CTEP/IPS Threat Content Update Release Notes 95.1.2.205

CTEP/IPS Threat Content Update Release Notes 95.1.2.205

Refer to the following summary of signatures deployed with the IPS content release:

  • Signatures added : 38
  • Signatures modified : 00
  • Signatures removed : 00
Signatures Added
SIDDescriptionReference
150109 MALWARE-CNC APT40.Template Callout C2 connection detectedNo reference
150108 MALWARE-CNC APT4.Nflog C2 Hostinfo dataleak connection detectedNo reference
15010` MALWARE-CNC Win.Trojan.Chopstick variant outbound requestNo reference
150100 MALWARE-CNC TROJAN.Andromeda check-in response detectedNo reference
150103 MALWARE-CNC APT28.Gamefish incoming connection detectedNo reference
150102 MALWARE-CNC APT28.Dealerchoice outbound connection detectedNo reference
150105MALWARE-CNC APT34.Boostpipe beacon connection detectedNo reference
150104 MALWARE-CNC APT30.Neteagle outbound connection detectedNo reference
150107 MALWARE-CNC APT4.Nflog C2 checkin connection detectedNo reference
150106 MALWARE-CNC APT4.Nflog C2 Beacon outbound connection detectedNo reference
150302 MALWARE-CNC Command and Control AZORULT C2 Communication Variant 3No reference
150301 MALWARE-CNC Command and Control AZORULT C2 Communication Variant 2No reference
150306 MALWARE-CNC Command and Control CHINOTTO C2 Beacon Variant 2No reference
150304 MALWARE-CNC Command and Control CHINOTTO C2 Beacon Variant 1No reference
150119 MALWARE-CNC Tinymet.Generic UA check-in communication traffic detectedNo reference
150404 MALWARE-CNC TEMP.Armageddon Russia-Ukraine conflict lure variant traffic detectedNo reference
150401 MALWARE-CNC Win.Sourdough command retrieval traffic detectedNo reference
150402 MALWARE-CNC Win.Sourdough check-in traffic detectedNo reference
150403 MALWARE-CNC Win.Sourdough Post traffic detectedNo reference
150118 MALWARE-CNC Servhelper check-in C2 communication traffic detectedNo reference
150112 MALWARE-CNC APT41.Sweetcandle C2 communication traffic detectedNo reference
150113 MALWARE-CNC Evora.Generic Check-in C2 communication traffic detectedNo reference
150110 MALWARE-CNC APT41.Portroast beacon detectedNo reference
150111 MALWARE-CNC APT41.Portroast beacon detected-2No reference
150116 MALWARE-CNC FIN11.Andromut check-in C2 communication traffic detectedNo reference
150117 MALWARE-CNC Friendspeak.Generic C2 communication traffic detectedNo reference
150114 MALWARE-CNC Fakeupdates Check-in and Response C2 communication traffic detectedNo reference
150115 MALWARE-CNC Amadey.Beacon check-in traffic detectedNo reference
150202 MALWARE-CNC Suspicious Windows NT version 9 User-AgentNo reference
150203 MALWARE-CNC Command and Control – APT37 SHUTTERSPEED Beacon Variant 1 detectedNo reference
150200 MALWARE-CNC Command and Control – APT10 HAYMAKER check-in detectedNo reference
150201 MALWARE-CNC Command and Control – Certutil.exe scriptsNo reference
150206 MALWARE-CNC Command and Control – BAZARLOADER C2 traffic detectedNo reference
150207 MALWARE-CNC Command and Control – BAZARLOADER C2 traffic Variant 2 detectedNo reference
150204 MALWARE-CNC Command and Control – APT37 YOUNGREAD Control Variant 1 detectedNo reference
150205 MALWARE-CNC Command and Control – APT38 RATANKBAPOS Beacon Variant 1 detectedNo reference
150208 MALWARE-CNC Command and Control – CEELOADER C2 Beacon detectedNo reference
Share this Doc

CTEP/IPS Threat Content Update Release Notes 95.1.2.205

Or copy link

In this topic ...