Talos has added and modified multiple rules in the browser-ie, exploit-kit, file-flash, file-multimedia, file-office, file-other, malware-cnc, malware-other, os-windows, policy-other, protocol-snmp and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091501.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:52915 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565136-0 download attempt (malware-other.rules) * 1:52914 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565135-0 download attempt (malware-other.rules) * 1:52913 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565134-0 download attempt (malware-other.rules) * 1:52912 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565324-0 download attempt (malware-other.rules) * 1:52911 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565210-0 download attempt (malware-other.rules) * 1:52910 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7565323-0 download attempt (malware-other.rules) * 1:52909 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Noon-7565208-0 download attempt (malware-other.rules) * 1:52908 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Banload-7565273-0 download attempt (malware-other.rules) * 1:52907 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565084-0 download attempt (malware-other.rules) * 1:52944 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565150-0 download attempt (malware-other.rules) * 1:52943 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565091-0 download attempt (malware-other.rules) * 1:52942 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565149-0 download attempt (malware-other.rules) * 1:52941 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565148-0 download attempt (malware-other.rules) * 1:52940 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565112-0 download attempt (malware-other.rules) * 1:52939 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565224-0 download attempt (malware-other.rules) * 1:52938 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565147-0 download attempt (malware-other.rules) * 1:52937 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565146-0 download attempt (malware-other.rules) * 1:52936 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565255-0 download attempt (malware-other.rules) * 1:52935 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565254-0 download attempt (malware-other.rules) * 1:52934 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565145-0 download attempt (malware-other.rules) * 1:52933 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565110-0 download attempt (malware-other.rules) * 1:52932 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565144-0 download attempt (malware-other.rules) * 1:52931 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565143-0 download attempt (malware-other.rules) * 1:52930 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565252-0 download attempt (malware-other.rules) * 1:52929 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565142-0 download attempt (malware-other.rules) * 1:52928 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565218-0 download attempt (malware-other.rules) * 1:52950 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565117-0 download attempt (malware-other.rules) * 1:52949 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565298-0 download attempt (malware-other.rules) * 1:52948 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565152-0 download attempt (malware-other.rules) * 1:52947 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565116-0 download attempt (malware-other.rules) * 1:52946 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565228-0 download attempt (malware-other.rules) * 1:52945 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565151-0 download attempt (malware-other.rules) * 1:52971 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ursu-7565633-0 download attempt (malware-other.rules) * 1:52970 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Palevo-7565441-0 download attempt (malware-other.rules) * 1:52969 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565402-0 download attempt (malware-other.rules) * 1:52968 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565401-0 download attempt (malware-other.rules) * 1:52967 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565437-0 download attempt (malware-other.rules) * 1:52966 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Dapato-7565398-0 download attempt (malware-other.rules) * 1:52965 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565535-0 download attempt (malware-other.rules) * 1:52964 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Vbtrojan-7565395-0 download attempt (malware-other.rules) * 1:52963 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Razy-7565394-0 download attempt (malware-other.rules) * 1:52962 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Rombrast-7565393-0 download attempt (malware-other.rules) * 1:52961 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Poison-7565378-0 download attempt (malware-other.rules) * 1:52960 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565375-0 download attempt (malware-other.rules) * 1:52959 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565352-0 download attempt (malware-other.rules) * 1:52958 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565303-0 download attempt (malware-other.rules) * 1:52957 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.U5wrugbi-7565203-0 download attempt (malware-other.rules) * 1:52956 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565265-0 download attempt (malware-other.rules) * 1:52955 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565119-0 download attempt (malware-other.rules) * 1:52954 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565118-0 download attempt (malware-other.rules) * 1:52953 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565299-0 download attempt (malware-other.rules) * 1:52952 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565153-0 download attempt (malware-other.rules) * 1:52951 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565094-0 download attempt (malware-other.rules) * 1:52980 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7565731-0 download attempt (malware-other.rules) * 1:52979 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565370-0 download attempt (malware-other.rules) * 1:52978 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565522-0 download attempt (malware-other.rules) * 1:52977 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565453-0 download attempt (malware-other.rules) * 1:52976 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Jaik-7565368-0 download attempt (malware-other.rules) * 1:52975 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Azorult-7565367-0 download attempt (malware-other.rules) * 1:52974 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Jaiks-7565588-0 download attempt (malware-other.rules) * 1:52973 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Impolite-7565549-0 download attempt (malware-other.rules) * 1:52972 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Barys-7565547-0 download attempt (malware-other.rules) * 1:52859 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561849-0 download attempt (malware-other.rules) * 1:52858 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561854-0 download attempt (malware-other.rules) * 1:52895 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564979-0 download attempt (malware-other.rules) * 1:52894 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564918-0 download attempt (malware-other.rules) * 1:52893 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Zpevdo-7564583-0 download attempt (malware-other.rules) * 1:52892 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564582-0 download attempt (malware-other.rules) * 1:52891 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564508-0 download attempt (malware-other.rules) * 1:52890 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564542-0 download attempt (malware-other.rules) * 1:52889 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564580-0 download attempt (malware-other.rules) * 1:52888 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564540-0 download attempt (malware-other.rules) * 1:52887 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564579-0 download attempt (malware-other.rules) * 1:52886 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564504-0 download attempt (malware-other.rules) * 1:52885 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7564577-0 download attempt (malware-other.rules) * 1:52884 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564538-0 download attempt (malware-other.rules) * 1:52883 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564501-0 download attempt (malware-other.rules) * 1:52882 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Noon-7564575-0 download attempt (malware-other.rules) * 1:52881 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7564574-0 download attempt (malware-other.rules) * 1:52880 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564573-0 download attempt (malware-other.rules) * 1:52879 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Genkryptik-7564572-0 download attempt (malware-other.rules) * 1:52901 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565074-0 download attempt (malware-other.rules) * 1:52900 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Nanobot-7564916-0 download attempt (malware-other.rules) * 1:52899 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564912-0 download attempt (malware-other.rules) * 1:52898 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7564907-0 download attempt (malware-other.rules) * 1:52897 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agensla-7564923-0 download attempt (malware-other.rules) * 1:52896 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564922-0 download attempt (malware-other.rules) * 1:52906 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565083-0 download attempt (malware-other.rules) * 1:52905 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565082-0 download attempt (malware-other.rules) * 1:52904 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565079-0 download attempt (malware-other.rules) * 1:52903 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565078-0 download attempt (malware-other.rules) * 1:52902 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565076-0 download attempt (malware-other.rules) * 1:52927 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565108-0 download attempt (malware-other.rules) * 1:52926 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565141-0 download attempt (malware-other.rules) * 1:52925 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Binder-7565283-0 download attempt (malware-other.rules) * 1:52924 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565249-0 download attempt (malware-other.rules) * 1:52923 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565216-0 download attempt (malware-other.rules) * 1:52922 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565248-0 download attempt (malware-other.rules) * 1:52921 <-> DISABLED <-> MALWARE-OTHER Win.Keylogger.Barys-7565186-0 download attempt (malware-other.rules) * 1:52920 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565105-0 download attempt (malware-other.rules) * 1:52919 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565138-0 download attempt (malware-other.rules) * 1:52918 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565185-0 download attempt (malware-other.rules) * 1:52917 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565214-0 download attempt (malware-other.rules) * 1:52916 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565104-0 download attempt (malware-other.rules) * 1:52659 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52658 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52657 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52656 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52655 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52654 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52653 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52652 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52651 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52650 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52679 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmalware-7561251-0 download attempt (malware-other.rules) * 1:52678 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-7561248-0 download attempt (malware-other.rules) * 1:52677 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561247-0 download attempt (malware-other.rules) * 1:52676 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561280-0 download attempt (malware-other.rules) * 1:52675 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561277-0 download attempt (malware-other.rules) * 1:52674 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmetagen-7561240-0 download attempt (malware-other.rules) * 1:52673 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7561238-0 download attempt (malware-other.rules) * 1:52672 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561317-0 download attempt (malware-other.rules) * 1:52671 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561269-0 download attempt (malware-other.rules) * 1:52670 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7561314-0 download attempt (malware-other.rules) * 1:52665 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Nymaim-7542552-1 download attempt (malware-other.rules) * 1:52664 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52663 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52662 <-> ENABLED <-> MALWARE-OTHER Citrix ADC and Gateway backdoor upload attempt (malware-other.rules) * 1:52661 <-> ENABLED <-> MALWARE-OTHER Linux.Downloader.CoinMiner variant bash script dropper (malware-other.rules) * 1:52660 <-> DISABLED <-> EXPLOIT-KIT Spelevo Exploit Kit landing page detected (exploit-kit.rules) * 1:52680 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561252-0 download attempt (malware-other.rules) * 1:52691 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Llac-7561774-0 download attempt (malware-other.rules) * 1:52686 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561813-0 download attempt (malware-other.rules) * 1:52685 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561812-0 download attempt (malware-other.rules) * 1:52684 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Recam-7561435-0 download attempt (malware-other.rules) * 1:52683 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561420-0 download attempt (malware-other.rules) * 1:52682 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561287-0 download attempt (malware-other.rules) * 1:52681 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561253-0 download attempt (malware-other.rules) * 1:52690 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561770-0 download attempt (malware-other.rules) * 1:52689 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7561799-0 download attempt (malware-other.rules) * 1:52688 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Barys-7561764-0 download attempt (malware-other.rules) * 1:52687 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561800-0 download attempt (malware-other.rules) * 1:52696 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561836-0 download attempt (malware-other.rules) * 1:52695 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561835-0 download attempt (malware-other.rules) * 1:52694 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561834-0 download attempt (malware-other.rules) * 1:52693 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561778-0 download attempt (malware-other.rules) * 1:52692 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561740-0 download attempt (malware-other.rules) * 1:52697 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.St6t0pbig-7561837-0 download attempt (malware-other.rules) * 1:52702 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561843-0 download attempt (malware-other.rules) * 1:52701 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561842-0 download attempt (malware-other.rules) * 1:52700 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561840-0 download attempt (malware-other.rules) * 1:52699 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561839-0 download attempt (malware-other.rules) * 1:52698 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Bj3cyooi-7561838-0 download attempt (malware-other.rules) * 1:52703 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561845-0 download attempt (malware-other.rules) * 1:52708 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561851-0 download attempt (malware-other.rules) * 1:52707 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561850-0 download attempt (malware-other.rules) * 1:52706 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561848-0 download attempt (malware-other.rules) * 1:52705 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561847-0 download attempt (malware-other.rules) * 1:52704 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561846-0 download attempt (malware-other.rules) * 1:52709 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561852-0 download attempt (malware-other.rules) * 1:52713 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561857-0 download attempt (malware-other.rules) * 1:52712 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561856-0 download attempt (malware-other.rules) * 1:52711 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561855-0 download attempt (malware-other.rules) * 1:52710 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561853-0 download attempt (malware-other.rules) * 1:52715 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5nng-7561860-0 download attempt (malware-other.rules) * 1:52714 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561858-0 download attempt (malware-other.rules) * 1:52716 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561861-0 download attempt (malware-other.rules) * 1:52717 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561862-0 download attempt (malware-other.rules) * 1:52722 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561869-0 download attempt (malware-other.rules) * 1:52721 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561867-0 download attempt (malware-other.rules) * 1:52720 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561866-0 download attempt (malware-other.rules) * 1:52719 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561865-0 download attempt (malware-other.rules) * 1:52718 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561863-0 download attempt (malware-other.rules) * 1:52725 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561872-0 download attempt (malware-other.rules) * 1:52724 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Npei-7561871-0 download attempt (malware-other.rules) * 1:52723 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561870-0 download attempt (malware-other.rules) * 1:52726 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561874-0 download attempt (malware-other.rules) * 1:52728 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561876-0 download attempt (malware-other.rules) * 1:52727 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561875-0 download attempt (malware-other.rules) * 1:52729 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561877-0 download attempt (malware-other.rules) * 1:52735 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561885-0 download attempt (malware-other.rules) * 1:52734 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561884-0 download attempt (malware-other.rules) * 1:52733 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561882-0 download attempt (malware-other.rules) * 1:52732 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561881-0 download attempt (malware-other.rules) * 1:52731 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561880-0 download attempt (malware-other.rules) * 1:52730 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.A0lxvvoi-7561878-0 download attempt (malware-other.rules) * 1:52737 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561887-0 download attempt (malware-other.rules) * 1:52736 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561886-0 download attempt (malware-other.rules) * 1:52740 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Akpmcxbi-7561891-0 download attempt (malware-other.rules) * 1:52739 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561890-0 download attempt (malware-other.rules) * 1:52738 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5ag5gli-7561888-0 download attempt (malware-other.rules) * 1:52741 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561892-0 download attempt (malware-other.rules) * 1:52744 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561895-0 download attempt (malware-other.rules) * 1:52743 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561894-0 download attempt (malware-other.rules) * 1:52742 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bzn9rpki-7561893-0 download attempt (malware-other.rules) * 1:52745 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561896-0 download attempt (malware-other.rules) * 1:52746 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561898-0 download attempt (malware-other.rules) * 1:52747 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561932-0 download attempt (malware-other.rules) * 1:52752 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aw5uvlni-7561938-0 download attempt (malware-other.rules) * 1:52751 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561902-0 download attempt (malware-other.rules) * 1:52750 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561900-0 download attempt (malware-other.rules) * 1:52749 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561935-0 download attempt (malware-other.rules) * 1:52748 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561897-0 download attempt (malware-other.rules) * 1:52753 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561904-0 download attempt (malware-other.rules) * 1:52774 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B1smkrbi-7561950-0 download attempt (malware-other.rules) * 1:52773 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561914-0 download attempt (malware-other.rules) * 1:52772 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561949-0 download attempt (malware-other.rules) * 1:52771 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561913-0 download attempt (malware-other.rules) * 1:52770 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561948-0 download attempt (malware-other.rules) * 1:52769 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561912-0 download attempt (malware-other.rules) * 1:52768 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561947-0 download attempt (malware-other.rules) * 1:52767 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561911-0 download attempt (malware-other.rules) * 1:52766 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561946-0 download attempt (malware-other.rules) * 1:52765 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561910-0 download attempt (malware-other.rules) * 1:52764 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561945-0 download attempt (malware-other.rules) * 1:52763 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561909-0 download attempt (malware-other.rules) * 1:52762 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561944-0 download attempt (malware-other.rules) * 1:52761 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561908-0 download attempt (malware-other.rules) * 1:52760 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561943-0 download attempt (malware-other.rules) * 1:52759 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561907-0 download attempt (malware-other.rules) * 1:52758 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561942-0 download attempt (malware-other.rules) * 1:52757 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aqtsimgi-7561906-0 download attempt (malware-other.rules) * 1:52756 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561941-0 download attempt (malware-other.rules) * 1:52755 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561940-0 download attempt (malware-other.rules) * 1:52754 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561939-0 download attempt (malware-other.rules) * 1:52790 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561925-0 download attempt (malware-other.rules) * 1:52789 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561958-0 download attempt (malware-other.rules) * 1:52788 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561924-0 download attempt (malware-other.rules) * 1:52787 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561957-0 download attempt (malware-other.rules) * 1:52786 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561923-0 download attempt (malware-other.rules) * 1:52785 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561956-0 download attempt (malware-other.rules) * 1:52784 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561922-0 download attempt (malware-other.rules) * 1:52783 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561955-0 download attempt (malware-other.rules) * 1:52782 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561954-0 download attempt (malware-other.rules) * 1:52781 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561918-0 download attempt (malware-other.rules) * 1:52780 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561953-0 download attempt (malware-other.rules) * 1:52779 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bp9m3rli-7561917-0 download attempt (malware-other.rules) * 1:52778 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561952-0 download attempt (malware-other.rules) * 1:52777 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Awvbhqli-7561916-0 download attempt (malware-other.rules) * 1:52776 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561951-0 download attempt (malware-other.rules) * 1:52775 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Asbnzfbi-7561915-0 download attempt (malware-other.rules) * 1:52791 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561959-0 download attempt (malware-other.rules) * 1:52792 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561926-0 download attempt (malware-other.rules) * 1:52794 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561927-0 download attempt (malware-other.rules) * 1:52793 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561960-0 download attempt (malware-other.rules) * 1:52802 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bdksyxs-7561931-0 download attempt (malware-other.rules) * 1:52798 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561929-0 download attempt (malware-other.rules) * 1:52797 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561962-0 download attempt (malware-other.rules) * 1:52796 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561928-0 download attempt (malware-other.rules) * 1:52795 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561961-0 download attempt (malware-other.rules) * 1:52801 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561964-0 download attempt (malware-other.rules) * 1:52800 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561930-0 download attempt (malware-other.rules) * 1:52799 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561963-0 download attempt (malware-other.rules) * 1:52810 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Fareit-7562081-0 download attempt (malware-other.rules) * 1:52806 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7562065-0 download attempt (malware-other.rules) * 1:52805 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7562098-0 download attempt (malware-other.rules) * 1:52804 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562095-0 download attempt (malware-other.rules) * 1:52803 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562089-0 download attempt (malware-other.rules) * 1:52809 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Scar-7562041-0 download attempt (malware-other.rules) * 1:52808 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Scar-7562034-0 download attempt (malware-other.rules) * 1:52807 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Tofsee-7562099-0 download attempt (malware-other.rules) * 1:52823 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default admin credentials detected (policy-other.rules) * 1:52816 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562998-0 download attempt (malware-other.rules) * 1:52815 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Generickdz-7563017-0 download attempt (malware-other.rules) * 1:52814 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Clipbanker-7562988-0 download attempt (malware-other.rules) * 1:52813 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7562991-0 download attempt (malware-other.rules) * 1:52812 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7563014-0 download attempt (malware-other.rules) * 1:52811 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563016-0 download attempt (malware-other.rules) * 1:52822 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default root credentials detected (policy-other.rules) * 1:52821 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52820 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52817 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564432-0 download attempt (malware-other.rules) * 1:52824 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Muhstik variant IRC outbound connection (malware-cnc.rules) * 1:52830 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7563013-0 download attempt (malware-other.rules) * 1:52829 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563019-0 download attempt (malware-other.rules) * 1:52828 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7561648-0 download attempt (malware-other.rules) * 1:52827 <-> DISABLED <-> SERVER-WEBAPP Tomato router web interface bruteforce scan attempt (server-webapp.rules) * 1:52826 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52825 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52835 <-> DISABLED <-> SERVER-WEBAPP Kibana Timelion prototype pollution code execution attempt (server-webapp.rules) * 1:52834 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Brsjkedi-7561936-0 download attempt (malware-other.rules) * 1:52833 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561937-0 download attempt (malware-other.rules) * 1:52832 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7562086-0 download attempt (malware-other.rules) * 1:52831 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562992-0 download attempt (malware-other.rules) * 1:52845 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52844 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52846 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52853 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561889-0 download attempt (malware-other.rules) * 1:52852 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561864-0 download attempt (malware-other.rules) * 1:52849 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52848 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52847 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52855 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561879-0 download attempt (malware-other.rules) * 1:52854 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561883-0 download attempt (malware-other.rules) * 1:52856 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561868-0 download attempt (malware-other.rules) * 1:52857 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561859-0 download attempt (malware-other.rules) * 1:52878 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564571-0 download attempt (malware-other.rules) * 1:52877 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564570-0 download attempt (malware-other.rules) * 1:52876 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564569-0 download attempt (malware-other.rules) * 1:52875 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564628-0 download attempt (malware-other.rules) * 1:52874 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564567-0 download attempt (malware-other.rules) * 1:52873 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7564566-0 download attempt (malware-other.rules) * 1:52872 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564565-0 download attempt (malware-other.rules) * 1:52871 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7564564-0 download attempt (malware-other.rules) * 1:52870 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564591-0 download attempt (malware-other.rules) * 1:52869 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7564593-0 download attempt (malware-other.rules) * 1:52868 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Cwmx-7564592-0 download attempt (malware-other.rules) * 1:52867 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564559-0 download attempt (malware-other.rules) * 1:52866 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS server certificate public key with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52865 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52864 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52863 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561765-0 download attempt (malware-other.rules) * 1:52862 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561750-0 download attempt (malware-other.rules) * 1:52861 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561841-0 download attempt (malware-other.rules) * 1:52860 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561844-0 download attempt (malware-other.rules) * 3:52666 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52667 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52668 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52669 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52818 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52836 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52837 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52838 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52839 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52840 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52841 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52842 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52843 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52819 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules)
* 1:49182 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:43849 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman RestoreZipFile opcode command injection attempt (server-other.rules) * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:45674 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:46935 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNSAPI remote code execution attempt (os-windows.rules) * 1:52619 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS handshake with spoofed certificate attempt (os-windows.rules) * 1:45673 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:49183 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 3:52629 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules) * 3:52632 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091500.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:52930 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565252-0 download attempt (malware-other.rules) * 1:52929 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565142-0 download attempt (malware-other.rules) * 1:52928 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565218-0 download attempt (malware-other.rules) * 1:52927 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565108-0 download attempt (malware-other.rules) * 1:52926 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565141-0 download attempt (malware-other.rules) * 1:52925 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Binder-7565283-0 download attempt (malware-other.rules) * 1:52935 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565254-0 download attempt (malware-other.rules) * 1:52934 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565145-0 download attempt (malware-other.rules) * 1:52933 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565110-0 download attempt (malware-other.rules) * 1:52932 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565144-0 download attempt (malware-other.rules) * 1:52931 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565143-0 download attempt (malware-other.rules) * 1:52936 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565255-0 download attempt (malware-other.rules) * 1:52938 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565147-0 download attempt (malware-other.rules) * 1:52937 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565146-0 download attempt (malware-other.rules) * 1:52940 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565112-0 download attempt (malware-other.rules) * 1:52939 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565224-0 download attempt (malware-other.rules) * 1:52941 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565148-0 download attempt (malware-other.rules) * 1:52942 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565149-0 download attempt (malware-other.rules) * 1:52947 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565116-0 download attempt (malware-other.rules) * 1:52946 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565228-0 download attempt (malware-other.rules) * 1:52945 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565151-0 download attempt (malware-other.rules) * 1:52944 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565150-0 download attempt (malware-other.rules) * 1:52943 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565091-0 download attempt (malware-other.rules) * 1:52951 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565094-0 download attempt (malware-other.rules) * 1:52950 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565117-0 download attempt (malware-other.rules) * 1:52949 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565298-0 download attempt (malware-other.rules) * 1:52948 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565152-0 download attempt (malware-other.rules) * 1:52952 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565153-0 download attempt (malware-other.rules) * 1:52954 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565118-0 download attempt (malware-other.rules) * 1:52953 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565299-0 download attempt (malware-other.rules) * 1:52955 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565119-0 download attempt (malware-other.rules) * 1:52956 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565265-0 download attempt (malware-other.rules) * 1:52977 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565453-0 download attempt (malware-other.rules) * 1:52976 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Jaik-7565368-0 download attempt (malware-other.rules) * 1:52975 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Azorult-7565367-0 download attempt (malware-other.rules) * 1:52974 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Jaiks-7565588-0 download attempt (malware-other.rules) * 1:52973 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Impolite-7565549-0 download attempt (malware-other.rules) * 1:52972 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Barys-7565547-0 download attempt (malware-other.rules) * 1:52971 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ursu-7565633-0 download attempt (malware-other.rules) * 1:52970 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Palevo-7565441-0 download attempt (malware-other.rules) * 1:52969 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565402-0 download attempt (malware-other.rules) * 1:52968 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565401-0 download attempt (malware-other.rules) * 1:52967 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565437-0 download attempt (malware-other.rules) * 1:52966 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Dapato-7565398-0 download attempt (malware-other.rules) * 1:52965 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565535-0 download attempt (malware-other.rules) * 1:52964 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Vbtrojan-7565395-0 download attempt (malware-other.rules) * 1:52963 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Razy-7565394-0 download attempt (malware-other.rules) * 1:52962 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Rombrast-7565393-0 download attempt (malware-other.rules) * 1:52961 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Poison-7565378-0 download attempt (malware-other.rules) * 1:52960 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565375-0 download attempt (malware-other.rules) * 1:52959 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565352-0 download attempt (malware-other.rules) * 1:52958 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565303-0 download attempt (malware-other.rules) * 1:52957 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.U5wrugbi-7565203-0 download attempt (malware-other.rules) * 1:52980 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7565731-0 download attempt (malware-other.rules) * 1:52979 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565370-0 download attempt (malware-other.rules) * 1:52978 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565522-0 download attempt (malware-other.rules) * 1:52903 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565078-0 download attempt (malware-other.rules) * 1:52904 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565079-0 download attempt (malware-other.rules) * 1:52907 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565084-0 download attempt (malware-other.rules) * 1:52906 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565083-0 download attempt (malware-other.rules) * 1:52905 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565082-0 download attempt (malware-other.rules) * 1:52908 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Banload-7565273-0 download attempt (malware-other.rules) * 1:52909 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Noon-7565208-0 download attempt (malware-other.rules) * 1:52910 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7565323-0 download attempt (malware-other.rules) * 1:52911 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565210-0 download attempt (malware-other.rules) * 1:52913 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565134-0 download attempt (malware-other.rules) * 1:52912 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565324-0 download attempt (malware-other.rules) * 1:52914 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565135-0 download attempt (malware-other.rules) * 1:52915 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565136-0 download attempt (malware-other.rules) * 1:52916 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565104-0 download attempt (malware-other.rules) * 1:52917 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565214-0 download attempt (malware-other.rules) * 1:52918 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565185-0 download attempt (malware-other.rules) * 1:52919 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565138-0 download attempt (malware-other.rules) * 1:52922 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565248-0 download attempt (malware-other.rules) * 1:52921 <-> DISABLED <-> MALWARE-OTHER Win.Keylogger.Barys-7565186-0 download attempt (malware-other.rules) * 1:52920 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565105-0 download attempt (malware-other.rules) * 1:52923 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565216-0 download attempt (malware-other.rules) * 1:52924 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565249-0 download attempt (malware-other.rules) * 1:52650 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52651 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52652 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52653 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52660 <-> DISABLED <-> EXPLOIT-KIT Spelevo Exploit Kit landing page detected (exploit-kit.rules) * 1:52654 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52655 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52656 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52657 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52658 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52659 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52661 <-> ENABLED <-> MALWARE-OTHER Linux.Downloader.CoinMiner variant bash script dropper (malware-other.rules) * 1:52662 <-> ENABLED <-> MALWARE-OTHER Citrix ADC and Gateway backdoor upload attempt (malware-other.rules) * 1:52663 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52664 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52665 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Nymaim-7542552-1 download attempt (malware-other.rules) * 1:52670 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7561314-0 download attempt (malware-other.rules) * 1:52671 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561269-0 download attempt (malware-other.rules) * 1:52672 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561317-0 download attempt (malware-other.rules) * 1:52673 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7561238-0 download attempt (malware-other.rules) * 1:52674 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmetagen-7561240-0 download attempt (malware-other.rules) * 1:52675 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561277-0 download attempt (malware-other.rules) * 1:52676 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561280-0 download attempt (malware-other.rules) * 1:52677 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561247-0 download attempt (malware-other.rules) * 1:52678 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-7561248-0 download attempt (malware-other.rules) * 1:52679 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmalware-7561251-0 download attempt (malware-other.rules) * 1:52680 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561252-0 download attempt (malware-other.rules) * 1:52682 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561287-0 download attempt (malware-other.rules) * 1:52683 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561420-0 download attempt (malware-other.rules) * 1:52684 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Recam-7561435-0 download attempt (malware-other.rules) * 1:52685 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561812-0 download attempt (malware-other.rules) * 1:52686 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561813-0 download attempt (malware-other.rules) * 1:52687 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561800-0 download attempt (malware-other.rules) * 1:52688 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Barys-7561764-0 download attempt (malware-other.rules) * 1:52689 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7561799-0 download attempt (malware-other.rules) * 1:52690 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561770-0 download attempt (malware-other.rules) * 1:52692 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561740-0 download attempt (malware-other.rules) * 1:52693 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561778-0 download attempt (malware-other.rules) * 1:52694 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561834-0 download attempt (malware-other.rules) * 1:52695 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561835-0 download attempt (malware-other.rules) * 1:52696 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561836-0 download attempt (malware-other.rules) * 1:52697 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.St6t0pbig-7561837-0 download attempt (malware-other.rules) * 1:52698 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Bj3cyooi-7561838-0 download attempt (malware-other.rules) * 1:52699 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561839-0 download attempt (malware-other.rules) * 1:52700 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561840-0 download attempt (malware-other.rules) * 1:52701 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561842-0 download attempt (malware-other.rules) * 1:52702 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561843-0 download attempt (malware-other.rules) * 1:52703 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561845-0 download attempt (malware-other.rules) * 1:52704 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561846-0 download attempt (malware-other.rules) * 1:52705 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561847-0 download attempt (malware-other.rules) * 1:52706 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561848-0 download attempt (malware-other.rules) * 1:52681 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561253-0 download attempt (malware-other.rules) * 1:52691 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Llac-7561774-0 download attempt (malware-other.rules) * 1:52710 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561853-0 download attempt (malware-other.rules) * 1:52711 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561855-0 download attempt (malware-other.rules) * 1:52712 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561856-0 download attempt (malware-other.rules) * 1:52713 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561857-0 download attempt (malware-other.rules) * 1:52714 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561858-0 download attempt (malware-other.rules) * 1:52707 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561850-0 download attempt (malware-other.rules) * 1:52715 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5nng-7561860-0 download attempt (malware-other.rules) * 1:52716 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561861-0 download attempt (malware-other.rules) * 1:52717 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561862-0 download attempt (malware-other.rules) * 1:52718 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561863-0 download attempt (malware-other.rules) * 1:52709 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561852-0 download attempt (malware-other.rules) * 1:52720 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561866-0 download attempt (malware-other.rules) * 1:52721 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561867-0 download attempt (malware-other.rules) * 1:52722 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561869-0 download attempt (malware-other.rules) * 1:52723 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561870-0 download attempt (malware-other.rules) * 1:52708 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561851-0 download attempt (malware-other.rules) * 1:52724 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Npei-7561871-0 download attempt (malware-other.rules) * 1:52719 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561865-0 download attempt (malware-other.rules) * 1:52725 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561872-0 download attempt (malware-other.rules) * 1:52726 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561874-0 download attempt (malware-other.rules) * 1:52727 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561875-0 download attempt (malware-other.rules) * 1:52728 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561876-0 download attempt (malware-other.rules) * 1:52729 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561877-0 download attempt (malware-other.rules) * 1:52732 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561881-0 download attempt (malware-other.rules) * 1:52733 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561882-0 download attempt (malware-other.rules) * 1:52734 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561884-0 download attempt (malware-other.rules) * 1:52735 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561885-0 download attempt (malware-other.rules) * 1:52730 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.A0lxvvoi-7561878-0 download attempt (malware-other.rules) * 1:52736 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561886-0 download attempt (malware-other.rules) * 1:52731 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561880-0 download attempt (malware-other.rules) * 1:52741 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561892-0 download attempt (malware-other.rules) * 1:52738 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5ag5gli-7561888-0 download attempt (malware-other.rules) * 1:52739 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561890-0 download attempt (malware-other.rules) * 1:52740 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Akpmcxbi-7561891-0 download attempt (malware-other.rules) * 1:52742 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bzn9rpki-7561893-0 download attempt (malware-other.rules) * 1:52737 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561887-0 download attempt (malware-other.rules) * 1:52743 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561894-0 download attempt (malware-other.rules) * 1:52744 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561895-0 download attempt (malware-other.rules) * 1:52747 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561932-0 download attempt (malware-other.rules) * 1:52748 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561897-0 download attempt (malware-other.rules) * 1:52749 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561935-0 download attempt (malware-other.rules) * 1:52746 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561898-0 download attempt (malware-other.rules) * 1:52750 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561900-0 download attempt (malware-other.rules) * 1:52751 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561902-0 download attempt (malware-other.rules) * 1:52752 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aw5uvlni-7561938-0 download attempt (malware-other.rules) * 1:52745 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561896-0 download attempt (malware-other.rules) * 1:52754 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561939-0 download attempt (malware-other.rules) * 1:52755 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561940-0 download attempt (malware-other.rules) * 1:52753 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561904-0 download attempt (malware-other.rules) * 1:52758 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561942-0 download attempt (malware-other.rules) * 1:52759 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561907-0 download attempt (malware-other.rules) * 1:52760 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561943-0 download attempt (malware-other.rules) * 1:52761 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561908-0 download attempt (malware-other.rules) * 1:52762 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561944-0 download attempt (malware-other.rules) * 1:52756 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561941-0 download attempt (malware-other.rules) * 1:52757 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aqtsimgi-7561906-0 download attempt (malware-other.rules) * 1:52764 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561945-0 download attempt (malware-other.rules) * 1:52766 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561946-0 download attempt (malware-other.rules) * 1:52767 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561911-0 download attempt (malware-other.rules) * 1:52763 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561909-0 download attempt (malware-other.rules) * 1:52765 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561910-0 download attempt (malware-other.rules) * 1:52771 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561913-0 download attempt (malware-other.rules) * 1:52768 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561947-0 download attempt (malware-other.rules) * 1:52770 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561948-0 download attempt (malware-other.rules) * 1:52769 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561912-0 download attempt (malware-other.rules) * 1:52772 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561949-0 download attempt (malware-other.rules) * 1:52773 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561914-0 download attempt (malware-other.rules) * 1:52776 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561951-0 download attempt (malware-other.rules) * 1:52777 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Awvbhqli-7561916-0 download attempt (malware-other.rules) * 1:52778 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561952-0 download attempt (malware-other.rules) * 1:52779 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bp9m3rli-7561917-0 download attempt (malware-other.rules) * 1:52774 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B1smkrbi-7561950-0 download attempt (malware-other.rules) * 1:52802 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bdksyxs-7561931-0 download attempt (malware-other.rules) * 1:52775 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Asbnzfbi-7561915-0 download attempt (malware-other.rules) * 1:52782 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561954-0 download attempt (malware-other.rules) * 1:52783 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561955-0 download attempt (malware-other.rules) * 1:52784 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561922-0 download attempt (malware-other.rules) * 1:52785 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561956-0 download attempt (malware-other.rules) * 1:52786 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561923-0 download attempt (malware-other.rules) * 1:52787 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561957-0 download attempt (malware-other.rules) * 1:52788 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561924-0 download attempt (malware-other.rules) * 1:52789 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561958-0 download attempt (malware-other.rules) * 1:52790 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561925-0 download attempt (malware-other.rules) * 1:52791 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561959-0 download attempt (malware-other.rules) * 1:52792 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561926-0 download attempt (malware-other.rules) * 1:52793 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561960-0 download attempt (malware-other.rules) * 1:52794 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561927-0 download attempt (malware-other.rules) * 1:52795 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561961-0 download attempt (malware-other.rules) * 1:52796 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561928-0 download attempt (malware-other.rules) * 1:52797 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561962-0 download attempt (malware-other.rules) * 1:52798 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561929-0 download attempt (malware-other.rules) * 1:52799 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561963-0 download attempt (malware-other.rules) * 1:52800 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561930-0 download attempt (malware-other.rules) * 1:52801 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561964-0 download attempt (malware-other.rules) * 1:52780 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561953-0 download attempt (malware-other.rules) * 1:52803 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562089-0 download attempt (malware-other.rules) * 1:52804 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562095-0 download attempt (malware-other.rules) * 1:52805 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7562098-0 download attempt (malware-other.rules) * 1:52806 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7562065-0 download attempt (malware-other.rules) * 1:52807 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Tofsee-7562099-0 download attempt (malware-other.rules) * 1:52808 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Scar-7562034-0 download attempt (malware-other.rules) * 1:52809 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Scar-7562041-0 download attempt (malware-other.rules) * 1:52810 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Fareit-7562081-0 download attempt (malware-other.rules) * 1:52811 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563016-0 download attempt (malware-other.rules) * 1:52812 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7563014-0 download attempt (malware-other.rules) * 1:52813 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7562991-0 download attempt (malware-other.rules) * 1:52814 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Clipbanker-7562988-0 download attempt (malware-other.rules) * 1:52815 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Generickdz-7563017-0 download attempt (malware-other.rules) * 1:52816 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562998-0 download attempt (malware-other.rules) * 1:52817 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564432-0 download attempt (malware-other.rules) * 1:52781 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561918-0 download attempt (malware-other.rules) * 1:52820 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52821 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52823 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default admin credentials detected (policy-other.rules) * 1:52826 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52827 <-> DISABLED <-> SERVER-WEBAPP Tomato router web interface bruteforce scan attempt (server-webapp.rules) * 1:52828 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7561648-0 download attempt (malware-other.rules) * 1:52822 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default root credentials detected (policy-other.rules) * 1:52829 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563019-0 download attempt (malware-other.rules) * 1:52830 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7563013-0 download attempt (malware-other.rules) * 1:52831 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562992-0 download attempt (malware-other.rules) * 1:52825 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52834 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Brsjkedi-7561936-0 download attempt (malware-other.rules) * 1:52835 <-> DISABLED <-> SERVER-WEBAPP Kibana Timelion prototype pollution code execution attempt (server-webapp.rules) * 1:52844 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52824 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Muhstik variant IRC outbound connection (malware-cnc.rules) * 1:52845 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52846 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52847 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52833 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561937-0 download attempt (malware-other.rules) * 1:52852 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561864-0 download attempt (malware-other.rules) * 1:52853 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561889-0 download attempt (malware-other.rules) * 1:52854 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561883-0 download attempt (malware-other.rules) * 1:52855 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561879-0 download attempt (malware-other.rules) * 1:52856 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561868-0 download attempt (malware-other.rules) * 1:52832 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7562086-0 download attempt (malware-other.rules) * 1:52857 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561859-0 download attempt (malware-other.rules) * 1:52858 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561854-0 download attempt (malware-other.rules) * 1:52859 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561849-0 download attempt (malware-other.rules) * 1:52860 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561844-0 download attempt (malware-other.rules) * 1:52849 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52848 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52862 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561750-0 download attempt (malware-other.rules) * 1:52863 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561765-0 download attempt (malware-other.rules) * 1:52864 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52865 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52866 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS server certificate public key with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52867 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564559-0 download attempt (malware-other.rules) * 1:52861 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561841-0 download attempt (malware-other.rules) * 1:52869 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7564593-0 download attempt (malware-other.rules) * 1:52870 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564591-0 download attempt (malware-other.rules) * 1:52871 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7564564-0 download attempt (malware-other.rules) * 1:52872 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564565-0 download attempt (malware-other.rules) * 1:52868 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Cwmx-7564592-0 download attempt (malware-other.rules) * 1:52874 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564567-0 download attempt (malware-other.rules) * 1:52875 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564628-0 download attempt (malware-other.rules) * 1:52873 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7564566-0 download attempt (malware-other.rules) * 1:52876 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564569-0 download attempt (malware-other.rules) * 1:52877 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564570-0 download attempt (malware-other.rules) * 1:52878 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564571-0 download attempt (malware-other.rules) * 1:52879 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Genkryptik-7564572-0 download attempt (malware-other.rules) * 1:52880 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564573-0 download attempt (malware-other.rules) * 1:52883 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564501-0 download attempt (malware-other.rules) * 1:52882 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Noon-7564575-0 download attempt (malware-other.rules) * 1:52881 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7564574-0 download attempt (malware-other.rules) * 1:52884 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564538-0 download attempt (malware-other.rules) * 1:52885 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7564577-0 download attempt (malware-other.rules) * 1:52886 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564504-0 download attempt (malware-other.rules) * 1:52887 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564579-0 download attempt (malware-other.rules) * 1:52888 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564540-0 download attempt (malware-other.rules) * 1:52889 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564580-0 download attempt (malware-other.rules) * 1:52890 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564542-0 download attempt (malware-other.rules) * 1:52891 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564508-0 download attempt (malware-other.rules) * 1:52892 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564582-0 download attempt (malware-other.rules) * 1:52893 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Zpevdo-7564583-0 download attempt (malware-other.rules) * 1:52894 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564918-0 download attempt (malware-other.rules) * 1:52895 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564979-0 download attempt (malware-other.rules) * 1:52896 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564922-0 download attempt (malware-other.rules) * 1:52897 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agensla-7564923-0 download attempt (malware-other.rules) * 1:52898 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7564907-0 download attempt (malware-other.rules) * 1:52899 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564912-0 download attempt (malware-other.rules) * 1:52900 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Nanobot-7564916-0 download attempt (malware-other.rules) * 1:52901 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565074-0 download attempt (malware-other.rules) * 1:52902 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565076-0 download attempt (malware-other.rules) * 3:52666 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52667 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52669 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52818 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52819 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52836 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52668 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52837 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52838 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52839 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52840 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52841 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52842 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52843 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules)
* 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:46935 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNSAPI remote code execution attempt (os-windows.rules) * 1:45674 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:45673 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:52619 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS handshake with spoofed certificate attempt (os-windows.rules) * 1:49183 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:49182 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:43849 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman RestoreZipFile opcode command injection attempt (server-other.rules) * 3:52629 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules) * 3:52632 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091401.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:52711 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561855-0 download attempt (malware-other.rules) * 1:52828 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7561648-0 download attempt (malware-other.rules) * 1:52825 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52826 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52823 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default admin credentials detected (policy-other.rules) * 1:52824 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Muhstik variant IRC outbound connection (malware-cnc.rules) * 1:52821 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52822 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default root credentials detected (policy-other.rules) * 1:52817 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564432-0 download attempt (malware-other.rules) * 1:52820 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52815 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Generickdz-7563017-0 download attempt (malware-other.rules) * 1:52816 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562998-0 download attempt (malware-other.rules) * 1:52813 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7562991-0 download attempt (malware-other.rules) * 1:52814 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Clipbanker-7562988-0 download attempt (malware-other.rules) * 1:52811 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563016-0 download attempt (malware-other.rules) * 1:52812 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7563014-0 download attempt (malware-other.rules) * 1:52810 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Fareit-7562081-0 download attempt (malware-other.rules) * 1:52809 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Scar-7562041-0 download attempt (malware-other.rules) * 1:52807 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Tofsee-7562099-0 download attempt (malware-other.rules) * 1:52808 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Scar-7562034-0 download attempt (malware-other.rules) * 1:52805 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7562098-0 download attempt (malware-other.rules) * 1:52806 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7562065-0 download attempt (malware-other.rules) * 1:52803 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562089-0 download attempt (malware-other.rules) * 1:52804 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562095-0 download attempt (malware-other.rules) * 1:52801 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561964-0 download attempt (malware-other.rules) * 1:52802 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bdksyxs-7561931-0 download attempt (malware-other.rules) * 1:52799 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561963-0 download attempt (malware-other.rules) * 1:52800 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561930-0 download attempt (malware-other.rules) * 1:52797 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561962-0 download attempt (malware-other.rules) * 1:52798 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561929-0 download attempt (malware-other.rules) * 1:52795 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561961-0 download attempt (malware-other.rules) * 1:52796 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561928-0 download attempt (malware-other.rules) * 1:52793 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561960-0 download attempt (malware-other.rules) * 1:52794 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561927-0 download attempt (malware-other.rules) * 1:52791 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561959-0 download attempt (malware-other.rules) * 1:52792 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561926-0 download attempt (malware-other.rules) * 1:52789 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561958-0 download attempt (malware-other.rules) * 1:52790 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561925-0 download attempt (malware-other.rules) * 1:52787 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561957-0 download attempt (malware-other.rules) * 1:52788 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561924-0 download attempt (malware-other.rules) * 1:52785 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561956-0 download attempt (malware-other.rules) * 1:52786 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561923-0 download attempt (malware-other.rules) * 1:52783 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561955-0 download attempt (malware-other.rules) * 1:52784 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561922-0 download attempt (malware-other.rules) * 1:52781 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561918-0 download attempt (malware-other.rules) * 1:52782 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561954-0 download attempt (malware-other.rules) * 1:52779 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bp9m3rli-7561917-0 download attempt (malware-other.rules) * 1:52780 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561953-0 download attempt (malware-other.rules) * 1:52777 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Awvbhqli-7561916-0 download attempt (malware-other.rules) * 1:52778 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561952-0 download attempt (malware-other.rules) * 1:52775 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Asbnzfbi-7561915-0 download attempt (malware-other.rules) * 1:52776 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561951-0 download attempt (malware-other.rules) * 1:52773 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561914-0 download attempt (malware-other.rules) * 1:52774 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B1smkrbi-7561950-0 download attempt (malware-other.rules) * 1:52769 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561912-0 download attempt (malware-other.rules) * 1:52772 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561949-0 download attempt (malware-other.rules) * 1:52771 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561913-0 download attempt (malware-other.rules) * 1:52770 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561948-0 download attempt (malware-other.rules) * 1:52767 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561911-0 download attempt (malware-other.rules) * 1:52768 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561947-0 download attempt (malware-other.rules) * 1:52765 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561910-0 download attempt (malware-other.rules) * 1:52766 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561946-0 download attempt (malware-other.rules) * 1:52764 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561945-0 download attempt (malware-other.rules) * 1:52763 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561909-0 download attempt (malware-other.rules) * 1:52761 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561908-0 download attempt (malware-other.rules) * 1:52762 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561944-0 download attempt (malware-other.rules) * 1:52759 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561907-0 download attempt (malware-other.rules) * 1:52760 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561943-0 download attempt (malware-other.rules) * 1:52757 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aqtsimgi-7561906-0 download attempt (malware-other.rules) * 1:52758 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561942-0 download attempt (malware-other.rules) * 1:52755 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561940-0 download attempt (malware-other.rules) * 1:52756 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561941-0 download attempt (malware-other.rules) * 1:52753 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561904-0 download attempt (malware-other.rules) * 1:52754 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561939-0 download attempt (malware-other.rules) * 1:52751 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561902-0 download attempt (malware-other.rules) * 1:52752 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aw5uvlni-7561938-0 download attempt (malware-other.rules) * 1:52749 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561935-0 download attempt (malware-other.rules) * 1:52750 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561900-0 download attempt (malware-other.rules) * 1:52747 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561932-0 download attempt (malware-other.rules) * 1:52748 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561897-0 download attempt (malware-other.rules) * 1:52897 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agensla-7564923-0 download attempt (malware-other.rules) * 1:52898 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7564907-0 download attempt (malware-other.rules) * 1:52895 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564979-0 download attempt (malware-other.rules) * 1:52896 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564922-0 download attempt (malware-other.rules) * 1:52893 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Zpevdo-7564583-0 download attempt (malware-other.rules) * 1:52894 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564918-0 download attempt (malware-other.rules) * 1:52891 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564508-0 download attempt (malware-other.rules) * 1:52892 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564582-0 download attempt (malware-other.rules) * 1:52889 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564580-0 download attempt (malware-other.rules) * 1:52890 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564542-0 download attempt (malware-other.rules) * 1:52887 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564579-0 download attempt (malware-other.rules) * 1:52888 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564540-0 download attempt (malware-other.rules) * 1:52885 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7564577-0 download attempt (malware-other.rules) * 1:52886 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564504-0 download attempt (malware-other.rules) * 1:52883 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564501-0 download attempt (malware-other.rules) * 1:52884 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564538-0 download attempt (malware-other.rules) * 1:52881 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7564574-0 download attempt (malware-other.rules) * 1:52882 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Noon-7564575-0 download attempt (malware-other.rules) * 1:52879 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Genkryptik-7564572-0 download attempt (malware-other.rules) * 1:52880 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564573-0 download attempt (malware-other.rules) * 1:52877 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564570-0 download attempt (malware-other.rules) * 1:52878 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564571-0 download attempt (malware-other.rules) * 1:52875 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564628-0 download attempt (malware-other.rules) * 1:52876 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564569-0 download attempt (malware-other.rules) * 1:52873 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7564566-0 download attempt (malware-other.rules) * 1:52874 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564567-0 download attempt (malware-other.rules) * 1:52871 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7564564-0 download attempt (malware-other.rules) * 1:52872 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564565-0 download attempt (malware-other.rules) * 1:52869 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7564593-0 download attempt (malware-other.rules) * 1:52870 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564591-0 download attempt (malware-other.rules) * 1:52867 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564559-0 download attempt (malware-other.rules) * 1:52868 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Cwmx-7564592-0 download attempt (malware-other.rules) * 1:52865 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52866 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS server certificate public key with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52863 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561765-0 download attempt (malware-other.rules) * 1:52864 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52861 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561841-0 download attempt (malware-other.rules) * 1:52862 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561750-0 download attempt (malware-other.rules) * 1:52859 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561849-0 download attempt (malware-other.rules) * 1:52860 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561844-0 download attempt (malware-other.rules) * 1:52857 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561859-0 download attempt (malware-other.rules) * 1:52858 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561854-0 download attempt (malware-other.rules) * 1:52855 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561879-0 download attempt (malware-other.rules) * 1:52856 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561868-0 download attempt (malware-other.rules) * 1:52853 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561889-0 download attempt (malware-other.rules) * 1:52854 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561883-0 download attempt (malware-other.rules) * 1:52849 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52852 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561864-0 download attempt (malware-other.rules) * 1:52847 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52848 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52845 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52846 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52835 <-> DISABLED <-> SERVER-WEBAPP Kibana Timelion prototype pollution code execution attempt (server-webapp.rules) * 1:52844 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52833 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561937-0 download attempt (malware-other.rules) * 1:52834 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Brsjkedi-7561936-0 download attempt (malware-other.rules) * 1:52900 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Nanobot-7564916-0 download attempt (malware-other.rules) * 1:52710 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561853-0 download attempt (malware-other.rules) * 1:52708 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561851-0 download attempt (malware-other.rules) * 1:52709 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561852-0 download attempt (malware-other.rules) * 1:52706 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561848-0 download attempt (malware-other.rules) * 1:52707 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561850-0 download attempt (malware-other.rules) * 1:52704 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561846-0 download attempt (malware-other.rules) * 1:52705 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561847-0 download attempt (malware-other.rules) * 1:52702 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561843-0 download attempt (malware-other.rules) * 1:52703 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561845-0 download attempt (malware-other.rules) * 1:52700 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561840-0 download attempt (malware-other.rules) * 1:52701 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561842-0 download attempt (malware-other.rules) * 1:52698 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Bj3cyooi-7561838-0 download attempt (malware-other.rules) * 1:52699 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561839-0 download attempt (malware-other.rules) * 1:52696 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561836-0 download attempt (malware-other.rules) * 1:52697 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.St6t0pbig-7561837-0 download attempt (malware-other.rules) * 1:52694 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561834-0 download attempt (malware-other.rules) * 1:52695 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561835-0 download attempt (malware-other.rules) * 1:52692 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561740-0 download attempt (malware-other.rules) * 1:52693 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561778-0 download attempt (malware-other.rules) * 1:52690 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561770-0 download attempt (malware-other.rules) * 1:52691 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Llac-7561774-0 download attempt (malware-other.rules) * 1:52688 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Barys-7561764-0 download attempt (malware-other.rules) * 1:52689 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7561799-0 download attempt (malware-other.rules) * 1:52686 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561813-0 download attempt (malware-other.rules) * 1:52687 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561800-0 download attempt (malware-other.rules) * 1:52684 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Recam-7561435-0 download attempt (malware-other.rules) * 1:52685 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561812-0 download attempt (malware-other.rules) * 1:52682 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561287-0 download attempt (malware-other.rules) * 1:52683 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561420-0 download attempt (malware-other.rules) * 1:52680 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561252-0 download attempt (malware-other.rules) * 1:52681 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561253-0 download attempt (malware-other.rules) * 1:52678 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-7561248-0 download attempt (malware-other.rules) * 1:52679 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmalware-7561251-0 download attempt (malware-other.rules) * 1:52676 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561280-0 download attempt (malware-other.rules) * 1:52677 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561247-0 download attempt (malware-other.rules) * 1:52674 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmetagen-7561240-0 download attempt (malware-other.rules) * 1:52675 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561277-0 download attempt (malware-other.rules) * 1:52672 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561317-0 download attempt (malware-other.rules) * 1:52673 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7561238-0 download attempt (malware-other.rules) * 1:52670 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7561314-0 download attempt (malware-other.rules) * 1:52671 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561269-0 download attempt (malware-other.rules) * 1:52664 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52665 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Nymaim-7542552-1 download attempt (malware-other.rules) * 1:52662 <-> ENABLED <-> MALWARE-OTHER Citrix ADC and Gateway backdoor upload attempt (malware-other.rules) * 1:52663 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52660 <-> DISABLED <-> EXPLOIT-KIT Spelevo Exploit Kit landing page detected (exploit-kit.rules) * 1:52661 <-> ENABLED <-> MALWARE-OTHER Linux.Downloader.CoinMiner variant bash script dropper (malware-other.rules) * 1:52658 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52659 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52656 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52657 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52654 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52655 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52652 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52653 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52650 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52651 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52734 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561884-0 download attempt (malware-other.rules) * 1:52732 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561881-0 download attempt (malware-other.rules) * 1:52733 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561882-0 download attempt (malware-other.rules) * 1:52730 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.A0lxvvoi-7561878-0 download attempt (malware-other.rules) * 1:52731 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561880-0 download attempt (malware-other.rules) * 1:52728 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561876-0 download attempt (malware-other.rules) * 1:52729 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561877-0 download attempt (malware-other.rules) * 1:52726 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561874-0 download attempt (malware-other.rules) * 1:52727 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561875-0 download attempt (malware-other.rules) * 1:52724 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Npei-7561871-0 download attempt (malware-other.rules) * 1:52725 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561872-0 download attempt (malware-other.rules) * 1:52722 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561869-0 download attempt (malware-other.rules) * 1:52723 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561870-0 download attempt (malware-other.rules) * 1:52720 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561866-0 download attempt (malware-other.rules) * 1:52721 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561867-0 download attempt (malware-other.rules) * 1:52718 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561863-0 download attempt (malware-other.rules) * 1:52719 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561865-0 download attempt (malware-other.rules) * 1:52716 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561861-0 download attempt (malware-other.rules) * 1:52717 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561862-0 download attempt (malware-other.rules) * 1:52714 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561858-0 download attempt (malware-other.rules) * 1:52715 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5nng-7561860-0 download attempt (malware-other.rules) * 1:52712 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561856-0 download attempt (malware-other.rules) * 1:52713 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561857-0 download attempt (malware-other.rules) * 1:52736 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561886-0 download attempt (malware-other.rules) * 1:52746 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561898-0 download attempt (malware-other.rules) * 1:52735 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561885-0 download attempt (malware-other.rules) * 1:52739 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561890-0 download attempt (malware-other.rules) * 1:52740 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Akpmcxbi-7561891-0 download attempt (malware-other.rules) * 1:52737 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561887-0 download attempt (malware-other.rules) * 1:52738 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5ag5gli-7561888-0 download attempt (malware-other.rules) * 1:52745 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561896-0 download attempt (malware-other.rules) * 1:52743 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561894-0 download attempt (malware-other.rules) * 1:52744 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561895-0 download attempt (malware-other.rules) * 1:52741 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561892-0 download attempt (malware-other.rules) * 1:52742 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bzn9rpki-7561893-0 download attempt (malware-other.rules) * 1:52831 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562992-0 download attempt (malware-other.rules) * 1:52832 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7562086-0 download attempt (malware-other.rules) * 1:52829 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563019-0 download attempt (malware-other.rules) * 1:52830 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7563013-0 download attempt (malware-other.rules) * 1:52827 <-> DISABLED <-> SERVER-WEBAPP Tomato router web interface bruteforce scan attempt (server-webapp.rules) * 1:52904 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565079-0 download attempt (malware-other.rules) * 1:52913 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565134-0 download attempt (malware-other.rules) * 1:52909 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Noon-7565208-0 download attempt (malware-other.rules) * 1:52908 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Banload-7565273-0 download attempt (malware-other.rules) * 1:52907 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565084-0 download attempt (malware-other.rules) * 1:52906 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565083-0 download attempt (malware-other.rules) * 1:52905 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565082-0 download attempt (malware-other.rules) * 1:52912 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565324-0 download attempt (malware-other.rules) * 1:52911 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565210-0 download attempt (malware-other.rules) * 1:52910 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7565323-0 download attempt (malware-other.rules) * 1:52951 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565094-0 download attempt (malware-other.rules) * 1:52934 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565145-0 download attempt (malware-other.rules) * 1:52933 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565110-0 download attempt (malware-other.rules) * 1:52932 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565144-0 download attempt (malware-other.rules) * 1:52931 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565143-0 download attempt (malware-other.rules) * 1:52930 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565252-0 download attempt (malware-other.rules) * 1:52929 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565142-0 download attempt (malware-other.rules) * 1:52928 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565218-0 download attempt (malware-other.rules) * 1:52927 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565108-0 download attempt (malware-other.rules) * 1:52926 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565141-0 download attempt (malware-other.rules) * 1:52925 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Binder-7565283-0 download attempt (malware-other.rules) * 1:52924 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565249-0 download attempt (malware-other.rules) * 1:52923 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565216-0 download attempt (malware-other.rules) * 1:52922 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565248-0 download attempt (malware-other.rules) * 1:52921 <-> DISABLED <-> MALWARE-OTHER Win.Keylogger.Barys-7565186-0 download attempt (malware-other.rules) * 1:52920 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565105-0 download attempt (malware-other.rules) * 1:52919 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565138-0 download attempt (malware-other.rules) * 1:52918 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565185-0 download attempt (malware-other.rules) * 1:52917 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565214-0 download attempt (malware-other.rules) * 1:52916 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565104-0 download attempt (malware-other.rules) * 1:52915 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565136-0 download attempt (malware-other.rules) * 1:52914 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565135-0 download attempt (malware-other.rules) * 1:52950 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565117-0 download attempt (malware-other.rules) * 1:52949 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565298-0 download attempt (malware-other.rules) * 1:52948 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565152-0 download attempt (malware-other.rules) * 1:52947 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565116-0 download attempt (malware-other.rules) * 1:52946 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565228-0 download attempt (malware-other.rules) * 1:52945 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565151-0 download attempt (malware-other.rules) * 1:52944 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565150-0 download attempt (malware-other.rules) * 1:52943 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565091-0 download attempt (malware-other.rules) * 1:52942 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565149-0 download attempt (malware-other.rules) * 1:52941 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565148-0 download attempt (malware-other.rules) * 1:52940 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565112-0 download attempt (malware-other.rules) * 1:52939 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565224-0 download attempt (malware-other.rules) * 1:52938 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565147-0 download attempt (malware-other.rules) * 1:52937 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565146-0 download attempt (malware-other.rules) * 1:52936 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565255-0 download attempt (malware-other.rules) * 1:52935 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565254-0 download attempt (malware-other.rules) * 1:52952 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565153-0 download attempt (malware-other.rules) * 1:52957 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.U5wrugbi-7565203-0 download attempt (malware-other.rules) * 1:52956 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565265-0 download attempt (malware-other.rules) * 1:52955 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565119-0 download attempt (malware-other.rules) * 1:52954 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565118-0 download attempt (malware-other.rules) * 1:52953 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565299-0 download attempt (malware-other.rules) * 1:52958 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565303-0 download attempt (malware-other.rules) * 1:52963 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Razy-7565394-0 download attempt (malware-other.rules) * 1:52962 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Rombrast-7565393-0 download attempt (malware-other.rules) * 1:52961 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Poison-7565378-0 download attempt (malware-other.rules) * 1:52960 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565375-0 download attempt (malware-other.rules) * 1:52959 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565352-0 download attempt (malware-other.rules) * 1:52968 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565401-0 download attempt (malware-other.rules) * 1:52967 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565437-0 download attempt (malware-other.rules) * 1:52966 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Dapato-7565398-0 download attempt (malware-other.rules) * 1:52965 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565535-0 download attempt (malware-other.rules) * 1:52964 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Vbtrojan-7565395-0 download attempt (malware-other.rules) * 1:52899 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564912-0 download attempt (malware-other.rules) * 1:52980 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7565731-0 download attempt (malware-other.rules) * 1:52979 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565370-0 download attempt (malware-other.rules) * 1:52978 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565522-0 download attempt (malware-other.rules) * 1:52977 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565453-0 download attempt (malware-other.rules) * 1:52976 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Jaik-7565368-0 download attempt (malware-other.rules) * 1:52975 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Azorult-7565367-0 download attempt (malware-other.rules) * 1:52974 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Jaiks-7565588-0 download attempt (malware-other.rules) * 1:52973 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Impolite-7565549-0 download attempt (malware-other.rules) * 1:52972 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Barys-7565547-0 download attempt (malware-other.rules) * 1:52971 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ursu-7565633-0 download attempt (malware-other.rules) * 1:52970 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Palevo-7565441-0 download attempt (malware-other.rules) * 1:52969 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565402-0 download attempt (malware-other.rules) * 1:52903 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565078-0 download attempt (malware-other.rules) * 1:52901 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565074-0 download attempt (malware-other.rules) * 1:52902 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565076-0 download attempt (malware-other.rules) * 3:52819 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52843 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52842 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52840 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52841 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52838 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52839 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52836 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52837 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52818 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52668 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52669 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52666 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52667 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules)
* 1:43849 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman RestoreZipFile opcode command injection attempt (server-other.rules) * 1:49182 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:45673 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:49183 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:45674 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52619 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS handshake with spoofed certificate attempt (os-windows.rules) * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:46935 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNSAPI remote code execution attempt (os-windows.rules) * 3:52629 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules) * 3:52632 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091300.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:52921 <-> DISABLED <-> MALWARE-OTHER Win.Keylogger.Barys-7565186-0 download attempt (malware-other.rules) * 1:52963 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Razy-7565394-0 download attempt (malware-other.rules) * 1:52962 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Rombrast-7565393-0 download attempt (malware-other.rules) * 1:52960 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565375-0 download attempt (malware-other.rules) * 1:52961 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Poison-7565378-0 download attempt (malware-other.rules) * 1:52684 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Recam-7561435-0 download attempt (malware-other.rules) * 1:52660 <-> DISABLED <-> EXPLOIT-KIT Spelevo Exploit Kit landing page detected (exploit-kit.rules) * 1:52663 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52661 <-> ENABLED <-> MALWARE-OTHER Linux.Downloader.CoinMiner variant bash script dropper (malware-other.rules) * 1:52662 <-> ENABLED <-> MALWARE-OTHER Citrix ADC and Gateway backdoor upload attempt (malware-other.rules) * 1:52656 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52659 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52657 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52658 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52655 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52652 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52653 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52654 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52651 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52650 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52687 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561800-0 download attempt (malware-other.rules) * 1:52685 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561812-0 download attempt (malware-other.rules) * 1:52686 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561813-0 download attempt (malware-other.rules) * 1:52683 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561420-0 download attempt (malware-other.rules) * 1:52680 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561252-0 download attempt (malware-other.rules) * 1:52681 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561253-0 download attempt (malware-other.rules) * 1:52682 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561287-0 download attempt (malware-other.rules) * 1:52679 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmalware-7561251-0 download attempt (malware-other.rules) * 1:52676 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561280-0 download attempt (malware-other.rules) * 1:52677 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561247-0 download attempt (malware-other.rules) * 1:52678 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-7561248-0 download attempt (malware-other.rules) * 1:52675 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561277-0 download attempt (malware-other.rules) * 1:52672 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561317-0 download attempt (malware-other.rules) * 1:52673 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7561238-0 download attempt (malware-other.rules) * 1:52674 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmetagen-7561240-0 download attempt (malware-other.rules) * 1:52671 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561269-0 download attempt (malware-other.rules) * 1:52664 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52665 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Nymaim-7542552-1 download attempt (malware-other.rules) * 1:52670 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7561314-0 download attempt (malware-other.rules) * 1:52691 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Llac-7561774-0 download attempt (malware-other.rules) * 1:52689 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7561799-0 download attempt (malware-other.rules) * 1:52690 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561770-0 download attempt (malware-other.rules) * 1:52714 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561858-0 download attempt (malware-other.rules) * 1:52710 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561853-0 download attempt (malware-other.rules) * 1:52711 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561855-0 download attempt (malware-other.rules) * 1:52704 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561846-0 download attempt (malware-other.rules) * 1:52709 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561852-0 download attempt (malware-other.rules) * 1:52706 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561848-0 download attempt (malware-other.rules) * 1:52707 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561850-0 download attempt (malware-other.rules) * 1:52700 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561840-0 download attempt (malware-other.rules) * 1:52705 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561847-0 download attempt (malware-other.rules) * 1:52702 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561843-0 download attempt (malware-other.rules) * 1:52703 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561845-0 download attempt (malware-other.rules) * 1:52696 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561836-0 download attempt (malware-other.rules) * 1:52701 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561842-0 download attempt (malware-other.rules) * 1:52698 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Bj3cyooi-7561838-0 download attempt (malware-other.rules) * 1:52699 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561839-0 download attempt (malware-other.rules) * 1:52692 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561740-0 download attempt (malware-other.rules) * 1:52697 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.St6t0pbig-7561837-0 download attempt (malware-other.rules) * 1:52694 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561834-0 download attempt (malware-other.rules) * 1:52695 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561835-0 download attempt (malware-other.rules) * 1:52688 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Barys-7561764-0 download attempt (malware-other.rules) * 1:52693 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561778-0 download attempt (malware-other.rules) * 1:52713 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561857-0 download attempt (malware-other.rules) * 1:52712 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561856-0 download attempt (malware-other.rules) * 1:52708 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561851-0 download attempt (malware-other.rules) * 1:52718 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561863-0 download attempt (malware-other.rules) * 1:52715 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5nng-7561860-0 download attempt (malware-other.rules) * 1:52716 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561861-0 download attempt (malware-other.rules) * 1:52717 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561862-0 download attempt (malware-other.rules) * 1:52722 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561869-0 download attempt (malware-other.rules) * 1:52719 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561865-0 download attempt (malware-other.rules) * 1:52720 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561866-0 download attempt (malware-other.rules) * 1:52721 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561867-0 download attempt (malware-other.rules) * 1:52727 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561875-0 download attempt (malware-other.rules) * 1:52723 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561870-0 download attempt (malware-other.rules) * 1:52725 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561872-0 download attempt (malware-other.rules) * 1:52726 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561874-0 download attempt (malware-other.rules) * 1:52889 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564580-0 download attempt (malware-other.rules) * 1:52810 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Fareit-7562081-0 download attempt (malware-other.rules) * 1:52811 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563016-0 download attempt (malware-other.rules) * 1:52804 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562095-0 download attempt (malware-other.rules) * 1:52809 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Scar-7562041-0 download attempt (malware-other.rules) * 1:52806 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7562065-0 download attempt (malware-other.rules) * 1:52807 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Tofsee-7562099-0 download attempt (malware-other.rules) * 1:52800 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561930-0 download attempt (malware-other.rules) * 1:52805 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7562098-0 download attempt (malware-other.rules) * 1:52802 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bdksyxs-7561931-0 download attempt (malware-other.rules) * 1:52803 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562089-0 download attempt (malware-other.rules) * 1:52796 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561928-0 download attempt (malware-other.rules) * 1:52801 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561964-0 download attempt (malware-other.rules) * 1:52798 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561929-0 download attempt (malware-other.rules) * 1:52799 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561963-0 download attempt (malware-other.rules) * 1:52792 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561926-0 download attempt (malware-other.rules) * 1:52797 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561962-0 download attempt (malware-other.rules) * 1:52794 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561927-0 download attempt (malware-other.rules) * 1:52795 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561961-0 download attempt (malware-other.rules) * 1:52790 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561925-0 download attempt (malware-other.rules) * 1:52793 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561960-0 download attempt (malware-other.rules) * 1:52788 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561924-0 download attempt (malware-other.rules) * 1:52791 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561959-0 download attempt (malware-other.rules) * 1:52784 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561922-0 download attempt (malware-other.rules) * 1:52789 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561958-0 download attempt (malware-other.rules) * 1:52786 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561923-0 download attempt (malware-other.rules) * 1:52787 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561957-0 download attempt (malware-other.rules) * 1:52785 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561956-0 download attempt (malware-other.rules) * 1:52780 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561953-0 download attempt (malware-other.rules) * 1:52782 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561954-0 download attempt (malware-other.rules) * 1:52783 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561955-0 download attempt (malware-other.rules) * 1:52776 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561951-0 download attempt (malware-other.rules) * 1:52781 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561918-0 download attempt (malware-other.rules) * 1:52778 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561952-0 download attempt (malware-other.rules) * 1:52779 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bp9m3rli-7561917-0 download attempt (malware-other.rules) * 1:52772 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561949-0 download attempt (malware-other.rules) * 1:52777 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Awvbhqli-7561916-0 download attempt (malware-other.rules) * 1:52774 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B1smkrbi-7561950-0 download attempt (malware-other.rules) * 1:52775 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Asbnzfbi-7561915-0 download attempt (malware-other.rules) * 1:52768 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561947-0 download attempt (malware-other.rules) * 1:52773 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561914-0 download attempt (malware-other.rules) * 1:52770 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561948-0 download attempt (malware-other.rules) * 1:52771 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561913-0 download attempt (malware-other.rules) * 1:52764 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561945-0 download attempt (malware-other.rules) * 1:52769 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561912-0 download attempt (malware-other.rules) * 1:52766 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561946-0 download attempt (malware-other.rules) * 1:52767 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561911-0 download attempt (malware-other.rules) * 1:52760 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561943-0 download attempt (malware-other.rules) * 1:52765 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561910-0 download attempt (malware-other.rules) * 1:52762 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561944-0 download attempt (malware-other.rules) * 1:52763 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561909-0 download attempt (malware-other.rules) * 1:52756 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561941-0 download attempt (malware-other.rules) * 1:52761 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561908-0 download attempt (malware-other.rules) * 1:52758 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561942-0 download attempt (malware-other.rules) * 1:52759 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561907-0 download attempt (malware-other.rules) * 1:52752 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aw5uvlni-7561938-0 download attempt (malware-other.rules) * 1:52757 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aqtsimgi-7561906-0 download attempt (malware-other.rules) * 1:52754 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561939-0 download attempt (malware-other.rules) * 1:52755 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561940-0 download attempt (malware-other.rules) * 1:52748 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561897-0 download attempt (malware-other.rules) * 1:52753 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561904-0 download attempt (malware-other.rules) * 1:52750 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561900-0 download attempt (malware-other.rules) * 1:52751 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561902-0 download attempt (malware-other.rules) * 1:52744 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561895-0 download attempt (malware-other.rules) * 1:52749 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561935-0 download attempt (malware-other.rules) * 1:52746 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561898-0 download attempt (malware-other.rules) * 1:52747 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561932-0 download attempt (malware-other.rules) * 1:52740 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Akpmcxbi-7561891-0 download attempt (malware-other.rules) * 1:52745 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561896-0 download attempt (malware-other.rules) * 1:52742 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bzn9rpki-7561893-0 download attempt (malware-other.rules) * 1:52743 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561894-0 download attempt (malware-other.rules) * 1:52736 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561886-0 download attempt (malware-other.rules) * 1:52741 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561892-0 download attempt (malware-other.rules) * 1:52738 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5ag5gli-7561888-0 download attempt (malware-other.rules) * 1:52739 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561890-0 download attempt (malware-other.rules) * 1:52737 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561887-0 download attempt (malware-other.rules) * 1:52732 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561881-0 download attempt (malware-other.rules) * 1:52734 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561884-0 download attempt (malware-other.rules) * 1:52735 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561885-0 download attempt (malware-other.rules) * 1:52728 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561876-0 download attempt (malware-other.rules) * 1:52733 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561882-0 download attempt (malware-other.rules) * 1:52730 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.A0lxvvoi-7561878-0 download attempt (malware-other.rules) * 1:52731 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561880-0 download attempt (malware-other.rules) * 1:52724 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Npei-7561871-0 download attempt (malware-other.rules) * 1:52729 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561877-0 download attempt (malware-other.rules) * 1:52884 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564538-0 download attempt (malware-other.rules) * 1:52886 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564504-0 download attempt (malware-other.rules) * 1:52887 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564579-0 download attempt (malware-other.rules) * 1:52880 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564573-0 download attempt (malware-other.rules) * 1:52885 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7564577-0 download attempt (malware-other.rules) * 1:52882 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Noon-7564575-0 download attempt (malware-other.rules) * 1:52883 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564501-0 download attempt (malware-other.rules) * 1:52876 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564569-0 download attempt (malware-other.rules) * 1:52881 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7564574-0 download attempt (malware-other.rules) * 1:52878 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564571-0 download attempt (malware-other.rules) * 1:52879 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Genkryptik-7564572-0 download attempt (malware-other.rules) * 1:52872 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564565-0 download attempt (malware-other.rules) * 1:52877 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564570-0 download attempt (malware-other.rules) * 1:52874 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564567-0 download attempt (malware-other.rules) * 1:52875 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564628-0 download attempt (malware-other.rules) * 1:52868 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Cwmx-7564592-0 download attempt (malware-other.rules) * 1:52873 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7564566-0 download attempt (malware-other.rules) * 1:52870 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564591-0 download attempt (malware-other.rules) * 1:52871 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7564564-0 download attempt (malware-other.rules) * 1:52864 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52869 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7564593-0 download attempt (malware-other.rules) * 1:52866 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS server certificate public key with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52867 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564559-0 download attempt (malware-other.rules) * 1:52860 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561844-0 download attempt (malware-other.rules) * 1:52865 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52862 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561750-0 download attempt (malware-other.rules) * 1:52863 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561765-0 download attempt (malware-other.rules) * 1:52856 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561868-0 download attempt (malware-other.rules) * 1:52861 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561841-0 download attempt (malware-other.rules) * 1:52858 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561854-0 download attempt (malware-other.rules) * 1:52859 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561849-0 download attempt (malware-other.rules) * 1:52852 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561864-0 download attempt (malware-other.rules) * 1:52857 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561859-0 download attempt (malware-other.rules) * 1:52854 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561883-0 download attempt (malware-other.rules) * 1:52855 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561879-0 download attempt (malware-other.rules) * 1:52846 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52853 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561889-0 download attempt (malware-other.rules) * 1:52848 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52849 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52834 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Brsjkedi-7561936-0 download attempt (malware-other.rules) * 1:52847 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52844 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52845 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52830 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7563013-0 download attempt (malware-other.rules) * 1:52835 <-> DISABLED <-> SERVER-WEBAPP Kibana Timelion prototype pollution code execution attempt (server-webapp.rules) * 1:52832 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7562086-0 download attempt (malware-other.rules) * 1:52833 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561937-0 download attempt (malware-other.rules) * 1:52826 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52831 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562992-0 download attempt (malware-other.rules) * 1:52828 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7561648-0 download attempt (malware-other.rules) * 1:52829 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563019-0 download attempt (malware-other.rules) * 1:52822 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default root credentials detected (policy-other.rules) * 1:52827 <-> DISABLED <-> SERVER-WEBAPP Tomato router web interface bruteforce scan attempt (server-webapp.rules) * 1:52824 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Muhstik variant IRC outbound connection (malware-cnc.rules) * 1:52825 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52816 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562998-0 download attempt (malware-other.rules) * 1:52823 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default admin credentials detected (policy-other.rules) * 1:52820 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52821 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52812 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7563014-0 download attempt (malware-other.rules) * 1:52817 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564432-0 download attempt (malware-other.rules) * 1:52814 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Clipbanker-7562988-0 download attempt (malware-other.rules) * 1:52815 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Generickdz-7563017-0 download attempt (malware-other.rules) * 1:52808 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Scar-7562034-0 download attempt (malware-other.rules) * 1:52813 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7562991-0 download attempt (malware-other.rules) * 1:52888 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564540-0 download attempt (malware-other.rules) * 1:52890 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564542-0 download attempt (malware-other.rules) * 1:52891 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564508-0 download attempt (malware-other.rules) * 1:52894 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564918-0 download attempt (malware-other.rules) * 1:52893 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Zpevdo-7564583-0 download attempt (malware-other.rules) * 1:52969 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565402-0 download attempt (malware-other.rules) * 1:52970 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Palevo-7565441-0 download attempt (malware-other.rules) * 1:52971 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ursu-7565633-0 download attempt (malware-other.rules) * 1:52972 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Barys-7565547-0 download attempt (malware-other.rules) * 1:52973 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Impolite-7565549-0 download attempt (malware-other.rules) * 1:52974 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Jaiks-7565588-0 download attempt (malware-other.rules) * 1:52975 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Azorult-7565367-0 download attempt (malware-other.rules) * 1:52976 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Jaik-7565368-0 download attempt (malware-other.rules) * 1:52977 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565453-0 download attempt (malware-other.rules) * 1:52978 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565522-0 download attempt (malware-other.rules) * 1:52979 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565370-0 download attempt (malware-other.rules) * 1:52980 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7565731-0 download attempt (malware-other.rules) * 1:52902 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565076-0 download attempt (malware-other.rules) * 1:52903 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565078-0 download attempt (malware-other.rules) * 1:52900 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Nanobot-7564916-0 download attempt (malware-other.rules) * 1:52901 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565074-0 download attempt (malware-other.rules) * 1:52899 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564912-0 download attempt (malware-other.rules) * 1:52896 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564922-0 download attempt (malware-other.rules) * 1:52897 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agensla-7564923-0 download attempt (malware-other.rules) * 1:52898 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7564907-0 download attempt (malware-other.rules) * 1:52895 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564979-0 download attempt (malware-other.rules) * 1:52892 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564582-0 download attempt (malware-other.rules) * 1:52968 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565401-0 download attempt (malware-other.rules) * 1:52909 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Noon-7565208-0 download attempt (malware-other.rules) * 1:52930 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565252-0 download attempt (malware-other.rules) * 1:52925 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Binder-7565283-0 download attempt (malware-other.rules) * 1:52959 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565352-0 download attempt (malware-other.rules) * 1:52918 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565185-0 download attempt (malware-other.rules) * 1:52937 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565146-0 download attempt (malware-other.rules) * 1:52949 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565298-0 download attempt (malware-other.rules) * 1:52939 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565224-0 download attempt (malware-other.rules) * 1:52917 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565214-0 download attempt (malware-other.rules) * 1:52951 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565094-0 download attempt (malware-other.rules) * 1:52947 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565116-0 download attempt (malware-other.rules) * 1:52941 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565148-0 download attempt (malware-other.rules) * 1:52911 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565210-0 download attempt (malware-other.rules) * 1:52956 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565265-0 download attempt (malware-other.rules) * 1:52922 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565248-0 download attempt (malware-other.rules) * 1:52913 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565134-0 download attempt (malware-other.rules) * 1:52926 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565141-0 download attempt (malware-other.rules) * 1:52914 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565135-0 download attempt (malware-other.rules) * 1:52927 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565108-0 download attempt (malware-other.rules) * 1:52908 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Banload-7565273-0 download attempt (malware-other.rules) * 1:52943 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565091-0 download attempt (malware-other.rules) * 1:52916 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565104-0 download attempt (malware-other.rules) * 1:52938 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565147-0 download attempt (malware-other.rules) * 1:52952 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565153-0 download attempt (malware-other.rules) * 1:52920 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565105-0 download attempt (malware-other.rules) * 1:52915 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565136-0 download attempt (malware-other.rules) * 1:52957 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.U5wrugbi-7565203-0 download attempt (malware-other.rules) * 1:52942 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565149-0 download attempt (malware-other.rules) * 1:52932 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565144-0 download attempt (malware-other.rules) * 1:52944 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565150-0 download attempt (malware-other.rules) * 1:52928 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565218-0 download attempt (malware-other.rules) * 1:52906 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565083-0 download attempt (malware-other.rules) * 1:52933 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565110-0 download attempt (malware-other.rules) * 1:52954 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565118-0 download attempt (malware-other.rules) * 1:52910 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7565323-0 download attempt (malware-other.rules) * 1:52912 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565324-0 download attempt (malware-other.rules) * 1:52950 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565117-0 download attempt (malware-other.rules) * 1:52940 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565112-0 download attempt (malware-other.rules) * 1:52931 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565143-0 download attempt (malware-other.rules) * 1:52919 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565138-0 download attempt (malware-other.rules) * 1:52905 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565082-0 download attempt (malware-other.rules) * 1:52953 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565299-0 download attempt (malware-other.rules) * 1:52948 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565152-0 download attempt (malware-other.rules) * 1:52923 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565216-0 download attempt (malware-other.rules) * 1:52935 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565254-0 download attempt (malware-other.rules) * 1:52907 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565084-0 download attempt (malware-other.rules) * 1:52929 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565142-0 download attempt (malware-other.rules) * 1:52958 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565303-0 download attempt (malware-other.rules) * 1:52946 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565228-0 download attempt (malware-other.rules) * 1:52945 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565151-0 download attempt (malware-other.rules) * 1:52936 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565255-0 download attempt (malware-other.rules) * 1:52955 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565119-0 download attempt (malware-other.rules) * 1:52924 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565249-0 download attempt (malware-other.rules) * 1:52934 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565145-0 download attempt (malware-other.rules) * 1:52965 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565535-0 download attempt (malware-other.rules) * 1:52967 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565437-0 download attempt (malware-other.rules) * 1:52966 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Dapato-7565398-0 download attempt (malware-other.rules) * 1:52964 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Vbtrojan-7565395-0 download attempt (malware-other.rules) * 1:52904 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565079-0 download attempt (malware-other.rules) * 3:52851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52841 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52842 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52843 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52840 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52836 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52838 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52839 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52837 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52668 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52818 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52819 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52669 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52667 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52666 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules)
* 1:49182 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:43849 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman RestoreZipFile opcode command injection attempt (server-other.rules) * 1:45673 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:49183 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:46935 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNSAPI remote code execution attempt (os-windows.rules) * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52619 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS handshake with spoofed certificate attempt (os-windows.rules) * 1:45674 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 3:52629 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules) * 3:52632 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:52912 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565324-0 download attempt (malware-other.rules) * 1:52966 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Dapato-7565398-0 download attempt (malware-other.rules) * 1:52761 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561908-0 download attempt (malware-other.rules) * 1:52694 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561834-0 download attempt (malware-other.rules) * 1:52699 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561839-0 download attempt (malware-other.rules) * 1:52696 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561836-0 download attempt (malware-other.rules) * 1:52693 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561778-0 download attempt (malware-other.rules) * 1:52690 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561770-0 download attempt (malware-other.rules) * 1:52695 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561835-0 download attempt (malware-other.rules) * 1:52692 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561740-0 download attempt (malware-other.rules) * 1:52689 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7561799-0 download attempt (malware-other.rules) * 1:52686 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561813-0 download attempt (malware-other.rules) * 1:52691 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Llac-7561774-0 download attempt (malware-other.rules) * 1:52688 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Barys-7561764-0 download attempt (malware-other.rules) * 1:52685 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561812-0 download attempt (malware-other.rules) * 1:52682 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561287-0 download attempt (malware-other.rules) * 1:52687 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561800-0 download attempt (malware-other.rules) * 1:52684 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Recam-7561435-0 download attempt (malware-other.rules) * 1:52681 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561253-0 download attempt (malware-other.rules) * 1:52678 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-7561248-0 download attempt (malware-other.rules) * 1:52683 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561420-0 download attempt (malware-other.rules) * 1:52680 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561252-0 download attempt (malware-other.rules) * 1:52677 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561247-0 download attempt (malware-other.rules) * 1:52674 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmetagen-7561240-0 download attempt (malware-other.rules) * 1:52679 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmalware-7561251-0 download attempt (malware-other.rules) * 1:52676 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561280-0 download attempt (malware-other.rules) * 1:52673 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7561238-0 download attempt (malware-other.rules) * 1:52670 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7561314-0 download attempt (malware-other.rules) * 1:52675 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561277-0 download attempt (malware-other.rules) * 1:52672 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561317-0 download attempt (malware-other.rules) * 1:52665 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Nymaim-7542552-1 download attempt (malware-other.rules) * 1:52662 <-> ENABLED <-> MALWARE-OTHER Citrix ADC and Gateway backdoor upload attempt (malware-other.rules) * 1:52671 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561269-0 download attempt (malware-other.rules) * 1:52664 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52661 <-> ENABLED <-> MALWARE-OTHER Linux.Downloader.CoinMiner variant bash script dropper (malware-other.rules) * 1:52658 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52663 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52660 <-> DISABLED <-> EXPLOIT-KIT Spelevo Exploit Kit landing page detected (exploit-kit.rules) * 1:52657 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52654 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52659 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52656 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52653 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52650 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52655 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52652 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52651 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52764 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561945-0 download attempt (malware-other.rules) * 1:52758 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561942-0 download attempt (malware-other.rules) * 1:52763 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561909-0 download attempt (malware-other.rules) * 1:52760 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561943-0 download attempt (malware-other.rules) * 1:52757 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aqtsimgi-7561906-0 download attempt (malware-other.rules) * 1:52754 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561939-0 download attempt (malware-other.rules) * 1:52759 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561907-0 download attempt (malware-other.rules) * 1:52756 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561941-0 download attempt (malware-other.rules) * 1:52753 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561904-0 download attempt (malware-other.rules) * 1:52750 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561900-0 download attempt (malware-other.rules) * 1:52755 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561940-0 download attempt (malware-other.rules) * 1:52752 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aw5uvlni-7561938-0 download attempt (malware-other.rules) * 1:52749 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561935-0 download attempt (malware-other.rules) * 1:52746 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561898-0 download attempt (malware-other.rules) * 1:52751 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561902-0 download attempt (malware-other.rules) * 1:52748 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561897-0 download attempt (malware-other.rules) * 1:52745 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561896-0 download attempt (malware-other.rules) * 1:52742 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bzn9rpki-7561893-0 download attempt (malware-other.rules) * 1:52747 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561932-0 download attempt (malware-other.rules) * 1:52744 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561895-0 download attempt (malware-other.rules) * 1:52741 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561892-0 download attempt (malware-other.rules) * 1:52738 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5ag5gli-7561888-0 download attempt (malware-other.rules) * 1:52743 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561894-0 download attempt (malware-other.rules) * 1:52740 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Akpmcxbi-7561891-0 download attempt (malware-other.rules) * 1:52737 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561887-0 download attempt (malware-other.rules) * 1:52734 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561884-0 download attempt (malware-other.rules) * 1:52739 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561890-0 download attempt (malware-other.rules) * 1:52736 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561886-0 download attempt (malware-other.rules) * 1:52733 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561882-0 download attempt (malware-other.rules) * 1:52730 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.A0lxvvoi-7561878-0 download attempt (malware-other.rules) * 1:52735 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561885-0 download attempt (malware-other.rules) * 1:52732 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561881-0 download attempt (malware-other.rules) * 1:52729 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561877-0 download attempt (malware-other.rules) * 1:52726 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561874-0 download attempt (malware-other.rules) * 1:52731 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561880-0 download attempt (malware-other.rules) * 1:52728 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561876-0 download attempt (malware-other.rules) * 1:52725 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561872-0 download attempt (malware-other.rules) * 1:52722 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561869-0 download attempt (malware-other.rules) * 1:52727 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561875-0 download attempt (malware-other.rules) * 1:52724 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Npei-7561871-0 download attempt (malware-other.rules) * 1:52721 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561867-0 download attempt (malware-other.rules) * 1:52718 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561863-0 download attempt (malware-other.rules) * 1:52723 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561870-0 download attempt (malware-other.rules) * 1:52720 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561866-0 download attempt (malware-other.rules) * 1:52717 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561862-0 download attempt (malware-other.rules) * 1:52714 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561858-0 download attempt (malware-other.rules) * 1:52719 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561865-0 download attempt (malware-other.rules) * 1:52716 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561861-0 download attempt (malware-other.rules) * 1:52713 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561857-0 download attempt (malware-other.rules) * 1:52710 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561853-0 download attempt (malware-other.rules) * 1:52715 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5nng-7561860-0 download attempt (malware-other.rules) * 1:52712 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561856-0 download attempt (malware-other.rules) * 1:52709 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561852-0 download attempt (malware-other.rules) * 1:52706 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561848-0 download attempt (malware-other.rules) * 1:52711 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561855-0 download attempt (malware-other.rules) * 1:52708 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561851-0 download attempt (malware-other.rules) * 1:52705 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561847-0 download attempt (malware-other.rules) * 1:52702 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561843-0 download attempt (malware-other.rules) * 1:52707 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561850-0 download attempt (malware-other.rules) * 1:52704 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561846-0 download attempt (malware-other.rules) * 1:52701 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561842-0 download attempt (malware-other.rules) * 1:52698 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Bj3cyooi-7561838-0 download attempt (malware-other.rules) * 1:52703 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561845-0 download attempt (malware-other.rules) * 1:52700 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561840-0 download attempt (malware-other.rules) * 1:52697 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.St6t0pbig-7561837-0 download attempt (malware-other.rules) * 1:52768 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561947-0 download attempt (malware-other.rules) * 1:52762 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561944-0 download attempt (malware-other.rules) * 1:52767 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561911-0 download attempt (malware-other.rules) * 1:52769 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561912-0 download attempt (malware-other.rules) * 1:52771 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561913-0 download attempt (malware-other.rules) * 1:52772 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561949-0 download attempt (malware-other.rules) * 1:52765 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561910-0 download attempt (malware-other.rules) * 1:52766 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561946-0 download attempt (malware-other.rules) * 1:52775 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Asbnzfbi-7561915-0 download attempt (malware-other.rules) * 1:52773 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561914-0 download attempt (malware-other.rules) * 1:52770 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561948-0 download attempt (malware-other.rules) * 1:52897 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agensla-7564923-0 download attempt (malware-other.rules) * 1:52776 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561951-0 download attempt (malware-other.rules) * 1:52854 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561883-0 download attempt (malware-other.rules) * 1:52859 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561849-0 download attempt (malware-other.rules) * 1:52853 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561889-0 download attempt (malware-other.rules) * 1:52856 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561868-0 download attempt (malware-other.rules) * 1:52848 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52855 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561879-0 download attempt (malware-other.rules) * 1:52852 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561864-0 download attempt (malware-other.rules) * 1:52847 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52844 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52849 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52846 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52835 <-> DISABLED <-> SERVER-WEBAPP Kibana Timelion prototype pollution code execution attempt (server-webapp.rules) * 1:52832 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7562086-0 download attempt (malware-other.rules) * 1:52845 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52834 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Brsjkedi-7561936-0 download attempt (malware-other.rules) * 1:52831 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562992-0 download attempt (malware-other.rules) * 1:52828 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7561648-0 download attempt (malware-other.rules) * 1:52833 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561937-0 download attempt (malware-other.rules) * 1:52830 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7563013-0 download attempt (malware-other.rules) * 1:52827 <-> DISABLED <-> SERVER-WEBAPP Tomato router web interface bruteforce scan attempt (server-webapp.rules) * 1:52824 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Muhstik variant IRC outbound connection (malware-cnc.rules) * 1:52829 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563019-0 download attempt (malware-other.rules) * 1:52826 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52823 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default admin credentials detected (policy-other.rules) * 1:52820 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52825 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52822 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default root credentials detected (policy-other.rules) * 1:52817 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564432-0 download attempt (malware-other.rules) * 1:52814 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Clipbanker-7562988-0 download attempt (malware-other.rules) * 1:52821 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52816 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562998-0 download attempt (malware-other.rules) * 1:52813 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7562991-0 download attempt (malware-other.rules) * 1:52810 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Fareit-7562081-0 download attempt (malware-other.rules) * 1:52815 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Generickdz-7563017-0 download attempt (malware-other.rules) * 1:52812 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7563014-0 download attempt (malware-other.rules) * 1:52809 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Scar-7562041-0 download attempt (malware-other.rules) * 1:52806 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7562065-0 download attempt (malware-other.rules) * 1:52811 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563016-0 download attempt (malware-other.rules) * 1:52808 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Scar-7562034-0 download attempt (malware-other.rules) * 1:52805 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7562098-0 download attempt (malware-other.rules) * 1:52802 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bdksyxs-7561931-0 download attempt (malware-other.rules) * 1:52807 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Tofsee-7562099-0 download attempt (malware-other.rules) * 1:52804 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562095-0 download attempt (malware-other.rules) * 1:52801 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561964-0 download attempt (malware-other.rules) * 1:52798 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561929-0 download attempt (malware-other.rules) * 1:52803 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562089-0 download attempt (malware-other.rules) * 1:52800 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561930-0 download attempt (malware-other.rules) * 1:52797 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561962-0 download attempt (malware-other.rules) * 1:52794 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561927-0 download attempt (malware-other.rules) * 1:52799 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561963-0 download attempt (malware-other.rules) * 1:52793 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561960-0 download attempt (malware-other.rules) * 1:52796 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561928-0 download attempt (malware-other.rules) * 1:52790 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561925-0 download attempt (malware-other.rules) * 1:52795 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561961-0 download attempt (malware-other.rules) * 1:52792 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561926-0 download attempt (malware-other.rules) * 1:52789 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561958-0 download attempt (malware-other.rules) * 1:52786 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561923-0 download attempt (malware-other.rules) * 1:52791 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561959-0 download attempt (malware-other.rules) * 1:52788 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561924-0 download attempt (malware-other.rules) * 1:52785 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561956-0 download attempt (malware-other.rules) * 1:52782 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561954-0 download attempt (malware-other.rules) * 1:52787 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561957-0 download attempt (malware-other.rules) * 1:52784 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561922-0 download attempt (malware-other.rules) * 1:52781 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561918-0 download attempt (malware-other.rules) * 1:52778 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561952-0 download attempt (malware-other.rules) * 1:52783 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561955-0 download attempt (malware-other.rules) * 1:52780 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561953-0 download attempt (malware-other.rules) * 1:52777 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Awvbhqli-7561916-0 download attempt (malware-other.rules) * 1:52774 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B1smkrbi-7561950-0 download attempt (malware-other.rules) * 1:52779 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bp9m3rli-7561917-0 download attempt (malware-other.rules) * 1:52900 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Nanobot-7564916-0 download attempt (malware-other.rules) * 1:52894 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564918-0 download attempt (malware-other.rules) * 1:52899 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564912-0 download attempt (malware-other.rules) * 1:52896 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564922-0 download attempt (malware-other.rules) * 1:52893 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Zpevdo-7564583-0 download attempt (malware-other.rules) * 1:52890 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564542-0 download attempt (malware-other.rules) * 1:52895 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564979-0 download attempt (malware-other.rules) * 1:52892 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564582-0 download attempt (malware-other.rules) * 1:52889 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564580-0 download attempt (malware-other.rules) * 1:52886 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564504-0 download attempt (malware-other.rules) * 1:52891 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564508-0 download attempt (malware-other.rules) * 1:52888 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564540-0 download attempt (malware-other.rules) * 1:52885 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7564577-0 download attempt (malware-other.rules) * 1:52882 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Noon-7564575-0 download attempt (malware-other.rules) * 1:52887 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564579-0 download attempt (malware-other.rules) * 1:52884 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564538-0 download attempt (malware-other.rules) * 1:52881 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7564574-0 download attempt (malware-other.rules) * 1:52878 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564571-0 download attempt (malware-other.rules) * 1:52883 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564501-0 download attempt (malware-other.rules) * 1:52880 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564573-0 download attempt (malware-other.rules) * 1:52877 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564570-0 download attempt (malware-other.rules) * 1:52874 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564567-0 download attempt (malware-other.rules) * 1:52879 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Genkryptik-7564572-0 download attempt (malware-other.rules) * 1:52876 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564569-0 download attempt (malware-other.rules) * 1:52873 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7564566-0 download attempt (malware-other.rules) * 1:52870 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564591-0 download attempt (malware-other.rules) * 1:52875 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564628-0 download attempt (malware-other.rules) * 1:52872 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564565-0 download attempt (malware-other.rules) * 1:52869 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7564593-0 download attempt (malware-other.rules) * 1:52866 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS server certificate public key with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52871 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7564564-0 download attempt (malware-other.rules) * 1:52868 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Cwmx-7564592-0 download attempt (malware-other.rules) * 1:52865 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52862 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561750-0 download attempt (malware-other.rules) * 1:52867 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564559-0 download attempt (malware-other.rules) * 1:52864 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52861 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561841-0 download attempt (malware-other.rules) * 1:52858 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561854-0 download attempt (malware-other.rules) * 1:52863 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561765-0 download attempt (malware-other.rules) * 1:52860 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561844-0 download attempt (malware-other.rules) * 1:52857 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561859-0 download attempt (malware-other.rules) * 1:52903 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565078-0 download attempt (malware-other.rules) * 1:52901 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565074-0 download attempt (malware-other.rules) * 1:52898 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7564907-0 download attempt (malware-other.rules) * 1:52902 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565076-0 download attempt (malware-other.rules) * 1:52971 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ursu-7565633-0 download attempt (malware-other.rules) * 1:52970 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Palevo-7565441-0 download attempt (malware-other.rules) * 1:52904 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565079-0 download attempt (malware-other.rules) * 1:52969 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565402-0 download attempt (malware-other.rules) * 1:52972 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Barys-7565547-0 download attempt (malware-other.rules) * 1:52973 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Impolite-7565549-0 download attempt (malware-other.rules) * 1:52974 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Jaiks-7565588-0 download attempt (malware-other.rules) * 1:52975 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Azorult-7565367-0 download attempt (malware-other.rules) * 1:52977 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565453-0 download attempt (malware-other.rules) * 1:52976 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Jaik-7565368-0 download attempt (malware-other.rules) * 1:52978 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565522-0 download attempt (malware-other.rules) * 1:52980 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7565731-0 download attempt (malware-other.rules) * 1:52979 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565370-0 download attempt (malware-other.rules) * 1:52938 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565147-0 download attempt (malware-other.rules) * 1:52967 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565437-0 download attempt (malware-other.rules) * 1:52961 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Poison-7565378-0 download attempt (malware-other.rules) * 1:52959 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565352-0 download attempt (malware-other.rules) * 1:52968 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565401-0 download attempt (malware-other.rules) * 1:52933 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565110-0 download attempt (malware-other.rules) * 1:52922 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565248-0 download attempt (malware-other.rules) * 1:52915 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565136-0 download attempt (malware-other.rules) * 1:52937 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565146-0 download attempt (malware-other.rules) * 1:52953 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565299-0 download attempt (malware-other.rules) * 1:52911 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565210-0 download attempt (malware-other.rules) * 1:52944 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565150-0 download attempt (malware-other.rules) * 1:52948 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565152-0 download attempt (malware-other.rules) * 1:52924 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565249-0 download attempt (malware-other.rules) * 1:52936 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565255-0 download attempt (malware-other.rules) * 1:52941 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565148-0 download attempt (malware-other.rules) * 1:52934 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565145-0 download attempt (malware-other.rules) * 1:52947 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565116-0 download attempt (malware-other.rules) * 1:52927 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565108-0 download attempt (malware-other.rules) * 1:52910 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7565323-0 download attempt (malware-other.rules) * 1:52949 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565298-0 download attempt (malware-other.rules) * 1:52956 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565265-0 download attempt (malware-other.rules) * 1:52909 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Noon-7565208-0 download attempt (malware-other.rules) * 1:52935 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565254-0 download attempt (malware-other.rules) * 1:52952 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565153-0 download attempt (malware-other.rules) * 1:52916 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565104-0 download attempt (malware-other.rules) * 1:52905 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565082-0 download attempt (malware-other.rules) * 1:52930 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565252-0 download attempt (malware-other.rules) * 1:52925 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Binder-7565283-0 download attempt (malware-other.rules) * 1:52945 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565151-0 download attempt (malware-other.rules) * 1:52951 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565094-0 download attempt (malware-other.rules) * 1:52917 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565214-0 download attempt (malware-other.rules) * 1:52940 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565112-0 download attempt (malware-other.rules) * 1:52943 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565091-0 download attempt (malware-other.rules) * 1:52920 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565105-0 download attempt (malware-other.rules) * 1:52932 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565144-0 download attempt (malware-other.rules) * 1:52928 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565218-0 download attempt (malware-other.rules) * 1:52931 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565143-0 download attempt (malware-other.rules) * 1:52918 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565185-0 download attempt (malware-other.rules) * 1:52923 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565216-0 download attempt (malware-other.rules) * 1:52906 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565083-0 download attempt (malware-other.rules) * 1:52955 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565119-0 download attempt (malware-other.rules) * 1:52913 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565134-0 download attempt (malware-other.rules) * 1:52939 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565224-0 download attempt (malware-other.rules) * 1:52919 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565138-0 download attempt (malware-other.rules) * 1:52946 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565228-0 download attempt (malware-other.rules) * 1:52926 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565141-0 download attempt (malware-other.rules) * 1:52908 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Banload-7565273-0 download attempt (malware-other.rules) * 1:52960 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565375-0 download attempt (malware-other.rules) * 1:52929 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565142-0 download attempt (malware-other.rules) * 1:52958 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565303-0 download attempt (malware-other.rules) * 1:52962 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Rombrast-7565393-0 download attempt (malware-other.rules) * 1:52954 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565118-0 download attempt (malware-other.rules) * 1:52950 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565117-0 download attempt (malware-other.rules) * 1:52907 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565084-0 download attempt (malware-other.rules) * 1:52921 <-> DISABLED <-> MALWARE-OTHER Win.Keylogger.Barys-7565186-0 download attempt (malware-other.rules) * 1:52914 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565135-0 download attempt (malware-other.rules) * 1:52957 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.U5wrugbi-7565203-0 download attempt (malware-other.rules) * 1:52942 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565149-0 download attempt (malware-other.rules) * 1:52965 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565535-0 download attempt (malware-other.rules) * 1:52964 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Vbtrojan-7565395-0 download attempt (malware-other.rules) * 1:52963 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Razy-7565394-0 download attempt (malware-other.rules) * 3:52666 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52667 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52840 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52842 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52841 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52843 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52839 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52836 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52837 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52838 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52819 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52668 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52669 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52818 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules)
* 1:43849 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman RestoreZipFile opcode command injection attempt (server-other.rules) * 1:49182 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:45673 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:49183 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:45674 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:52619 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS handshake with spoofed certificate attempt (os-windows.rules) * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:46935 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNSAPI remote code execution attempt (os-windows.rules) * 3:52629 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules) * 3:52632 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:52650 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (snort3-malware-other.rules) * 1:52688 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Barys-7561764-0 download attempt (snort3-malware-other.rules) * 1:52663 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (snort3-os-windows.rules) * 1:52672 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561317-0 download attempt (snort3-malware-other.rules) * 1:52673 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7561238-0 download attempt (snort3-malware-other.rules) * 1:52674 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmetagen-7561240-0 download attempt (snort3-malware-other.rules) * 1:52659 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (snort3-file-flash.rules) * 1:52664 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (snort3-os-windows.rules) * 1:52665 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Nymaim-7542552-1 download attempt (snort3-malware-other.rules) * 1:52670 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7561314-0 download attempt (snort3-malware-other.rules) * 1:52655 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (snort3-malware-other.rules) * 1:52660 <-> DISABLED <-> EXPLOIT-KIT Spelevo Exploit Kit landing page detected (snort3-exploit-kit.rules) * 1:52661 <-> ENABLED <-> MALWARE-OTHER Linux.Downloader.CoinMiner variant bash script dropper (snort3-malware-other.rules) * 1:52662 <-> ENABLED <-> MALWARE-OTHER Citrix ADC and Gateway backdoor upload attempt (snort3-malware-other.rules) * 1:52651 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (snort3-malware-other.rules) * 1:52656 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (snort3-malware-other.rules) * 1:52658 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (snort3-file-flash.rules) * 1:52657 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (snort3-malware-other.rules) * 1:52652 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (snort3-malware-other.rules) * 1:52653 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (snort3-malware-other.rules) * 1:52654 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (snort3-malware-other.rules) * 1:52683 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561420-0 download attempt (snort3-malware-other.rules) * 1:52689 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7561799-0 download attempt (snort3-malware-other.rules) * 1:52690 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561770-0 download attempt (snort3-malware-other.rules) * 1:52679 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmalware-7561251-0 download attempt (snort3-malware-other.rules) * 1:52684 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Recam-7561435-0 download attempt (snort3-malware-other.rules) * 1:52685 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561812-0 download attempt (snort3-malware-other.rules) * 1:52686 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561813-0 download attempt (snort3-malware-other.rules) * 1:52675 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561277-0 download attempt (snort3-malware-other.rules) * 1:52680 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561252-0 download attempt (snort3-malware-other.rules) * 1:52681 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561253-0 download attempt (snort3-malware-other.rules) * 1:52682 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561287-0 download attempt (snort3-malware-other.rules) * 1:52671 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561269-0 download attempt (snort3-malware-other.rules) * 1:52676 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561280-0 download attempt (snort3-malware-other.rules) * 1:52677 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561247-0 download attempt (snort3-malware-other.rules) * 1:52678 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-7561248-0 download attempt (snort3-malware-other.rules) * 1:52687 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561800-0 download attempt (snort3-malware-other.rules) * 1:52693 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561778-0 download attempt (snort3-malware-other.rules) * 1:52694 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561834-0 download attempt (snort3-malware-other.rules) * 1:52698 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Bj3cyooi-7561838-0 download attempt (snort3-malware-other.rules) * 1:52692 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561740-0 download attempt (snort3-malware-other.rules) * 1:52697 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.St6t0pbig-7561837-0 download attempt (snort3-malware-other.rules) * 1:52701 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561842-0 download attempt (snort3-malware-other.rules) * 1:52691 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Llac-7561774-0 download attempt (snort3-malware-other.rules) * 1:52696 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561836-0 download attempt (snort3-malware-other.rules) * 1:52700 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561840-0 download attempt (snort3-malware-other.rules) * 1:52702 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561843-0 download attempt (snort3-malware-other.rules) * 1:52695 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561835-0 download attempt (snort3-malware-other.rules) * 1:52706 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561848-0 download attempt (snort3-malware-other.rules) * 1:52704 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561846-0 download attempt (snort3-malware-other.rules) * 1:52705 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561847-0 download attempt (snort3-malware-other.rules) * 1:52703 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561845-0 download attempt (snort3-malware-other.rules) * 1:52699 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561839-0 download attempt (snort3-malware-other.rules) * 1:52709 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561852-0 download attempt (snort3-malware-other.rules) * 1:52710 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561853-0 download attempt (snort3-malware-other.rules) * 1:52739 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561890-0 download attempt (snort3-malware-other.rules) * 1:52728 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561876-0 download attempt (snort3-malware-other.rules) * 1:52733 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561882-0 download attempt (snort3-malware-other.rules) * 1:52730 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.A0lxvvoi-7561878-0 download attempt (snort3-malware-other.rules) * 1:52723 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561870-0 download attempt (snort3-malware-other.rules) * 1:52724 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Npei-7561871-0 download attempt (snort3-malware-other.rules) * 1:52729 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561877-0 download attempt (snort3-malware-other.rules) * 1:52726 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561874-0 download attempt (snort3-malware-other.rules) * 1:52719 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561865-0 download attempt (snort3-malware-other.rules) * 1:52720 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561866-0 download attempt (snort3-malware-other.rules) * 1:52725 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561872-0 download attempt (snort3-malware-other.rules) * 1:52722 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561869-0 download attempt (snort3-malware-other.rules) * 1:52715 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5nng-7561860-0 download attempt (snort3-malware-other.rules) * 1:52716 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561861-0 download attempt (snort3-malware-other.rules) * 1:52721 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561867-0 download attempt (snort3-malware-other.rules) * 1:52711 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561855-0 download attempt (snort3-malware-other.rules) * 1:52718 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561863-0 download attempt (snort3-malware-other.rules) * 1:52717 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561862-0 download attempt (snort3-malware-other.rules) * 1:52712 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561856-0 download attempt (snort3-malware-other.rules) * 1:52714 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561858-0 download attempt (snort3-malware-other.rules) * 1:52707 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561850-0 download attempt (snort3-malware-other.rules) * 1:52708 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561851-0 download attempt (snort3-malware-other.rules) * 1:52713 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561857-0 download attempt (snort3-malware-other.rules) * 1:52746 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561898-0 download attempt (snort3-malware-other.rules) * 1:52740 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Akpmcxbi-7561891-0 download attempt (snort3-malware-other.rules) * 1:52745 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561896-0 download attempt (snort3-malware-other.rules) * 1:52742 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bzn9rpki-7561893-0 download attempt (snort3-malware-other.rules) * 1:52735 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561885-0 download attempt (snort3-malware-other.rules) * 1:52736 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561886-0 download attempt (snort3-malware-other.rules) * 1:52741 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561892-0 download attempt (snort3-malware-other.rules) * 1:52738 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5ag5gli-7561888-0 download attempt (snort3-malware-other.rules) * 1:52731 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561880-0 download attempt (snort3-malware-other.rules) * 1:52732 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561881-0 download attempt (snort3-malware-other.rules) * 1:52737 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561887-0 download attempt (snort3-malware-other.rules) * 1:52734 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561884-0 download attempt (snort3-malware-other.rules) * 1:52727 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561875-0 download attempt (snort3-malware-other.rules) * 1:52749 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561935-0 download attempt (snort3-malware-other.rules) * 1:52743 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561894-0 download attempt (snort3-malware-other.rules) * 1:52744 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561895-0 download attempt (snort3-malware-other.rules) * 1:52754 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561939-0 download attempt (snort3-malware-other.rules) * 1:52750 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561900-0 download attempt (snort3-malware-other.rules) * 1:52748 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561897-0 download attempt (snort3-malware-other.rules) * 1:52753 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561904-0 download attempt (snort3-malware-other.rules) * 1:52757 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aqtsimgi-7561906-0 download attempt (snort3-malware-other.rules) * 1:52747 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561932-0 download attempt (snort3-malware-other.rules) * 1:52752 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aw5uvlni-7561938-0 download attempt (snort3-malware-other.rules) * 1:52787 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561957-0 download attempt (snort3-malware-other.rules) * 1:52778 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561952-0 download attempt (snort3-malware-other.rules) * 1:52771 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561913-0 download attempt (snort3-malware-other.rules) * 1:52772 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561949-0 download attempt (snort3-malware-other.rules) * 1:52777 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Awvbhqli-7561916-0 download attempt (snort3-malware-other.rules) * 1:52774 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B1smkrbi-7561950-0 download attempt (snort3-malware-other.rules) * 1:52767 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561911-0 download attempt (snort3-malware-other.rules) * 1:52768 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561947-0 download attempt (snort3-malware-other.rules) * 1:52773 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561914-0 download attempt (snort3-malware-other.rules) * 1:52770 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561948-0 download attempt (snort3-malware-other.rules) * 1:52763 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561909-0 download attempt (snort3-malware-other.rules) * 1:52764 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561945-0 download attempt (snort3-malware-other.rules) * 1:52769 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561912-0 download attempt (snort3-malware-other.rules) * 1:52766 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561946-0 download attempt (snort3-malware-other.rules) * 1:52759 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561907-0 download attempt (snort3-malware-other.rules) * 1:52760 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561943-0 download attempt (snort3-malware-other.rules) * 1:52765 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561910-0 download attempt (snort3-malware-other.rules) * 1:52762 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561944-0 download attempt (snort3-malware-other.rules) * 1:52755 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561940-0 download attempt (snort3-malware-other.rules) * 1:52761 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561908-0 download attempt (snort3-malware-other.rules) * 1:52756 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561941-0 download attempt (snort3-malware-other.rules) * 1:52751 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561902-0 download attempt (snort3-malware-other.rules) * 1:52758 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561942-0 download attempt (snort3-malware-other.rules) * 1:52794 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561927-0 download attempt (snort3-malware-other.rules) * 1:52788 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561924-0 download attempt (snort3-malware-other.rules) * 1:52793 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561960-0 download attempt (snort3-malware-other.rules) * 1:52790 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561925-0 download attempt (snort3-malware-other.rules) * 1:52783 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561955-0 download attempt (snort3-malware-other.rules) * 1:52784 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561922-0 download attempt (snort3-malware-other.rules) * 1:52789 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561958-0 download attempt (snort3-malware-other.rules) * 1:52786 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561923-0 download attempt (snort3-malware-other.rules) * 1:52779 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bp9m3rli-7561917-0 download attempt (snort3-malware-other.rules) * 1:52780 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561953-0 download attempt (snort3-malware-other.rules) * 1:52785 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561956-0 download attempt (snort3-malware-other.rules) * 1:52782 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561954-0 download attempt (snort3-malware-other.rules) * 1:52775 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Asbnzfbi-7561915-0 download attempt (snort3-malware-other.rules) * 1:52776 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561951-0 download attempt (snort3-malware-other.rules) * 1:52781 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561918-0 download attempt (snort3-malware-other.rules) * 1:52890 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564542-0 download attempt (snort3-malware-other.rules) * 1:52883 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564501-0 download attempt (snort3-malware-other.rules) * 1:52884 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564538-0 download attempt (snort3-malware-other.rules) * 1:52889 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564580-0 download attempt (snort3-malware-other.rules) * 1:52886 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564504-0 download attempt (snort3-malware-other.rules) * 1:52879 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Genkryptik-7564572-0 download attempt (snort3-malware-other.rules) * 1:52880 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564573-0 download attempt (snort3-malware-other.rules) * 1:52885 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7564577-0 download attempt (snort3-malware-other.rules) * 1:52882 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Noon-7564575-0 download attempt (snort3-malware-other.rules) * 1:52875 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564628-0 download attempt (snort3-malware-other.rules) * 1:52876 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564569-0 download attempt (snort3-malware-other.rules) * 1:52881 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7564574-0 download attempt (snort3-malware-other.rules) * 1:52878 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564571-0 download attempt (snort3-malware-other.rules) * 1:52871 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7564564-0 download attempt (snort3-malware-other.rules) * 1:52872 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564565-0 download attempt (snort3-malware-other.rules) * 1:52877 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564570-0 download attempt (snort3-malware-other.rules) * 1:52874 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564567-0 download attempt (snort3-malware-other.rules) * 1:52867 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564559-0 download attempt (snort3-malware-other.rules) * 1:52868 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Cwmx-7564592-0 download attempt (snort3-malware-other.rules) * 1:52873 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7564566-0 download attempt (snort3-malware-other.rules) * 1:52870 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564591-0 download attempt (snort3-malware-other.rules) * 1:52863 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561765-0 download attempt (snort3-malware-other.rules) * 1:52864 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (snort3-os-windows.rules) * 1:52869 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7564593-0 download attempt (snort3-malware-other.rules) * 1:52866 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS server certificate public key with explicitly-defined ECC curve parameters attempt (snort3-os-windows.rules) * 1:52859 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561849-0 download attempt (snort3-malware-other.rules) * 1:52860 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561844-0 download attempt (snort3-malware-other.rules) * 1:52865 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (snort3-os-windows.rules) * 1:52862 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561750-0 download attempt (snort3-malware-other.rules) * 1:52855 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561879-0 download attempt (snort3-malware-other.rules) * 1:52861 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561841-0 download attempt (snort3-malware-other.rules) * 1:52856 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561868-0 download attempt (snort3-malware-other.rules) * 1:52858 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561854-0 download attempt (snort3-malware-other.rules) * 1:52849 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (snort3-malware-cnc.rules) * 1:52852 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561864-0 download attempt (snort3-malware-other.rules) * 1:52857 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561859-0 download attempt (snort3-malware-other.rules) * 1:52854 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561883-0 download attempt (snort3-malware-other.rules) * 1:52845 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (snort3-malware-cnc.rules) * 1:52846 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (snort3-malware-cnc.rules) * 1:52853 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561889-0 download attempt (snort3-malware-other.rules) * 1:52848 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (snort3-malware-cnc.rules) * 1:52833 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561937-0 download attempt (snort3-malware-other.rules) * 1:52834 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Brsjkedi-7561936-0 download attempt (snort3-malware-other.rules) * 1:52847 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (snort3-malware-cnc.rules) * 1:52844 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (snort3-malware-cnc.rules) * 1:52829 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563019-0 download attempt (snort3-malware-other.rules) * 1:52830 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7563013-0 download attempt (snort3-malware-other.rules) * 1:52835 <-> DISABLED <-> SERVER-WEBAPP Kibana Timelion prototype pollution code execution attempt (snort3-server-webapp.rules) * 1:52832 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7562086-0 download attempt (snort3-malware-other.rules) * 1:52825 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (snort3-malware-other.rules) * 1:52826 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (snort3-malware-other.rules) * 1:52831 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562992-0 download attempt (snort3-malware-other.rules) * 1:52828 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7561648-0 download attempt (snort3-malware-other.rules) * 1:52821 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (snort3-file-multimedia.rules) * 1:52822 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default root credentials detected (snort3-policy-other.rules) * 1:52827 <-> DISABLED <-> SERVER-WEBAPP Tomato router web interface bruteforce scan attempt (snort3-server-webapp.rules) * 1:52824 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Muhstik variant IRC outbound connection (snort3-malware-cnc.rules) * 1:52815 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Generickdz-7563017-0 download attempt (snort3-malware-other.rules) * 1:52816 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562998-0 download attempt (snort3-malware-other.rules) * 1:52823 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default admin credentials detected (snort3-policy-other.rules) * 1:52820 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (snort3-file-multimedia.rules) * 1:52811 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563016-0 download attempt (snort3-malware-other.rules) * 1:52812 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7563014-0 download attempt (snort3-malware-other.rules) * 1:52817 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564432-0 download attempt (snort3-malware-other.rules) * 1:52814 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Clipbanker-7562988-0 download attempt (snort3-malware-other.rules) * 1:52807 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Tofsee-7562099-0 download attempt (snort3-malware-other.rules) * 1:52808 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Scar-7562034-0 download attempt (snort3-malware-other.rules) * 1:52813 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7562991-0 download attempt (snort3-malware-other.rules) * 1:52803 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562089-0 download attempt (snort3-malware-other.rules) * 1:52810 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Fareit-7562081-0 download attempt (snort3-malware-other.rules) * 1:52804 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562095-0 download attempt (snort3-malware-other.rules) * 1:52809 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Scar-7562041-0 download attempt (snort3-malware-other.rules) * 1:52806 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7562065-0 download attempt (snort3-malware-other.rules) * 1:52799 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561963-0 download attempt (snort3-malware-other.rules) * 1:52802 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bdksyxs-7561931-0 download attempt (snort3-malware-other.rules) * 1:52805 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7562098-0 download attempt (snort3-malware-other.rules) * 1:52800 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561930-0 download attempt (snort3-malware-other.rules) * 1:52795 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561961-0 download attempt (snort3-malware-other.rules) * 1:52796 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561928-0 download attempt (snort3-malware-other.rules) * 1:52801 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561964-0 download attempt (snort3-malware-other.rules) * 1:52798 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561929-0 download attempt (snort3-malware-other.rules) * 1:52791 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561959-0 download attempt (snort3-malware-other.rules) * 1:52792 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561926-0 download attempt (snort3-malware-other.rules) * 1:52951 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565094-0 download attempt (snort3-malware-other.rules) * 1:52941 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565148-0 download attempt (snort3-malware-other.rules) * 1:52949 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565298-0 download attempt (snort3-malware-other.rules) * 1:52952 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565153-0 download attempt (snort3-malware-other.rules) * 1:52936 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565255-0 download attempt (snort3-malware-other.rules) * 1:52925 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Binder-7565283-0 download attempt (snort3-malware-other.rules) * 1:52953 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565299-0 download attempt (snort3-malware-other.rules) * 1:52924 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565249-0 download attempt (snort3-malware-other.rules) * 1:52942 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565149-0 download attempt (snort3-malware-other.rules) * 1:52944 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565150-0 download attempt (snort3-malware-other.rules) * 1:52927 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565108-0 download attempt (snort3-malware-other.rules) * 1:52797 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561962-0 download attempt (snort3-malware-other.rules) * 1:52911 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565210-0 download attempt (snort3-malware-other.rules) * 1:52912 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565324-0 download attempt (snort3-malware-other.rules) * 1:52907 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565084-0 download attempt (snort3-malware-other.rules) * 1:52908 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Banload-7565273-0 download attempt (snort3-malware-other.rules) * 1:52910 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7565323-0 download attempt (snort3-malware-other.rules) * 1:52903 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565078-0 download attempt (snort3-malware-other.rules) * 1:52904 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565079-0 download attempt (snort3-malware-other.rules) * 1:52909 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Noon-7565208-0 download attempt (snort3-malware-other.rules) * 1:52906 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565083-0 download attempt (snort3-malware-other.rules) * 1:52899 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564912-0 download attempt (snort3-malware-other.rules) * 1:52900 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Nanobot-7564916-0 download attempt (snort3-malware-other.rules) * 1:52905 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565082-0 download attempt (snort3-malware-other.rules) * 1:52902 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565076-0 download attempt (snort3-malware-other.rules) * 1:52895 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564979-0 download attempt (snort3-malware-other.rules) * 1:52896 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564922-0 download attempt (snort3-malware-other.rules) * 1:52901 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565074-0 download attempt (snort3-malware-other.rules) * 1:52898 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7564907-0 download attempt (snort3-malware-other.rules) * 1:52891 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564508-0 download attempt (snort3-malware-other.rules) * 1:52892 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564582-0 download attempt (snort3-malware-other.rules) * 1:52897 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agensla-7564923-0 download attempt (snort3-malware-other.rules) * 1:52894 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564918-0 download attempt (snort3-malware-other.rules) * 1:52887 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564579-0 download attempt (snort3-malware-other.rules) * 1:52888 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564540-0 download attempt (snort3-malware-other.rules) * 1:52893 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Zpevdo-7564583-0 download attempt (snort3-malware-other.rules) * 1:52979 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565370-0 download attempt (snort3-malware-other.rules) * 1:52980 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7565731-0 download attempt (snort3-malware-other.rules) * 1:52978 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565522-0 download attempt (snort3-malware-other.rules) * 1:52939 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565224-0 download attempt (snort3-malware-other.rules) * 1:52948 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565152-0 download attempt (snort3-malware-other.rules) * 1:52976 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Jaik-7565368-0 download attempt (snort3-malware-other.rules) * 1:52973 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Impolite-7565549-0 download attempt (snort3-malware-other.rules) * 1:52930 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565252-0 download attempt (snort3-malware-other.rules) * 1:52918 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565185-0 download attempt (snort3-malware-other.rules) * 1:52926 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565141-0 download attempt (snort3-malware-other.rules) * 1:52950 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565117-0 download attempt (snort3-malware-other.rules) * 1:52966 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Dapato-7565398-0 download attempt (snort3-malware-other.rules) * 1:52962 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Rombrast-7565393-0 download attempt (snort3-malware-other.rules) * 1:52964 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Vbtrojan-7565395-0 download attempt (snort3-malware-other.rules) * 1:52934 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565145-0 download attempt (snort3-malware-other.rules) * 1:52956 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565265-0 download attempt (snort3-malware-other.rules) * 1:52920 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565105-0 download attempt (snort3-malware-other.rules) * 1:52916 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565104-0 download attempt (snort3-malware-other.rules) * 1:52933 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565110-0 download attempt (snort3-malware-other.rules) * 1:52963 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Razy-7565394-0 download attempt (snort3-malware-other.rules) * 1:52958 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565303-0 download attempt (snort3-malware-other.rules) * 1:52931 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565143-0 download attempt (snort3-malware-other.rules) * 1:52923 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565216-0 download attempt (snort3-malware-other.rules) * 1:52919 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565138-0 download attempt (snort3-malware-other.rules) * 1:52946 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565228-0 download attempt (snort3-malware-other.rules) * 1:52977 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565453-0 download attempt (snort3-malware-other.rules) * 1:52955 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565119-0 download attempt (snort3-malware-other.rules) * 1:52945 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565151-0 download attempt (snort3-malware-other.rules) * 1:52954 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565118-0 download attempt (snort3-malware-other.rules) * 1:52937 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565146-0 download attempt (snort3-malware-other.rules) * 1:52967 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565437-0 download attempt (snort3-malware-other.rules) * 1:52921 <-> DISABLED <-> MALWARE-OTHER Win.Keylogger.Barys-7565186-0 download attempt (snort3-malware-other.rules) * 1:52932 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565144-0 download attempt (snort3-malware-other.rules) * 1:52940 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565112-0 download attempt (snort3-malware-other.rules) * 1:52914 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565135-0 download attempt (snort3-malware-other.rules) * 1:52917 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565214-0 download attempt (snort3-malware-other.rules) * 1:52960 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565375-0 download attempt (snort3-malware-other.rules) * 1:52965 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565535-0 download attempt (snort3-malware-other.rules) * 1:52959 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565352-0 download attempt (snort3-malware-other.rules) * 1:52915 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565136-0 download attempt (snort3-malware-other.rules) * 1:52957 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.U5wrugbi-7565203-0 download attempt (snort3-malware-other.rules) * 1:52968 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565401-0 download attempt (snort3-malware-other.rules) * 1:52929 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565142-0 download attempt (snort3-malware-other.rules) * 1:52938 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565147-0 download attempt (snort3-malware-other.rules) * 1:52913 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565134-0 download attempt (snort3-malware-other.rules) * 1:52922 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565248-0 download attempt (snort3-malware-other.rules) * 1:52935 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565254-0 download attempt (snort3-malware-other.rules) * 1:52961 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Poison-7565378-0 download attempt (snort3-malware-other.rules) * 1:52943 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565091-0 download attempt (snort3-malware-other.rules) * 1:52974 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Jaiks-7565588-0 download attempt (snort3-malware-other.rules) * 1:52970 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Palevo-7565441-0 download attempt (snort3-malware-other.rules) * 1:52969 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565402-0 download attempt (snort3-malware-other.rules) * 1:52972 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Barys-7565547-0 download attempt (snort3-malware-other.rules) * 1:52971 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ursu-7565633-0 download attempt (snort3-malware-other.rules) * 1:52928 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565218-0 download attempt (snort3-malware-other.rules) * 1:52947 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565116-0 download attempt (snort3-malware-other.rules) * 1:52975 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Azorult-7565367-0 download attempt (snort3-malware-other.rules)
* 1:45673 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (snort3-browser-ie.rules) * 1:43849 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman RestoreZipFile opcode command injection attempt (snort3-server-other.rules) * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (snort3-file-multimedia.rules) * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (snort3-file-multimedia.rules) * 1:45674 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (snort3-browser-ie.rules) * 1:46935 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNSAPI remote code execution attempt (snort3-os-windows.rules) * 1:49182 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (snort3-file-office.rules) * 1:49183 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (snort3-file-office.rules) * 1:52619 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS handshake with spoofed certificate attempt (snort3-os-windows.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:52959 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565352-0 download attempt (malware-other.rules) * 1:52941 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565148-0 download attempt (malware-other.rules) * 1:52917 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565214-0 download attempt (malware-other.rules) * 1:52931 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565143-0 download attempt (malware-other.rules) * 1:52928 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565218-0 download attempt (malware-other.rules) * 1:52916 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565104-0 download attempt (malware-other.rules) * 1:52940 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565112-0 download attempt (malware-other.rules) * 1:52950 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565117-0 download attempt (malware-other.rules) * 1:52935 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565254-0 download attempt (malware-other.rules) * 1:52946 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565228-0 download attempt (malware-other.rules) * 1:52945 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565151-0 download attempt (malware-other.rules) * 1:52956 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Generic-7565265-0 download attempt (malware-other.rules) * 1:52962 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Rombrast-7565393-0 download attempt (malware-other.rules) * 1:52955 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565119-0 download attempt (malware-other.rules) * 1:52947 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565116-0 download attempt (malware-other.rules) * 1:52969 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565402-0 download attempt (malware-other.rules) * 1:52915 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565136-0 download attempt (malware-other.rules) * 1:52921 <-> DISABLED <-> MALWARE-OTHER Win.Keylogger.Barys-7565186-0 download attempt (malware-other.rules) * 1:52924 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565249-0 download attempt (malware-other.rules) * 1:52911 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565210-0 download attempt (malware-other.rules) * 1:52927 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565108-0 download attempt (malware-other.rules) * 1:52954 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565118-0 download attempt (malware-other.rules) * 1:52958 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vebzenpak-7565303-0 download attempt (malware-other.rules) * 1:52933 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565110-0 download attempt (malware-other.rules) * 1:52944 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565150-0 download attempt (malware-other.rules) * 1:52949 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565298-0 download attempt (malware-other.rules) * 1:52938 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565147-0 download attempt (malware-other.rules) * 1:52920 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565105-0 download attempt (malware-other.rules) * 1:52861 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561841-0 download attempt (malware-other.rules) * 1:52908 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.Banload-7565273-0 download attempt (malware-other.rules) * 1:52817 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564432-0 download attempt (malware-other.rules) * 1:52952 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565153-0 download attempt (malware-other.rules) * 1:52961 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Poison-7565378-0 download attempt (malware-other.rules) * 1:52793 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561960-0 download attempt (malware-other.rules) * 1:52913 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565134-0 download attempt (malware-other.rules) * 1:52709 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561852-0 download attempt (malware-other.rules) * 1:52864 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52700 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561840-0 download attempt (malware-other.rules) * 1:52708 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561851-0 download attempt (malware-other.rules) * 1:52800 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561930-0 download attempt (malware-other.rules) * 1:52880 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564573-0 download attempt (malware-other.rules) * 1:52764 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561945-0 download attempt (malware-other.rules) * 1:52721 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561867-0 download attempt (malware-other.rules) * 1:52934 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565145-0 download attempt (malware-other.rules) * 1:52722 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561869-0 download attempt (malware-other.rules) * 1:52918 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565185-0 download attempt (malware-other.rules) * 1:52866 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS server certificate public key with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52738 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5ag5gli-7561888-0 download attempt (malware-other.rules) * 1:52881 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7564574-0 download attempt (malware-other.rules) * 1:52802 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bdksyxs-7561931-0 download attempt (malware-other.rules) * 1:52898 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7564907-0 download attempt (malware-other.rules) * 1:52980 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7565731-0 download attempt (malware-other.rules) * 1:52833 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561937-0 download attempt (malware-other.rules) * 1:52867 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564559-0 download attempt (malware-other.rules) * 1:52972 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Barys-7565547-0 download attempt (malware-other.rules) * 1:52976 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Jaik-7565368-0 download attempt (malware-other.rules) * 1:52965 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565535-0 download attempt (malware-other.rules) * 1:52966 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Dapato-7565398-0 download attempt (malware-other.rules) * 1:52970 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Palevo-7565441-0 download attempt (malware-other.rules) * 1:52919 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565138-0 download attempt (malware-other.rules) * 1:52957 <-> DISABLED <-> MALWARE-OTHER Win.Downloader.U5wrugbi-7565203-0 download attempt (malware-other.rules) * 1:52899 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564912-0 download attempt (malware-other.rules) * 1:52979 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565370-0 download attempt (malware-other.rules) * 1:52859 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561849-0 download attempt (malware-other.rules) * 1:52848 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52655 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52654 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52651 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52650 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (malware-other.rules) * 1:52659 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52845 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52878 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564571-0 download attempt (malware-other.rules) * 1:52847 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52835 <-> DISABLED <-> SERVER-WEBAPP Kibana Timelion prototype pollution code execution attempt (server-webapp.rules) * 1:52971 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ursu-7565633-0 download attempt (malware-other.rules) * 1:52963 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Razy-7565394-0 download attempt (malware-other.rules) * 1:52879 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Genkryptik-7564572-0 download attempt (malware-other.rules) * 1:52978 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565522-0 download attempt (malware-other.rules) * 1:52977 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565453-0 download attempt (malware-other.rules) * 1:52901 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565074-0 download attempt (malware-other.rules) * 1:52904 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565079-0 download attempt (malware-other.rules) * 1:52902 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565076-0 download attempt (malware-other.rules) * 1:52906 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565083-0 download attempt (malware-other.rules) * 1:52905 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565082-0 download attempt (malware-other.rules) * 1:52903 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565078-0 download attempt (malware-other.rules) * 1:52875 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564628-0 download attempt (malware-other.rules) * 1:52889 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564580-0 download attempt (malware-other.rules) * 1:52877 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564570-0 download attempt (malware-other.rules) * 1:52797 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561962-0 download attempt (malware-other.rules) * 1:52860 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561844-0 download attempt (malware-other.rules) * 1:52887 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564579-0 download attempt (malware-other.rules) * 1:52882 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Noon-7564575-0 download attempt (malware-other.rules) * 1:52799 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561963-0 download attempt (malware-other.rules) * 1:52794 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561927-0 download attempt (malware-other.rules) * 1:52855 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561879-0 download attempt (malware-other.rules) * 1:52869 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7564593-0 download attempt (malware-other.rules) * 1:52894 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Agensla-7564918-0 download attempt (malware-other.rules) * 1:52870 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7564591-0 download attempt (malware-other.rules) * 1:52849 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52792 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561926-0 download attempt (malware-other.rules) * 1:52798 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561929-0 download attempt (malware-other.rules) * 1:52876 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564569-0 download attempt (malware-other.rules) * 1:52844 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52856 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561868-0 download attempt (malware-other.rules) * 1:52890 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564542-0 download attempt (malware-other.rules) * 1:52755 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561940-0 download attempt (malware-other.rules) * 1:52874 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7564567-0 download attempt (malware-other.rules) * 1:52883 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564501-0 download attempt (malware-other.rules) * 1:52852 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561864-0 download attempt (malware-other.rules) * 1:52968 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Svwk-7565401-0 download attempt (malware-other.rules) * 1:52884 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564538-0 download attempt (malware-other.rules) * 1:52862 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561750-0 download attempt (malware-other.rules) * 1:52871 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7564564-0 download attempt (malware-other.rules) * 1:52857 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561859-0 download attempt (malware-other.rules) * 1:52853 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561889-0 download attempt (malware-other.rules) * 1:52863 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561765-0 download attempt (malware-other.rules) * 1:52885 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7564577-0 download attempt (malware-other.rules) * 1:52865 <-> DISABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (os-windows.rules) * 1:52873 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7564566-0 download attempt (malware-other.rules) * 1:52765 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561910-0 download attempt (malware-other.rules) * 1:52896 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564922-0 download attempt (malware-other.rules) * 1:52796 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561928-0 download attempt (malware-other.rules) * 1:52760 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561943-0 download attempt (malware-other.rules) * 1:52967 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ursu-7565437-0 download attempt (malware-other.rules) * 1:52754 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561939-0 download attempt (malware-other.rules) * 1:52868 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Cwmx-7564592-0 download attempt (malware-other.rules) * 1:52886 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564504-0 download attempt (malware-other.rules) * 1:52858 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561854-0 download attempt (malware-other.rules) * 1:52658 <-> DISABLED <-> FILE-FLASH Spelevo Exploit Kit download attempt (file-flash.rules) * 1:52662 <-> ENABLED <-> MALWARE-OTHER Citrix ADC and Gateway backdoor upload attempt (malware-other.rules) * 1:52761 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561908-0 download attempt (malware-other.rules) * 1:52757 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aqtsimgi-7561906-0 download attempt (malware-other.rules) * 1:52750 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561900-0 download attempt (malware-other.rules) * 1:52751 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561902-0 download attempt (malware-other.rules) * 1:52756 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561941-0 download attempt (malware-other.rules) * 1:52746 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561898-0 download attempt (malware-other.rules) * 1:52753 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561904-0 download attempt (malware-other.rules) * 1:52747 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561932-0 download attempt (malware-other.rules) * 1:52749 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561935-0 download attempt (malware-other.rules) * 1:52752 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Aw5uvlni-7561938-0 download attempt (malware-other.rules) * 1:52846 <-> ENABLED <-> MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (malware-cnc.rules) * 1:52926 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565141-0 download attempt (malware-other.rules) * 1:52951 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565094-0 download attempt (malware-other.rules) * 1:52942 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565149-0 download attempt (malware-other.rules) * 1:52932 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565144-0 download attempt (malware-other.rules) * 1:52953 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565299-0 download attempt (malware-other.rules) * 1:52930 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565252-0 download attempt (malware-other.rules) * 1:52936 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565255-0 download attempt (malware-other.rules) * 1:52925 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Binder-7565283-0 download attempt (malware-other.rules) * 1:52909 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Noon-7565208-0 download attempt (malware-other.rules) * 1:52960 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565375-0 download attempt (malware-other.rules) * 1:52888 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564540-0 download attempt (malware-other.rules) * 1:52897 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agensla-7564923-0 download attempt (malware-other.rules) * 1:52939 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565224-0 download attempt (malware-other.rules) * 1:52772 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561949-0 download attempt (malware-other.rules) * 1:52704 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561846-0 download attempt (malware-other.rules) * 1:52803 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562089-0 download attempt (malware-other.rules) * 1:52671 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561269-0 download attempt (malware-other.rules) * 1:52781 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561918-0 download attempt (malware-other.rules) * 1:52773 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561914-0 download attempt (malware-other.rules) * 1:52937 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565146-0 download attempt (malware-other.rules) * 1:52763 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561909-0 download attempt (malware-other.rules) * 1:52780 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561953-0 download attempt (malware-other.rules) * 1:52774 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B1smkrbi-7561950-0 download attempt (malware-other.rules) * 1:52790 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561925-0 download attempt (malware-other.rules) * 1:52789 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561958-0 download attempt (malware-other.rules) * 1:52807 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Tofsee-7562099-0 download attempt (malware-other.rules) * 1:52788 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561924-0 download attempt (malware-other.rules) * 1:52948 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565152-0 download attempt (malware-other.rules) * 1:52697 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.St6t0pbig-7561837-0 download attempt (malware-other.rules) * 1:52929 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565142-0 download attempt (malware-other.rules) * 1:52813 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7562991-0 download attempt (malware-other.rules) * 1:52766 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561946-0 download attempt (malware-other.rules) * 1:52784 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561922-0 download attempt (malware-other.rules) * 1:52776 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Vobfus-7561951-0 download attempt (malware-other.rules) * 1:52779 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bp9m3rli-7561917-0 download attempt (malware-other.rules) * 1:52745 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561896-0 download attempt (malware-other.rules) * 1:52769 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561912-0 download attempt (malware-other.rules) * 1:52699 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561839-0 download attempt (malware-other.rules) * 1:52770 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbinder-7561948-0 download attempt (malware-other.rules) * 1:52914 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565135-0 download attempt (malware-other.rules) * 1:52759 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561907-0 download attempt (malware-other.rules) * 1:52791 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561959-0 download attempt (malware-other.rules) * 1:52701 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561842-0 download attempt (malware-other.rules) * 1:52696 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561836-0 download attempt (malware-other.rules) * 1:52768 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561947-0 download attempt (malware-other.rules) * 1:52695 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561835-0 download attempt (malware-other.rules) * 1:52892 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7564582-0 download attempt (malware-other.rules) * 1:52777 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Awvbhqli-7561916-0 download attempt (malware-other.rules) * 1:52785 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561956-0 download attempt (malware-other.rules) * 1:52782 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561954-0 download attempt (malware-other.rules) * 1:52705 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561847-0 download attempt (malware-other.rules) * 1:52786 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561923-0 download attempt (malware-other.rules) * 1:52694 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561834-0 download attempt (malware-other.rules) * 1:52775 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Asbnzfbi-7561915-0 download attempt (malware-other.rules) * 1:52787 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561957-0 download attempt (malware-other.rules) * 1:52783 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vbtrojan-7561955-0 download attempt (malware-other.rules) * 1:52771 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561913-0 download attempt (malware-other.rules) * 1:52762 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561944-0 download attempt (malware-other.rules) * 1:52767 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561911-0 download attempt (malware-other.rules) * 1:52743 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561894-0 download attempt (malware-other.rules) * 1:52778 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561952-0 download attempt (malware-other.rules) * 1:52907 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565084-0 download attempt (malware-other.rules) * 1:52804 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7562095-0 download attempt (malware-other.rules) * 1:52923 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Gamarue-7565216-0 download attempt (malware-other.rules) * 1:52726 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561874-0 download attempt (malware-other.rules) * 1:52910 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7565323-0 download attempt (malware-other.rules) * 1:52943 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.NetWire-7565091-0 download attempt (malware-other.rules) * 1:52922 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565248-0 download attempt (malware-other.rules) * 1:52698 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Bj3cyooi-7561838-0 download attempt (malware-other.rules) * 1:52758 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561942-0 download attempt (malware-other.rules) * 1:52732 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561881-0 download attempt (malware-other.rules) * 1:52893 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Zpevdo-7564583-0 download attempt (malware-other.rules) * 1:52734 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561884-0 download attempt (malware-other.rules) * 1:52811 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563016-0 download attempt (malware-other.rules) * 1:52739 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561890-0 download attempt (malware-other.rules) * 1:52830 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7563013-0 download attempt (malware-other.rules) * 1:52891 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Generic-7564508-0 download attempt (malware-other.rules) * 1:52723 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561870-0 download attempt (malware-other.rules) * 1:52742 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Bzn9rpki-7561893-0 download attempt (malware-other.rules) * 1:52724 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Npei-7561871-0 download attempt (malware-other.rules) * 1:52872 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Noon-7564565-0 download attempt (malware-other.rules) * 1:52810 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Fareit-7562081-0 download attempt (malware-other.rules) * 1:52825 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52728 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561876-0 download attempt (malware-other.rules) * 1:52729 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561877-0 download attempt (malware-other.rules) * 1:52710 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561853-0 download attempt (malware-other.rules) * 1:52725 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561872-0 download attempt (malware-other.rules) * 1:52719 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561865-0 download attempt (malware-other.rules) * 1:52828 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Ponystealer-7561648-0 download attempt (malware-other.rules) * 1:52805 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7562098-0 download attempt (malware-other.rules) * 1:52727 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561875-0 download attempt (malware-other.rules) * 1:52827 <-> DISABLED <-> SERVER-WEBAPP Tomato router web interface bruteforce scan attempt (server-webapp.rules) * 1:52806 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7562065-0 download attempt (malware-other.rules) * 1:52730 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.A0lxvvoi-7561878-0 download attempt (malware-other.rules) * 1:52740 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Akpmcxbi-7561891-0 download attempt (malware-other.rules) * 1:52712 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561856-0 download attempt (malware-other.rules) * 1:52809 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Scar-7562041-0 download attempt (malware-other.rules) * 1:52733 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561882-0 download attempt (malware-other.rules) * 1:52741 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561892-0 download attempt (malware-other.rules) * 1:52715 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.B5nng-7561860-0 download attempt (malware-other.rules) * 1:52735 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561885-0 download attempt (malware-other.rules) * 1:52801 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561964-0 download attempt (malware-other.rules) * 1:52716 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561861-0 download attempt (malware-other.rules) * 1:52814 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Clipbanker-7562988-0 download attempt (malware-other.rules) * 1:52717 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561862-0 download attempt (malware-other.rules) * 1:52829 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7563019-0 download attempt (malware-other.rules) * 1:52720 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561866-0 download attempt (malware-other.rules) * 1:52744 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561895-0 download attempt (malware-other.rules) * 1:52812 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Ponystealer-7563014-0 download attempt (malware-other.rules) * 1:52713 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Barys-7561857-0 download attempt (malware-other.rules) * 1:52808 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Scar-7562034-0 download attempt (malware-other.rules) * 1:52711 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561855-0 download attempt (malware-other.rules) * 1:52736 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561886-0 download attempt (malware-other.rules) * 1:52823 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default admin credentials detected (policy-other.rules) * 1:52815 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Generickdz-7563017-0 download attempt (malware-other.rules) * 1:52714 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561858-0 download attempt (malware-other.rules) * 1:52737 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561887-0 download attempt (malware-other.rules) * 1:52731 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561880-0 download attempt (malware-other.rules) * 1:52831 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562992-0 download attempt (malware-other.rules) * 1:52822 <-> DISABLED <-> POLICY-OTHER Tomato router web interface default root credentials detected (policy-other.rules) * 1:52895 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7564979-0 download attempt (malware-other.rules) * 1:52826 <-> ENABLED <-> MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (malware-other.rules) * 1:52718 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561863-0 download attempt (malware-other.rules) * 1:52824 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.Muhstik variant IRC outbound connection (malware-cnc.rules) * 1:52795 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561961-0 download attempt (malware-other.rules) * 1:52816 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7562998-0 download attempt (malware-other.rules) * 1:52748 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561897-0 download attempt (malware-other.rules) * 1:52854 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561883-0 download attempt (malware-other.rules) * 1:52660 <-> DISABLED <-> EXPLOIT-KIT Spelevo Exploit Kit landing page detected (exploit-kit.rules) * 1:52912 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.VBGeneric-7565324-0 download attempt (malware-other.rules) * 1:52692 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Generic-7561740-0 download attempt (malware-other.rules) * 1:52682 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561287-0 download attempt (malware-other.rules) * 1:52664 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52693 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561778-0 download attempt (malware-other.rules) * 1:52689 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Xtrat-7561799-0 download attempt (malware-other.rules) * 1:52678 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Generic-7561248-0 download attempt (malware-other.rules) * 1:52663 <-> DISABLED <-> OS-WINDOWS Microsoft Windows Imaging API use after free attempt (os-windows.rules) * 1:52686 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561813-0 download attempt (malware-other.rules) * 1:52690 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Zusy-7561770-0 download attempt (malware-other.rules) * 1:52685 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561812-0 download attempt (malware-other.rules) * 1:52674 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmetagen-7561240-0 download attempt (malware-other.rules) * 1:52687 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Fareit-7561800-0 download attempt (malware-other.rules) * 1:52684 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Recam-7561435-0 download attempt (malware-other.rules) * 1:52681 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561253-0 download attempt (malware-other.rules) * 1:52707 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561850-0 download attempt (malware-other.rules) * 1:52683 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561420-0 download attempt (malware-other.rules) * 1:52680 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Tofsee-7561252-0 download attempt (malware-other.rules) * 1:52677 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Ponystealer-7561247-0 download attempt (malware-other.rules) * 1:52703 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561845-0 download attempt (malware-other.rules) * 1:52679 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Filerepmalware-7561251-0 download attempt (malware-other.rules) * 1:52676 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7561280-0 download attempt (malware-other.rules) * 1:52673 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Ponystealer-7561238-0 download attempt (malware-other.rules) * 1:52675 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561277-0 download attempt (malware-other.rules) * 1:52672 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Fareit-7561317-0 download attempt (malware-other.rules) * 1:52706 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Vobfus-7561848-0 download attempt (malware-other.rules) * 1:52702 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Vobfus-7561843-0 download attempt (malware-other.rules) * 1:52688 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Barys-7561764-0 download attempt (malware-other.rules) * 1:52665 <-> DISABLED <-> MALWARE-OTHER Win.Packed.Nymaim-7542552-1 download attempt (malware-other.rules) * 1:52670 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Fareit-7561314-0 download attempt (malware-other.rules) * 1:52657 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52653 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52656 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52900 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Nanobot-7564916-0 download attempt (malware-other.rules) * 1:52834 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Brsjkedi-7561936-0 download attempt (malware-other.rules) * 1:52832 <-> DISABLED <-> MALWARE-OTHER Win.Worm.Vobfus-7562086-0 download attempt (malware-other.rules) * 1:52691 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Llac-7561774-0 download attempt (malware-other.rules) * 1:52974 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Jaiks-7565588-0 download attempt (malware-other.rules) * 1:52975 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.Azorult-7565367-0 download attempt (malware-other.rules) * 1:52973 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Impolite-7565549-0 download attempt (malware-other.rules) * 1:52661 <-> ENABLED <-> MALWARE-OTHER Linux.Downloader.CoinMiner variant bash script dropper (malware-other.rules) * 1:52652 <-> DISABLED <-> MALWARE-OTHER Win.Trojan.Agent variant download attempt (malware-other.rules) * 1:52964 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Vbtrojan-7565395-0 download attempt (malware-other.rules) * 3:52666 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52837 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52840 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52836 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (protocol-snmp.rules) * 3:52851 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52850 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (file-other.rules) * 3:52818 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52667 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (file-other.rules) * 3:52839 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52843 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52838 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52669 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules) * 3:52819 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (file-other.rules) * 3:52841 <-> ENABLED <-> PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (protocol-snmp.rules) * 3:52842 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (file-other.rules) * 3:52668 <-> ENABLED <-> FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (file-other.rules)
* 1:46935 <-> DISABLED <-> OS-WINDOWS Microsoft Windows DNSAPI remote code execution attempt (os-windows.rules) * 1:15559 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 1:52619 <-> ENABLED <-> OS-WINDOWS Microsoft Windows CryptoAPI TLS handshake with spoofed certificate attempt (os-windows.rules) * 1:45674 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:45673 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (browser-ie.rules) * 1:49183 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:43849 <-> DISABLED <-> SERVER-OTHER HP Intelligent Management Center dbman RestoreZipFile opcode command injection attempt (server-other.rules) * 1:49182 <-> DISABLED <-> FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (file-office.rules) * 1:26564 <-> DISABLED <-> FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (file-multimedia.rules) * 3:52629 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules) * 3:52632 <-> ENABLED <-> SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (server-webapp.rules)
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
