[***] Results from Oinkmaster started Thu Mar 6 17:00:08 2008 [***]
[+++] Added rules: [+++]
2007921 - ET MALWARE Suspicious User Agent (Explorer) (bleeding-malware.rules)
2007922 - ET TROJAN Backdoor.Win32.VB.brg C&C Checkin (bleeding-virus.rules)
2007923 - ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(Digital) (bleeding-virus.rules)
2007924 - ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(downloaded) (bleeding-virus.rules)
2007925 - ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(wnames) (bleeding-virus.rules)
2007926 - ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(cv_v5.0.0) (bleeding-virus.rules)
2007927 - ET MALWARE Donkeyhote.co.kr Spyware User Agent (UDonkey)
(bleeding-malware.rules)
2007928 - ET MALWARE Gcashback.co.kr Spyware User Agent (InvokeAd)
(bleeding-malware.rules)
2007929 - ET MALWARE Suspicious User Agent (User-Agent\: Mozilla/4.0
(compatible\; )) (bleeding-malware.rules)
[///] Modified active rules: [///]
2006429 - ET MALWARE Karine.co.kr Related Spyware User Agent (chk Profile)
(bleeding-malware.rules)
2006430 - ET MALWARE Karine.co.kr Related Spyware User Agent (Access down)
(bleeding-malware.rules)
[///] Modified inactive rules: [///]
2006424 - ET MALWARE Karine.co.kr Related Spyware User Agent (WebUpdate)
(bleeding-malware.rules)
[+++] Added non-rule lines: [+++]
-> Added to bleeding-sid-msg.map (9):
2007921 || ET MALWARE Suspicious User Agent (Explorer)
2007922 || ET TROJAN Backdoor.Win32.VB.brg C&C Checkin
2007923 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(Digital)
2007924 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(downloaded)
2007925 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(wnames)
2007926 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(cv_v5.0.0)
2007927 || ET MALWARE Donkeyhote.co.kr Spyware User Agent (UDonkey)
2007928 || ET MALWARE Gcashback.co.kr Spyware User Agent (InvokeAd)
2007929 || ET MALWARE Suspicious User Agent (User-Agent\: Mozilla/4.0
(compatible\; ))
-> Added to bleeding-sid-msg.map.txt (9):
2007921 || ET MALWARE Suspicious User Agent (Explorer)
2007922 || ET TROJAN Backdoor.Win32.VB.brg C&C Checkin
2007923 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(Digital)
2007924 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(downloaded)
2007925 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(wnames)
2007926 || ET TROJAN Suspicious User-Agent - Possible Trojan Downloader
(cv_v5.0.0)
2007927 || ET MALWARE Donkeyhote.co.kr Spyware User Agent (UDonkey)
2007928 || ET MALWARE Gcashback.co.kr Spyware User Agent (InvokeAd)
2007929 || ET MALWARE Suspicious User Agent (User-Agent\: Mozilla/4.0
(compatible\; ))
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
