backdoor.Win32.Hupigon.abb

[---]     Removed non-rule lines:    [---]

     -> Removed from bleeding-sid-msg.map (2):
        2003649 || ET TROJAN Hupinon User Agent Detected (SykO)
        2003932 || ET TROJAN Hupinon User Agent Detected (IE_7.0)

     -> Removed from bleeding-sid-msg.map.txt (2):
        2003649 || ET TROJAN Hupinon User Agent Detected (SykO)
        2003932 || ET TROJAN Hupinon User Agent Detected (IE_7.0)





More information about the Snort-sigs mailing list