Netskope Help

CTEP/IPS Threat Content Update Release Notes 95.1.2.205

Refer to the following summary of signatures deployed with the IPS content release:

  • Total signatures : 20989

  • Signatures added : 38

  • Signatures modified : 00

  • Signatures removed : 00

Signatures Added

SID

Description

Reference

150109

MALWARE-CNC APT40.Template Callout C2 connection detected

No reference

150108

MALWARE-CNC APT4.Nflog C2 Hostinfo dataleak connection detected

No reference

15010`

MALWARE-CNC Win.Trojan.Chopstick variant outbound request

No reference

150100

MALWARE-CNC TROJAN.Andromeda check-in response detected

No reference

150103

MALWARE-CNC APT28.Gamefish incoming connection detected

No reference

150102

MALWARE-CNC APT28.Dealerchoice outbound connection detected

No reference

150105

MALWARE-CNC APT34.Boostpipe beacon connection detected

No reference

150104

MALWARE-CNC APT30.Neteagle outbound connection detected

No reference

150107

MALWARE-CNC APT4.Nflog C2 checkin connection detected

No reference

150106

MALWARE-CNC APT4.Nflog C2 Beacon outbound connection detected

No reference

150302

MALWARE-CNC Command and Control AZORULT C2 Communication Variant 3

No reference

150301

MALWARE-CNC Command and Control AZORULT C2 Communication Variant 2

No reference

150306

MALWARE-CNC Command and Control CHINOTTO C2 Beacon Variant 2

No reference

150304

MALWARE-CNC Command and Control CHINOTTO C2 Beacon Variant 1

No reference

150119

MALWARE-CNC Tinymet.Generic UA check-in communication traffic detected

No reference

150404

MALWARE-CNC TEMP.Armageddon Russia-Ukraine conflict lure variant traffic detected

No reference

150401

MALWARE-CNC Win.Sourdough command retrieval traffic detected

No reference

150402

MALWARE-CNC Win.Sourdough check-in traffic detected

No reference

150403

MALWARE-CNC Win.Sourdough Post traffic detected

No reference

150118

MALWARE-CNC Servhelper check-in C2 communication traffic detected

No reference

150112

MALWARE-CNC APT41.Sweetcandle C2 communication traffic detected

No reference

150113

MALWARE-CNC Evora.Generic Check-in C2 communication traffic detected

No reference

150110

MALWARE-CNC APT41.Portroast beacon detected

No reference

150111

MALWARE-CNC APT41.Portroast beacon detected-2

No reference

150116

MALWARE-CNC FIN11.Andromut check-in C2 communication traffic detected

No reference

150117

MALWARE-CNC Friendspeak.Generic C2 communication traffic detected

No reference

150114

MALWARE-CNC Fakeupdates Check-in and Response C2 communication traffic detected

No reference

150115

MALWARE-CNC Amadey.Beacon check-in traffic detected

No reference

150202

MALWARE-CNC Suspicious Windows NT version 9 User-Agent

No reference

150203

MALWARE-CNC Command and Control - APT37 SHUTTERSPEED Beacon Variant 1 detected

No reference

150200

MALWARE-CNC Command and Control - APT10 HAYMAKER check-in detected

No reference

150201

MALWARE-CNC Command and Control - Certutil.exe scripts

No reference

150206

MALWARE-CNC Command and Control - BAZARLOADER C2 traffic detected

No reference

150207

MALWARE-CNC Command and Control - BAZARLOADER C2 traffic Variant 2 detected

No reference

150204

MALWARE-CNC Command and Control - APT37 YOUNGREAD Control Variant 1 detected

No reference

150205

MALWARE-CNC Command and Control - APT38 RATANKBAPOS Beacon Variant 1 detected

No reference

150208

MALWARE-CNC Command and Control - CEELOADER C2 Beacon detected

No reference