CTEP/IPS Threat Content Update Release Notes 95.1.2.205
Refer to the following summary of signatures deployed with the IPS content release:
Total signatures : 20989
Signatures added : 38
Signatures modified : 00
Signatures removed : 00
Signatures Added
SID | Description | Reference |
|---|---|---|
150109 | MALWARE-CNC APT40.Template Callout C2 connection detected | No reference |
150108 | MALWARE-CNC APT4.Nflog C2 Hostinfo dataleak connection detected | No reference |
15010` | MALWARE-CNC Win.Trojan.Chopstick variant outbound request | No reference |
150100 | MALWARE-CNC TROJAN.Andromeda check-in response detected | No reference |
150103 | MALWARE-CNC APT28.Gamefish incoming connection detected | No reference |
150102 | MALWARE-CNC APT28.Dealerchoice outbound connection detected | No reference |
150105 | MALWARE-CNC APT34.Boostpipe beacon connection detected | No reference |
150104 | MALWARE-CNC APT30.Neteagle outbound connection detected | No reference |
150107 | MALWARE-CNC APT4.Nflog C2 checkin connection detected | No reference |
150106 | MALWARE-CNC APT4.Nflog C2 Beacon outbound connection detected | No reference |
150302 | MALWARE-CNC Command and Control AZORULT C2 Communication Variant 3 | No reference |
150301 | MALWARE-CNC Command and Control AZORULT C2 Communication Variant 2 | No reference |
150306 | MALWARE-CNC Command and Control CHINOTTO C2 Beacon Variant 2 | No reference |
150304 | MALWARE-CNC Command and Control CHINOTTO C2 Beacon Variant 1 | No reference |
150119 | MALWARE-CNC Tinymet.Generic UA check-in communication traffic detected | No reference |
150404 | MALWARE-CNC TEMP.Armageddon Russia-Ukraine conflict lure variant traffic detected | No reference |
150401 | MALWARE-CNC Win.Sourdough command retrieval traffic detected | No reference |
150402 | MALWARE-CNC Win.Sourdough check-in traffic detected | No reference |
150403 | MALWARE-CNC Win.Sourdough Post traffic detected | No reference |
150118 | MALWARE-CNC Servhelper check-in C2 communication traffic detected | No reference |
150112 | MALWARE-CNC APT41.Sweetcandle C2 communication traffic detected | No reference |
150113 | MALWARE-CNC Evora.Generic Check-in C2 communication traffic detected | No reference |
150110 | MALWARE-CNC APT41.Portroast beacon detected | No reference |
150111 | MALWARE-CNC APT41.Portroast beacon detected-2 | No reference |
150116 | MALWARE-CNC FIN11.Andromut check-in C2 communication traffic detected | No reference |
150117 | MALWARE-CNC Friendspeak.Generic C2 communication traffic detected | No reference |
150114 | MALWARE-CNC Fakeupdates Check-in and Response C2 communication traffic detected | No reference |
150115 | MALWARE-CNC Amadey.Beacon check-in traffic detected | No reference |
150202 | MALWARE-CNC Suspicious Windows NT version 9 User-Agent | No reference |
150203 | MALWARE-CNC Command and Control - APT37 SHUTTERSPEED Beacon Variant 1 detected | No reference |
150200 | MALWARE-CNC Command and Control - APT10 HAYMAKER check-in detected | No reference |
150201 | MALWARE-CNC Command and Control - Certutil.exe scripts | No reference |
150206 | MALWARE-CNC Command and Control - BAZARLOADER C2 traffic detected | No reference |
150207 | MALWARE-CNC Command and Control - BAZARLOADER C2 traffic Variant 2 detected | No reference |
150204 | MALWARE-CNC Command and Control - APT37 YOUNGREAD Control Variant 1 detected | No reference |
150205 | MALWARE-CNC Command and Control - APT38 RATANKBAPOS Beacon Variant 1 detected | No reference |
150208 | MALWARE-CNC Command and Control - CEELOADER C2 Beacon detected | No reference |