IPS Threat Content Update Release Notes 23.124.205
Refer to the following summary of signatures deployed on 19th June, 2023 with the IPS content release:
Total signatures: 18241
Signatures added: 43
Signatures modified: 0
Signatures removed: 1321
Signatures Added
SID | Description | Reference |
|---|---|---|
61811 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/3b2744e90fed4986b85795331edf6c3448896aa5c65f31f811783a9cb3fba96f/analysis |
61815 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/3b2744e90fed4986b85795331edf6c3448896aa5c65f31f811783a9cb3fba96f/analysis |
140878 | MALWARE-CNC Metastealer communication channel identified | No Reference |
61909 | OS-WINDOWS Microsoft Windows GDI elevation of privilege attempt | CVE-2023-29358 |
61908 | OS-WINDOWS Microsoft Windows Cloud Files Mini Filter driver elevation of privilege attempt | CVE-2023-29361 |
61852 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt | No Reference |
61850 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt | No Reference |
61809 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/3b2744e90fed4986b85795331edf6c3448896aa5c65f31f811783a9cb3fba96f/analysis |
61805 | BROWSER-CHROME Google Chrome PerformLayout use after free attempt | CVE-2022-3654 |
61807 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/3b2744e90fed4986b85795331edf6c3448896aa5c65f31f811783a9cb3fba96f/analysis |
61803 | FILE-OTHER Microsoft Visual Studio Code Markdown Preview Enhanced extension command injection attempt | CVE-2022-45025 |
61884 | MALWARE-TOOLS Win.Proxy.EarthWorm download attempt | No Reference |
61860 | MALWARE-OTHER Win.Trojan.Cerbu file download | No Reference |
61882 | INDICATOR-COMPROMISE Veeam Backup Server credential stealer script download attempt | |
61842 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt | No Reference |
61844 | MALWARE-OTHER Html.Downloader.Horabot trojan phishing attempt | No Reference |
61846 | MALWARE-CNC Win.Trojan.Horabot malicious file download attempt | No Reference |
61848 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt | No Reference |
61793 | OS-LINUX Red Hat polkit privilege escalation attempt | CVE-2021-3560 |
61827 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/53114a905b5b683bf19e39f54594dd7b01aca6f9db61e1622f3740c8ad1d5668/analysis |
61823 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/3b2744e90fed4986b85795331edf6c3448896aa5c65f31f811783a9cb3fba96f/analysis |
61912 | OS-WINDOWS Microsoft Windows User-mode Printer Driver privilege escalation attempt | CVE-2023-29371 |
61935 | MALWARE-OTHER Win.Exploit.CVE_2023_28310 download attempt | CVE-2023-28310 |
61821 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/783c7880798590218e39b5a0a594dc49f5700e7dbc8e4860f45d094f7dfdf897/analysis |
61829 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/4ebd0d8be840fb988eaf5fc6564e04374cba3fae52718e9f6defe472466e9099/analysis |
61831 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/277fb564eaf66291a48f8119bf80ff2461837efe05b10ccc9f20ef8510078dfc/analysis |
61839 | MALWARE-CNC Win.Trojan.Horabot data exfiltration attempt | No Reference |
61880 | MALWARE-CNC Win.Trojan.RedLine inbound command and control attempt | www.virustotal.com/gui/file/0795128a43b086cdc6b8a4036b318a5ba32762cc387a86b42e7211e6d3e164ad |
61819 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/783c7880798590218e39b5a0a594dc49f5700e7dbc8e4860f45d094f7dfdf897/analysis |
61879 | MALWARE-BACKDOOR Asp.Backdoor.MoveITShell download attempt | No Reference |
61871 | INDICATOR-SHELLCODE Windows Donut x64 loader download attempt | |
61873 | INDICATOR-SHELLCODE Windows Donut x86 loader download attempt | |
61877 | MALWARE-BACKDOOR Asp.Backdoor.MoveITShell connection attempt | No Reference |
61876 | MALWARE-BACKDOOR Asp.Backdoor.MoveITShell connection attempt | No Reference |
61813 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/3b2744e90fed4986b85795331edf6c3448896aa5c65f31f811783a9cb3fba96f/analysis |
61817 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/7278e6c8ef06fcfff3951aed692849833fe70c451a57e6aa97398ad5ca9ad343/analysis |
61856 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt | No Reference |
61854 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt | No Reference |
61858 | MALWARE-OTHER Ps1.Downloader.Horabot malicious file download attempt | No Reference |
61825 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download | virustotal.com/en/file/783c7880798590218e39b5a0a594dc49f5700e7dbc8e4860f45d094f7dfdf897/analysis |
61890 | MALWARE-TOOLS Win.Loader.Meterpreter download attempt | virustotal.com/gui/file/41e5181b9553bbe33d91ee204fe1d2ca321ac123f9147bb475c0ed32f9488597 |
Signatures Removed
Removed the following signatures as they were more than eight years old:
SIDS |
|---|
272, 495, 2100, 2375, 2707, 3192, 3683, 4132, 4133, 4134, 4147, 4150, 4153, 4156, 4160, 4167, 4171, 4174, 4175, 4178, 4179, 4181, 4182, 4183, 4184, 4185, 4187, 4188, 4189, 4192, 4198, 4199, 4200, 4201, 4202, 4203, 4204, 4205, 4206, 4207, 4208, 4209, 4210, 4211, 4212, 4213, 4214, 4215, 4216, 4217, 4218, 4219, 4220, 4221, 4222, 4223, 4224, 4225, 4226, 4227, 4228, 4229, 4230, 4231, 4232, 4233, 4234, 4235, 4236, 4647, 4916, 4982, 5713, 5772, 5814, 5816, 5819, 5821, 5823, 5958, 6002, 6003, 6004, 6005, |
6006, 6007, 6008, 6024, 6046, 6057, 6066, 6088, 6090, 6092, 6094, 6096, 6107, 6113, 6146, 6148, 6161, 6165, 6176, 6177, 6178, 6286, 6298, 6299, 6303, 6311, 6313, 6315, 6317, 6399, 6476, 6516, 6517, 7017, 7072, 7086, 7088, 7090, 7112, 7115, 7180, 7422, 7423, 7424, 7538, 7542, 7603, 7605, 7607, 7609, 7616, 7619, 7629, 7630, 7632, 7634, 7636, 7643, 7677, 7697, 7716, 7717, 7719, 7723, 7727, 7729, 7735, 7741, 7752, 7755, 7758, 7759, 7769, 7778, 7783, 7796, 7810, 7814, 7821, 7835, 7874, 7934, 7948, 7954, |
7970, 7976, 7989, 7991, 7993, 7995, 7997, 7999, 8001, 8003, 8005, 8007,8009, 8011, 8013, 8015, 8017, 8019, 8021, 8023, 8025, 8027, 8029, 8031, 8033, 8035, 8037, 8039, 8041, 8043, 8045, 8047, 8049, 8051, 8064, 8069, 8362, 8413, 8725, 9341, 9641, 9642, 9643, 9655, 9838, 9839, 9847, 10162, 11228, 13248, 13507, 13509, 13655, 14656, 16358, 16568, 18264, 20729, 23798, 25278, 25279, 25280, 25281, 27966, 27967, 27968, 29409, 29615, 29616, 29655, 29667, 29669, 29672, 29676, 29678, 29706, 29708, 29709, |
29711, 29716, 29717, 29721, 29724, 29726, 29727, 29728, 29731, 29733, 29735, 29737, 29741, 29743, 29760, 29835, 29902, 29904, 29928, 30079, 30080, 30106, 30108, 30110, 30111, 30116, 30118, 30120, 30122, 30123, 30125, 30127, 30129, 30131, 30140, 30142, 30144, 30499, 30501, 30536, 30794, 30847, 30876, 30892, 30948, 30956, 30961, 30962, 31008, 31011, 31015, 31017, 31021, 31023, 31188, 31190, 31196, 31198, 31202, 31204, 31206, 31215, 31219, 31284, 31351, 31353, 31380, 31382, 31384, 31388, |
31403, 31520, 31612, 31619, 31621, 31625, 31627, 31629, 31634, 31672, 31723, 31726, 31772, 31782, 31784, 31786, 31788, 31790, 31792, 31794, 31799, 31801, 31809, 31839, 31847, 31986, 32021, 32024, 32045, 32046, 32047, 32077, 32138, 32139, 32147, 32149, 32151, 32153, 32155, 32159, 32161, 32166, 32168, 32170, 32182, 32184, 32186, 32190, 32228, 32238, 32305, 32307, 32313, 32317, 32362, 32364, 32424, 32426, 32430, 32432, 32433, 32438, 32441, 32442, 32460, 32470, 32471, 32474, 32495, 32497, |
32534, 32540, 32544, 32552, 32560, 32567, 32574, 32592, 32629, 32679, 32683, 32685, 32687, 32689, 32703, 32707, 32711, 32714, 32716, 32718, 32720, 32722, 32724, 32750, 32764, 32783, 32793, 32815, 32819, 32834, 32835, 33051, 33077, 33085, 33091, 33093, 33115, 33157, 33191, 33192, 33195, 33203, 33263, 33264, 33265, 33272, 33289, 33290, 33312, 33314, 33315, 33317, 33323, 33324, 33331, 33333, 33335, 33340, 33345, 33347, 33348, 33350, 33353, 33356, 33359, 33361, 33362, 33365, 33369, 33371, |
33373, 33375, 33377, 33379, 33381, 33383, 33385, 33387, 33389, 33391, 33393, 33395, 33397, 33399, 33401, 33403, 33405, 33407, 33409, 33412, 33415, 33417, 33419, 33421, 33422, 33425, 33459, 33465, 33469, 33473, 33485, 33498, 33503, 33505, 33509, 33539, 33631, 33705, 33707, 33709, 33711, 33715, 33718, 33722, 33724, 33726, 33730, 33736, 33738, 33741, 33743, 33763, 33775, 33899, 33919, 33923, 33967, 33977, 33998, 34020, 34059, 34062, 34066, 34070, 34072, 34074, 34076, 34084, 34086, 34089, 34093, 34133, 34153, 34156, 34164, 34166, 34172, 34186, 34191, 34195, |
34196, 34197, 34198, 34199, 34200, 34201, 34202, 34203, 34240, 34247, 34255, 34256, 34264, 34265, 34268, 34270, 34272, 34276, 34302, 34355, 34371, 34381, 34383, 34385, 34387, 34389, 34400, 34401, 34403, 34409, 34411, 34415, 34419, 34420, 34422, 34424, 34428, 34430, 34432, 34437, 34440, 34444, 34466, 34473, 34502, 34510, 34511, 34514, 34516, 34520, 34524, 34526, 34538, 34542, 34546, 34548, 34550, 34553, 34557, 34559, 34561, 34582, 34589, 34590, 34592, 34650, 34652, 34721, 34723, 34725, |
34727, 34729, 34731, 34733, 34735, 34737, 34739, 34743, 34745, 34747, 34750, 34753, 34755, 34757, 34759, 34763, 34765, 34767, 34778, 34790, 34794, 34803, 34807, 34816, 34819, 34845, 34847, 34848, 34853, 34873, 34988, 35018, 35020, 35051, 35052, 35070, 35071, 35072, 35114, 35119, 35121, 35123, 35125, 35137, 35139, 35141, 35145, 35152, 35154, 35156, 35158, 35164, 35172, 35176, 35178, 35182, 35184, 35190, 35196, 35199, 35201, 35203, 35205, 35209, 35210, 35213, 35217, 35223, 35228, 35231, |
35235, 35239, 35240, 35267, 35271, 35275, 35292, 35296, 35304, 35308, 35319, 35321, 35323, 35325, 35362, 35364, 35380, 35382, 35408, 35410, 35430, 35453, 35463, 35467, 35468, 35469, 35473, 35475, 35481, 35483, 35485, 35489, 35491, 35493, 35495, 35497, 35499, 35501, 35503, 35505, 35509, 35511, 35515, 35517, 35519, 35521, 35523, 35536, 35571, 35576, 35578, 35582, 35584, 35589, 35599, 35605, 35607, 35618, 35632, 35642, 35648, 35651, 35656, 35658, 35662, 35666, 35671, 35693, 35695, 35715, |
35717, 35719, 35725, 35741, 35748, 35751, 35753, 35759, 35767, 35779, 35809, 35811, 35813, 35820, 35822, 35836, 35946, 35948, 35949, 35955, 35956, 35961, 35963, 35965, 35970, 35975, 35984, 35990, 35992, 35996, 36000, 36002, 36004, 36006, 36008, 36014, 36018, 36026, 36054, 36069, 36109, 36113, 36124, 36125, 36143, 36147, 36154, 36155, 36160, 36161, 36162, 36163, 36189, 36193, 36203, 36229, 36235, 36237, 36240, 36244, 36257, 36263, 36287, 36289, 36295, 36297, 36299, 36311, 36315, 36318, |
36321, 36341, 36347, 36351, 36352, 36367, 36371, 36398, 36401, 36421, 36423, 36427, 36429, 36437, 36439, 36441, 36443, 36450, 36507, 36512, 36549, 36551, 36574, 36582, 36586, 36590, 36597, 36605, 36671, 36673, 36675, 36679, 36681, 36683, 36685, 36687, 36689, 36691, 36693, 36695, 36697, 36699, 36701, 36703, 36705, 36707, 36709, 36712, 36714, 36716, 36720, 36722, 36737, 36738, 36740, 36742, 36746, 36751, 36761, 36827, 36836, 36838, 36842, 36844, 36848, 36850, 36852, 36861, 36873, 36875, |
36878, 36880, 36896, 36897, 36917, 36920, 36924, 36926, 36928, 36931, 36932, 36934, 36936, 36938, 36940, 36942, 36944, 36946, 36948, 36950, 36952, 36956, 36958, 36960, 36962, 36964, 36966, 36970, 36974, 36976, 36980, 36982, 36984, 36986, 36988, 36989, 36994, 36996, 36997, 36999, 37000, 37003, 37009, 37069, 37073, 37079, 37083, 37088, 37093, 37103, 37107, 37111, 37112, 37115, 37122, 37125, 37142, 37149, 37150, 37156, 37162, 37165, 37173, 37175, 37177, 37181, 37187, 37189, 37191, 37193, |
37199, 37201, 37203, 37209, 37217, 37220, 37223, 37229, 37231, 37234, 37236, 37240, 37245, 37254, 37344, 37350, 37352, 37409, 37441, 37453, 37626, 37629, 37631, 37633, 37644, 37668, 37684, 37700, 37702, 37704, 37706, 37708, 37709, 37722, 37726, 37806, 37824, 37925, 37926, 37927, 37937, 38102, 38209, 38217, 38311, 38576, 38580, 38623, 38778, 39294, 39438, 39439, 39526, 39528, 39530, 39560, 39710, 39788, 39798, 40009, |
40620, 40621, 40622, 40623, 40624, 40632, 40633, 40653, 40727, 40731, 40818, 41045, 41318, 41332, 41411, 41418, 41472, 41473, 41474, 41485, 41587, 41599, 41635, 41644, 41705, 41708, 41740, 41792, 41911, 42032, 42036, 42198, 42416, 42749, 42834, 42835, 42836, 42837, 42863, 43453, 43454, 43802, 43803, 43853, 43886, 44173, 44174, 44182, 44356, 44363, 44364, 44702, 45062, 45064, 45309, 45500, 45613, 45615, 46135, 46406, 46630, 47005, 47006, 47241, 47242, 47461, 48025, 48063, 48378, 48497, |
48498, 48823, 48824, 49048, 49091, 49092, 49312, 49324, 49361, 49374, 49583, 49585, 49805, 49900, 49902, 49917, 49941, 49950, 50121, 50171, 50276, 50277, 50278, 50387, 50388, 50389, 50520, 50521, 50800, 50947, 50948, 50950, 50951, 50952, 50953, 50954, 50955, 51025, 51081, 51163, 51309, 51368, 51857, 51858, 51860, 51864, 51865, 51943, 52079, 52100, 52288, 52517, 52661, 53142, 53400, 53401, 53631, 54279, 54280, 54281, 55802, 56223, 56290, 56391, 56406, 56407, 56574, 56768, 57235, 57236, |
57237, 57238, 57239, 57240, 57279, 57280, 57281, 57311, 57312, 57313, 57342, 57499, 57817, 57819, 57825, 57826, 57827, 57874, 57922, 57923, 57925, 57926, 57927, 57928, 57929, 57930, 57942, 57943, 57944, 57945, 57946, 57947, 57955, 57956, 57957, 57958, 57959, 57960, 57961, 57962, 57992, 57993, 57994, 57995, 57996, 58050, 58051, 58089, 58090, 58096, 58139, 58142, 58145, 58148, 58149, 58151, 58162, 58163, 58165, 58168, 58176, 58177, 58179, 58181, 58228, 58244, 58297, 58347, 58348, 58349, |
58350, 58351, 58435, 58436, 58438, 58453, 58492, 58493, 58700, 58711, 58912, 58916, 58917, 58918, 58921, 58922, 58923, 58924, 59019, 59022, 59025, 59035, 59038, 59039, 59040, 59042, 59045, 59049, 59051, 59054, 59057, 59091, 59094, 59219, 59259, 59263, 59264, 59265, 59347, 59349, 59350, 59351, 59354, 59396, 59398, 59400, 60283, 60284, 60285, 60297, 60298, 60299, 60300, 60337, 60339, 60400, 60401, 60451, 60452, 60469, 60494, 60496, 60497, 60582, 60584, 60585, 60586, 60588, 60637, 60638, |
60639, 60640, 60641, 60666, 60669, 60825, 61047, 61072, 61085, 61157, 61158, 61159, 149183, 149187, 149189, 149190, 149191, 149192, 149193, 149194, 149195, 149196, 149198, 149199, 149200 |