*********************** snort-2.9.0-enhanced open-nogpl *********************** [***] Results from Oinkmaster started Tue Apr 3 16:38:01 2018 [***] [+++] Added rules: [+++] 2025455 - ET TROJAN Win32/GandCrab Ransomware CnC Activity M2 (emerging-trojan.rules) 2025456 - ET USER_AGENTS Suspicious User-Agent (=Mozilla) (emerging-user_agents.rules) 2025457 - ET TROJAN [PTsecurity] W32/Rodecap.StealRat C2 Payload (GIF) (emerging-trojan.rules) 2025458 - ET TROJAN [PTsecurity] Win32/SocStealer.Socelars C2 Response (emerging-trojan.rules) 2025459 - ET WEB_SPECIFIC_APPS Possible CVE-2013-2618 Attempt (PHP Weathermap Persistent XSS) (emerging-web_specific_apps.rules) 2025460 - ET INFO NYU Internet HTTP/SSL Census Scan (emerging-info.rules) 2025461 - ET SCAN NYU Internet Census UA Inbound (emerging-scan.rules) [///] Modified active rules: [///] 2007994 - ET MALWARE Suspicious User-Agent (1 space) (emerging-malware.rules) 2024422 - ET CURRENT_EVENTS Amazon Phish Landing Jun 22 2017 (emerging-current_events.rules) 2024969 - ET TROJAN OceanLotus System Profiling JavaScript HTTP Request (emerging-trojan.rules) 2025005 - ET CURRENT_EVENTS Possible Successful Generic Phish Jan 14 2016 (emerging-current_events.rules) 2025451 - ET POLICY Monero Mining Pool DNS Lookup (emerging-policy.rules) 2402000 - ET DROP Dshield Block Listed Source group 1 (emerging-dshield.rules) 2402001 - ET DROP Dshield Block Listed Source group 1 (emerging-dshield.rules) 2403300 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 1 (emerging-ciarmy.rules) 2403301 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 1 (emerging-ciarmy.rules) 2403302 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 2 (emerging-ciarmy.rules) 2403303 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 2 (emerging-ciarmy.rules) 2403304 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 (emerging-ciarmy.rules) 2403305 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 3 (emerging-ciarmy.rules) 2403306 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 4 (emerging-ciarmy.rules) 2403307 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 4 (emerging-ciarmy.rules) 2403308 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 5 (emerging-ciarmy.rules) 2403309 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 5 (emerging-ciarmy.rules) 2403310 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 6 (emerging-ciarmy.rules) 2403311 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 6 (emerging-ciarmy.rules) 2403312 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 7 (emerging-ciarmy.rules) 2403313 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 7 (emerging-ciarmy.rules) 2403314 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 8 (emerging-ciarmy.rules) 2403315 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 8 (emerging-ciarmy.rules) 2403316 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 9 (emerging-ciarmy.rules) 2403317 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 9 (emerging-ciarmy.rules) 2403318 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 10 (emerging-ciarmy.rules) 2403319 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 10 (emerging-ciarmy.rules) 2403320 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 11 (emerging-ciarmy.rules) 2403321 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 11 (emerging-ciarmy.rules) 2403322 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 12 (emerging-ciarmy.rules) 2403323 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 12 (emerging-ciarmy.rules) 2403324 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 13 (emerging-ciarmy.rules) 2403325 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 13 (emerging-ciarmy.rules) 2403326 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 14 (emerging-ciarmy.rules) 2403327 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 14 (emerging-ciarmy.rules) 2403328 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 15 (emerging-ciarmy.rules) 2403329 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 15 (emerging-ciarmy.rules) 2403330 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 16 (emerging-ciarmy.rules) 2403331 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 16 (emerging-ciarmy.rules) 2403332 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 17 (emerging-ciarmy.rules) 2403333 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 17 (emerging-ciarmy.rules) 2403334 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 (emerging-ciarmy.rules) 2403335 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 (emerging-ciarmy.rules) 2403336 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 19 (emerging-ciarmy.rules) 2403337 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 19 (emerging-ciarmy.rules) 2403338 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 20 (emerging-ciarmy.rules) 2403339 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 20 (emerging-ciarmy.rules) 2403340 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 (emerging-ciarmy.rules) 2403341 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 21 (emerging-ciarmy.rules) 2403342 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 22 (emerging-ciarmy.rules) 2403343 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 22 (emerging-ciarmy.rules) 2403344 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 23 (emerging-ciarmy.rules) 2403345 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 23 (emerging-ciarmy.rules) 2403346 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 (emerging-ciarmy.rules) 2403347 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 24 (emerging-ciarmy.rules) 2403348 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 25 (emerging-ciarmy.rules) 2403349 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 25 (emerging-ciarmy.rules) 2403350 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 (emerging-ciarmy.rules) 2403351 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 (emerging-ciarmy.rules) 2403352 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 27 (emerging-ciarmy.rules) 2403353 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 27 (emerging-ciarmy.rules) 2403354 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 28 (emerging-ciarmy.rules) 2403355 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 28 (emerging-ciarmy.rules) 2403356 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 29 (emerging-ciarmy.rules) 2403357 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 29 (emerging-ciarmy.rules) 2403358 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 (emerging-ciarmy.rules) 2403359 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 30 (emerging-ciarmy.rules) 2403360 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 (emerging-ciarmy.rules) 2403361 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 31 (emerging-ciarmy.rules) 2403362 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 (emerging-ciarmy.rules) 2403363 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 32 (emerging-ciarmy.rules) 2403364 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 (emerging-ciarmy.rules) 2403365 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 33 (emerging-ciarmy.rules) 2403366 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 (emerging-ciarmy.rules) 2403367 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 34 (emerging-ciarmy.rules) 2403368 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 35 (emerging-ciarmy.rules) 2403369 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 35 (emerging-ciarmy.rules) 2403370 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 36 (emerging-ciarmy.rules) 2403371 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 36 (emerging-ciarmy.rules) 2403372 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 37 (emerging-ciarmy.rules) 2403373 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 37 (emerging-ciarmy.rules) 2403374 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 (emerging-ciarmy.rules) 2403375 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 38 (emerging-ciarmy.rules) 2403376 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 39 (emerging-ciarmy.rules) 2403377 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 39 (emerging-ciarmy.rules) 2403378 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 (emerging-ciarmy.rules) 2403379 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 40 (emerging-ciarmy.rules) 2403380 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 (emerging-ciarmy.rules) 2403381 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 41 (emerging-ciarmy.rules) 2403382 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 42 (emerging-ciarmy.rules) 2403383 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 42 (emerging-ciarmy.rules) 2403384 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 (emerging-ciarmy.rules) 2403385 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 43 (emerging-ciarmy.rules) 2403386 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 44 (emerging-ciarmy.rules) 2403387 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 44 (emerging-ciarmy.rules) 2403388 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 (emerging-ciarmy.rules) 2403389 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 45 (emerging-ciarmy.rules) 2403390 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 46 (emerging-ciarmy.rules) 2403391 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 46 (emerging-ciarmy.rules) 2403392 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 47 (emerging-ciarmy.rules) 2403393 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 47 (emerging-ciarmy.rules) 2403394 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 (emerging-ciarmy.rules) 2403395 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 48 (emerging-ciarmy.rules) 2403396 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 49 (emerging-ciarmy.rules) 2403397 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 49 (emerging-ciarmy.rules) 2403398 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 50 (emerging-ciarmy.rules) 2403399 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 50 (emerging-ciarmy.rules) 2403400 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 51 (emerging-ciarmy.rules) 2403401 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 51 (emerging-ciarmy.rules) 2403402 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 52 (emerging-ciarmy.rules) 2403403 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 52 (emerging-ciarmy.rules) 2403404 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 53 (emerging-ciarmy.rules) 2403405 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 53 (emerging-ciarmy.rules) 2403406 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 54 (emerging-ciarmy.rules) 2403407 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 54 (emerging-ciarmy.rules) 2403408 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 55 (emerging-ciarmy.rules) 2403409 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 55 (emerging-ciarmy.rules) 2403410 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 56 (emerging-ciarmy.rules) 2403411 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 56 (emerging-ciarmy.rules) 2403412 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 57 (emerging-ciarmy.rules) 2403413 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 57 (emerging-ciarmy.rules) 2403414 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 (emerging-ciarmy.rules) 2403415 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 58 (emerging-ciarmy.rules) 2403416 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 (emerging-ciarmy.rules) 2403417 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 59 (emerging-ciarmy.rules) 2403418 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 60 (emerging-ciarmy.rules) 2403419 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 60 (emerging-ciarmy.rules) 2403420 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 (emerging-ciarmy.rules) 2403421 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 61 (emerging-ciarmy.rules) 2403422 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 (emerging-ciarmy.rules) 2403423 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 62 (emerging-ciarmy.rules) 2403424 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 63 (emerging-ciarmy.rules) 2403425 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 63 (emerging-ciarmy.rules) 2403426 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 64 (emerging-ciarmy.rules) 2403427 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 64 (emerging-ciarmy.rules) 2403428 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 (emerging-ciarmy.rules) 2403429 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 (emerging-ciarmy.rules) 2403430 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 (emerging-ciarmy.rules) 2403431 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 66 (emerging-ciarmy.rules) 2403432 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 67 (emerging-ciarmy.rules) 2403433 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 67 (emerging-ciarmy.rules) 2403434 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 (emerging-ciarmy.rules) 2403435 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 68 (emerging-ciarmy.rules) 2403436 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 69 (emerging-ciarmy.rules) 2403437 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 69 (emerging-ciarmy.rules) 2403438 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 (emerging-ciarmy.rules) 2403439 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 (emerging-ciarmy.rules) 2403440 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 (emerging-ciarmy.rules) 2403441 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 71 (emerging-ciarmy.rules) 2403442 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 (emerging-ciarmy.rules) 2403443 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 72 (emerging-ciarmy.rules) 2403444 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 73 (emerging-ciarmy.rules) 2403445 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 73 (emerging-ciarmy.rules) 2403446 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 74 (emerging-ciarmy.rules) 2403447 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 74 (emerging-ciarmy.rules) 2403448 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 (emerging-ciarmy.rules) 2403449 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 75 (emerging-ciarmy.rules) 2403450 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 76 (emerging-ciarmy.rules) 2403451 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 76 (emerging-ciarmy.rules) 2403452 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 77 (emerging-ciarmy.rules) 2403453 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 77 (emerging-ciarmy.rules) 2403454 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 78 (emerging-ciarmy.rules) 2403455 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 78 (emerging-ciarmy.rules) 2403456 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 79 (emerging-ciarmy.rules) 2403457 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 79 (emerging-ciarmy.rules) 2403458 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 (emerging-ciarmy.rules) 2403459 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 80 (emerging-ciarmy.rules) 2403460 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 81 (emerging-ciarmy.rules) 2403461 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 81 (emerging-ciarmy.rules) 2403462 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 82 (emerging-ciarmy.rules) 2403463 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 82 (emerging-ciarmy.rules) 2403464 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 (emerging-ciarmy.rules) 2403465 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 (emerging-ciarmy.rules) 2403466 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 84 (emerging-ciarmy.rules) 2403467 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 84 (emerging-ciarmy.rules) 2403468 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 85 (emerging-ciarmy.rules) 2403469 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 85 (emerging-ciarmy.rules) 2403470 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 (emerging-ciarmy.rules) 2403471 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 86 (emerging-ciarmy.rules) 2403472 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 (emerging-ciarmy.rules) 2403473 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 87 (emerging-ciarmy.rules) 2403474 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 (emerging-ciarmy.rules) 2403475 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 88 (emerging-ciarmy.rules) 2403476 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 (emerging-ciarmy.rules) 2403477 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 89 (emerging-ciarmy.rules) 2403478 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 (emerging-ciarmy.rules) 2403479 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 90 (emerging-ciarmy.rules) 2403480 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 91 (emerging-ciarmy.rules) 2403481 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 91 (emerging-ciarmy.rules) 2403482 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 92 (emerging-ciarmy.rules) 2403483 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 92 (emerging-ciarmy.rules) 2403484 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 93 (emerging-ciarmy.rules) 2403485 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 93 (emerging-ciarmy.rules) 2403486 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 94 (emerging-ciarmy.rules) 2403487 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 94 (emerging-ciarmy.rules) 2403488 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 95 (emerging-ciarmy.rules) 2403489 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 95 (emerging-ciarmy.rules) 2403490 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 96 (emerging-ciarmy.rules) 2403491 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 96 (emerging-ciarmy.rules) 2403492 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 97 (emerging-ciarmy.rules) 2403493 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 97 (emerging-ciarmy.rules) 2403494 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 98 (emerging-ciarmy.rules) 2403495 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 98 (emerging-ciarmy.rules) 2403496 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 99 (emerging-ciarmy.rules) 2403497 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 99 (emerging-ciarmy.rules) 2403498 - ET CINS Active Threat Intelligence Poor Reputation IP TCP group 100 (emerging-ciarmy.rules) 2403499 - ET CINS Active Threat Intelligence Poor Reputation IP UDP group 100 (emerging-ciarmy.rules) 2405000 - ET CNC Shadowserver Reported CnC Server Port 22 Group 1 (emerging-botcc.portgrouped.rules) 2405001 - ET CNC Shadowserver Reported CnC Server Port 80 Group 1 (emerging-botcc.portgrouped.rules) 2405002 - ET CNC Shadowserver Reported CnC Server Port 81 Group 1 (emerging-botcc.portgrouped.rules) 2405003 - ET CNC Shadowserver Reported CnC Server Port 110 Group 1 (emerging-botcc.portgrouped.rules) 2405004 - ET CNC Shadowserver Reported CnC Server Port 123 Group 1 (emerging-botcc.portgrouped.rules) 2405005 - ET CNC Shadowserver Reported CnC Server Port 443 Group 1 (emerging-botcc.portgrouped.rules) 2405006 - ET CNC Shadowserver Reported CnC Server Port 1023 Group 1 (emerging-botcc.portgrouped.rules) 2405007 - ET CNC Shadowserver Reported CnC Server Port 1080 Group 1 (emerging-botcc.portgrouped.rules) 2405008 - ET CNC Shadowserver Reported CnC Server Port 1090 Group 1 (emerging-botcc.portgrouped.rules) 2405009 - ET CNC Shadowserver Reported CnC Server Port 1099 Group 1 (emerging-botcc.portgrouped.rules) 2405010 - ET CNC Shadowserver Reported CnC Server Port 1101 Group 1 (emerging-botcc.portgrouped.rules) 2405011 - ET CNC Shadowserver Reported CnC Server Port 1223 Group 1 (emerging-botcc.portgrouped.rules) 2405012 - ET CNC Shadowserver Reported CnC Server Port 1231 Group 1 (emerging-botcc.portgrouped.rules) 2405013 - ET CNC Shadowserver Reported CnC Server Port 1234 Group 1 (emerging-botcc.portgrouped.rules) 2405014 - ET CNC Shadowserver Reported CnC Server Port 1337 Group 1 (emerging-botcc.portgrouped.rules) 2405015 - ET CNC Shadowserver Reported CnC Server Port 1346 Group 1 (emerging-botcc.portgrouped.rules) 2405016 - ET CNC Shadowserver Reported CnC Server Port 1433 Group 1 (emerging-botcc.portgrouped.rules) 2405017 - ET CNC Shadowserver Reported CnC Server Port 1453 Group 1 (emerging-botcc.portgrouped.rules) 2405018 - ET CNC Shadowserver Reported CnC Server Port 1587 Group 1 (emerging-botcc.portgrouped.rules) 2405019 - ET CNC Shadowserver Reported CnC Server Port 1661 Group 1 (emerging-botcc.portgrouped.rules) 2405020 - ET CNC Shadowserver Reported CnC Server Port 1728 Group 1 (emerging-botcc.portgrouped.rules) 2405021 - ET CNC Shadowserver Reported CnC Server Port 1803 Group 1 (emerging-botcc.portgrouped.rules) 2405022 - ET CNC Shadowserver Reported CnC Server Port 1863 Group 1 (emerging-botcc.portgrouped.rules) 2405023 - ET CNC Shadowserver Reported CnC Server Port 1866 Group 1 (emerging-botcc.portgrouped.rules) 2405024 - ET CNC Shadowserver Reported CnC Server Port 1868 Group 1 (emerging-botcc.portgrouped.rules) 2405025 - ET CNC Shadowserver Reported CnC Server Port 1875 Group 1 (emerging-botcc.portgrouped.rules) 2405026 - ET CNC Shadowserver Reported CnC Server Port 1887 Group 1 (emerging-botcc.portgrouped.rules) 2405027 - ET CNC Shadowserver Reported CnC Server Port 1888 Group 1 (emerging-botcc.portgrouped.rules) 2405028 - ET CNC Shadowserver Reported CnC Server Port 1889 Group 1 (emerging-botcc.portgrouped.rules) 2405029 - ET CNC Shadowserver Reported CnC Server Port 1905 Group 1 (emerging-botcc.portgrouped.rules) 2405030 - ET CNC Shadowserver Reported CnC Server Port 1921 Group 1 (emerging-botcc.portgrouped.rules) 2405031 - ET CNC Shadowserver Reported CnC Server Port 1935 Group 1 (emerging-botcc.portgrouped.rules) 2405032 - ET CNC Shadowserver Reported CnC Server Port 1989 Group 1 (emerging-botcc.portgrouped.rules) 2405033 - ET CNC Shadowserver Reported CnC Server Port 1990 Group 1 (emerging-botcc.portgrouped.rules) 2405034 - ET CNC Shadowserver Reported CnC Server Port 1991 Group 1 (emerging-botcc.portgrouped.rules) 2405035 - ET CNC Shadowserver Reported CnC Server Port 1995 Group 1 (emerging-botcc.portgrouped.rules) 2405036 - ET CNC Shadowserver Reported CnC Server Port 1998 Group 1 (emerging-botcc.portgrouped.rules) 2405037 - ET CNC Shadowserver Reported CnC Server Port 2007 Group 1 (emerging-botcc.portgrouped.rules) 2405038 - ET CNC Shadowserver Reported CnC Server Port 2009 Group 1 (emerging-botcc.portgrouped.rules) 2405039 - ET CNC Shadowserver Reported CnC Server Port 2012 Group 1 (emerging-botcc.portgrouped.rules) 2405040 - ET CNC Shadowserver Reported CnC Server Port 2087 Group 1 (emerging-botcc.portgrouped.rules) 2405041 - ET CNC Shadowserver Reported CnC Server Port 2201 Group 1 (emerging-botcc.portgrouped.rules) 2405042 - ET CNC Shadowserver Reported CnC Server Port 2233 Group 1 (emerging-botcc.portgrouped.rules) 2405043 - ET CNC Shadowserver Reported CnC Server Port 2293 Group 1 (emerging-botcc.portgrouped.rules) 2405044 - ET CNC Shadowserver Reported CnC Server Port 2319 Group 1 (emerging-botcc.portgrouped.rules) 2405045 - ET CNC Shadowserver Reported CnC Server Port 2345 Group 1 (emerging-botcc.portgrouped.rules) 2405046 - ET CNC Shadowserver Reported CnC Server Port 2525 Group 1 (emerging-botcc.portgrouped.rules) 2405047 - ET CNC Shadowserver Reported CnC Server Port 2606 Group 1 (emerging-botcc.portgrouped.rules) 2405048 - ET CNC Shadowserver Reported CnC Server Port 2828 Group 1 (emerging-botcc.portgrouped.rules) 2405049 - ET CNC Shadowserver Reported CnC Server Port 3060 Group 1 (emerging-botcc.portgrouped.rules) 2405050 - ET CNC Shadowserver Reported CnC Server Port 3108 Group 1 (emerging-botcc.portgrouped.rules) 2405051 - ET CNC Shadowserver Reported CnC Server Port 3132 Group 1 (emerging-botcc.portgrouped.rules) 2405052 - ET CNC Shadowserver Reported CnC Server Port 3179 Group 1 (emerging-botcc.portgrouped.rules) 2405053 - ET CNC Shadowserver Reported CnC Server Port 3211 Group 1 (emerging-botcc.portgrouped.rules) 2405054 - ET CNC Shadowserver Reported CnC Server Port 3303 Group 1 (emerging-botcc.portgrouped.rules) 2405055 - ET CNC Shadowserver Reported CnC Server Port 3306 Group 1 (emerging-botcc.portgrouped.rules) 2405056 - ET CNC Shadowserver Reported CnC Server Port 3333 Group 1 (emerging-botcc.portgrouped.rules) 2405057 - ET CNC Shadowserver Reported CnC Server Port 3435 Group 1 (emerging-botcc.portgrouped.rules) 2405058 - ET CNC Shadowserver Reported CnC Server Port 3705 Group 1 (emerging-botcc.portgrouped.rules) 2405059 - ET CNC Shadowserver Reported CnC Server Port 3737 Group 1 (emerging-botcc.portgrouped.rules) 2405060 - ET CNC Shadowserver Reported CnC Server Port 3921 Group 1 (emerging-botcc.portgrouped.rules) 2405061 - ET CNC Shadowserver Reported CnC Server Port 3935 Group 1 (emerging-botcc.portgrouped.rules) 2405062 - ET CNC Shadowserver Reported CnC Server Port 4001 Group 1 (emerging-botcc.portgrouped.rules) 2405063 - ET CNC Shadowserver Reported CnC Server Port 4040 Group 1 (emerging-botcc.portgrouped.rules) 2405064 - ET CNC Shadowserver Reported CnC Server Port 4042 Group 1 (emerging-botcc.portgrouped.rules) 2405065 - ET CNC Shadowserver Reported CnC Server Port 4222 Group 1 (emerging-botcc.portgrouped.rules) 2405066 - ET CNC Shadowserver Reported CnC Server Port 4242 Group 1 (emerging-botcc.portgrouped.rules) 2405067 - ET CNC Shadowserver Reported CnC Server Port 4244 Group 1 (emerging-botcc.portgrouped.rules) 2405068 - ET CNC Shadowserver Reported CnC Server Port 4318 Group 1 (emerging-botcc.portgrouped.rules) 2405069 - ET CNC Shadowserver Reported CnC Server Port 4433 Group 1 (emerging-botcc.portgrouped.rules) 2405070 - ET CNC Shadowserver Reported CnC Server Port 4443 Group 1 (emerging-botcc.portgrouped.rules) 2405071 - ET CNC Shadowserver Reported CnC Server Port 4466 Group 1 (emerging-botcc.portgrouped.rules) 2405072 - ET CNC Shadowserver Reported CnC Server Port 4510 Group 1 (emerging-botcc.portgrouped.rules) 2405073 - ET CNC Shadowserver Reported CnC Server Port 4598 Group 1 (emerging-botcc.portgrouped.rules) 2405074 - ET CNC Shadowserver Reported CnC Server Port 4646 Group 1 (emerging-botcc.portgrouped.rules) 2405075 - ET CNC Shadowserver Reported CnC Server Port 4667 Group 1 (emerging-botcc.portgrouped.rules) 2405076 - ET CNC Shadowserver Reported CnC Server Port 4676 Group 1 (emerging-botcc.portgrouped.rules) 2405077 - ET CNC Shadowserver Reported CnC Server Port 4723 Group 1 (emerging-botcc.portgrouped.rules) 2405078 - ET CNC Shadowserver Reported CnC Server Port 4747 Group 1 (emerging-botcc.portgrouped.rules) 2405079 - ET CNC Shadowserver Reported CnC Server Port 4949 Group 1 (emerging-botcc.portgrouped.rules) 2405080 - ET CNC Shadowserver Reported CnC Server Port 5050 Group 1 (emerging-botcc.portgrouped.rules) 2405081 - ET CNC Shadowserver Reported CnC Server Port 5190 Group 1 (emerging-botcc.portgrouped.rules) 2405082 - ET CNC Shadowserver Reported CnC Server Port 5205 Group 1 (emerging-botcc.portgrouped.rules) 2405083 - ET CNC Shadowserver Reported CnC Server Port 5337 Group 1 (emerging-botcc.portgrouped.rules) 2405084 - ET CNC Shadowserver Reported CnC Server Port 5487 Group 1 (emerging-botcc.portgrouped.rules) 2405085 - ET CNC Shadowserver Reported CnC Server Port 5498 Group 1 (emerging-botcc.portgrouped.rules) 2405086 - ET CNC Shadowserver Reported CnC Server Port 5500 Group 1 (emerging-botcc.portgrouped.rules) 2405087 - ET CNC Shadowserver Reported CnC Server Port 5505 Group 1 (emerging-botcc.portgrouped.rules) 2405088 - ET CNC Shadowserver Reported CnC Server Port 5546 Group 1 (emerging-botcc.portgrouped.rules) 2405089 - ET CNC Shadowserver Reported CnC Server Port 5794 Group 1 (emerging-botcc.portgrouped.rules) 2405090 - ET CNC Shadowserver Reported CnC Server Port 5900 Group 1 (emerging-botcc.portgrouped.rules) 2405091 - ET CNC Shadowserver Reported CnC Server Port 6060 Group 1 (emerging-botcc.portgrouped.rules) 2405092 - ET CNC Shadowserver Reported CnC Server Port 6374 Group 1 (emerging-botcc.portgrouped.rules) 2405093 - ET CNC Shadowserver Reported CnC Server Port 6467 Group 1 (emerging-botcc.portgrouped.rules) 2405094 - ET CNC Shadowserver Reported CnC Server Port 6532 Group 1 (emerging-botcc.portgrouped.rules) 2405095 - ET CNC Shadowserver Reported CnC Server Port 6543 Group 1 (emerging-botcc.portgrouped.rules) 2405096 - ET CNC Shadowserver Reported CnC Server Port 6556 Group 1 (emerging-botcc.portgrouped.rules) 2405097 - ET CNC Shadowserver Reported CnC Server Port 6565 Group 1 (emerging-botcc.portgrouped.rules) 2405098 - ET CNC Shadowserver Reported CnC Server Port 6567 Group 1 (emerging-botcc.portgrouped.rules) 2405099 - ET CNC Shadowserver Reported CnC Server Port 6660 Group 1 (emerging-botcc.portgrouped.rules) 2405100 - ET CNC Shadowserver Reported CnC Server Port 6662 Group 1 (emerging-botcc.portgrouped.rules) 2405101 - ET CNC Shadowserver Reported CnC Server Port 6663 Group 1 (emerging-botcc.portgrouped.rules) 2405102 - ET CNC Shadowserver Reported CnC Server Port 6664 Group 1 (emerging-botcc.portgrouped.rules) 2405103 - ET CNC Shadowserver Reported CnC Server Port 6665 Group 1 (emerging-botcc.portgrouped.rules) 2405104 - ET CNC Shadowserver Reported CnC Server Port 6666 Group 1 (emerging-botcc.portgrouped.rules) 2405105 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 1 (emerging-botcc.portgrouped.rules) 2405106 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 2 (emerging-botcc.portgrouped.rules) 2405107 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 3 (emerging-botcc.portgrouped.rules) 2405108 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 4 (emerging-botcc.portgrouped.rules) 2405109 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 5 (emerging-botcc.portgrouped.rules) 2405110 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 6 (emerging-botcc.portgrouped.rules) 2405111 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 7 (emerging-botcc.portgrouped.rules) 2405112 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 8 (emerging-botcc.portgrouped.rules) 2405113 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 9 (emerging-botcc.portgrouped.rules) 2405114 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 10 (emerging-botcc.portgrouped.rules) 2405115 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 11 (emerging-botcc.portgrouped.rules) 2405116 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 12 (emerging-botcc.portgrouped.rules) 2405117 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 13 (emerging-botcc.portgrouped.rules) 2405118 - ET CNC Shadowserver Reported CnC Server Port 6668 Group 1 (emerging-botcc.portgrouped.rules) 2405119 - ET CNC Shadowserver Reported CnC Server Port 6669 Group 1 (emerging-botcc.portgrouped.rules) 2405120 - ET CNC Shadowserver Reported CnC Server Port 6676 Group 1 (emerging-botcc.portgrouped.rules) 2405121 - ET CNC Shadowserver Reported CnC Server Port 6677 Group 1 (emerging-botcc.portgrouped.rules) 2405122 - ET CNC Shadowserver Reported CnC Server Port 6678 Group 1 (emerging-botcc.portgrouped.rules) 2405123 - ET CNC Shadowserver Reported CnC Server Port 6680 Group 1 (emerging-botcc.portgrouped.rules) 2405124 - ET CNC Shadowserver Reported CnC Server Port 6764 Group 1 (emerging-botcc.portgrouped.rules) 2405125 - ET CNC Shadowserver Reported CnC Server Port 6768 Group 1 (emerging-botcc.portgrouped.rules) 2405126 - ET CNC Shadowserver Reported CnC Server Port 6900 Group 1 (emerging-botcc.portgrouped.rules) 2405127 - ET CNC Shadowserver Reported CnC Server Port 6969 Group 1 (emerging-botcc.portgrouped.rules) 2405128 - ET CNC Shadowserver Reported CnC Server Port 7000 Group 1 (emerging-botcc.portgrouped.rules) 2405129 - ET CNC Shadowserver Reported CnC Server Port 7001 Group 1 (emerging-botcc.portgrouped.rules) 2405130 - ET CNC Shadowserver Reported CnC Server Port 7002 Group 1 (emerging-botcc.portgrouped.rules) 2405131 - ET CNC Shadowserver Reported CnC Server Port 7007 Group 1 (emerging-botcc.portgrouped.rules) 2405132 - ET CNC Shadowserver Reported CnC Server Port 7100 Group 1 (emerging-botcc.portgrouped.rules) 2405133 - ET CNC Shadowserver Reported CnC Server Port 7193 Group 1 (emerging-botcc.portgrouped.rules) 2405134 - ET CNC Shadowserver Reported CnC Server Port 7362 Group 1 (emerging-botcc.portgrouped.rules) 2405135 - ET CNC Shadowserver Reported CnC Server Port 7493 Group 1 (emerging-botcc.portgrouped.rules) 2405136 - ET CNC Shadowserver Reported CnC Server Port 7654 Group 1 (emerging-botcc.portgrouped.rules) 2405137 - ET CNC Shadowserver Reported CnC Server Port 7665 Group 1 (emerging-botcc.portgrouped.rules) 2405138 - ET CNC Shadowserver Reported CnC Server Port 7770 Group 1 (emerging-botcc.portgrouped.rules) 2405139 - ET CNC Shadowserver Reported CnC Server Port 7771 Group 1 (emerging-botcc.portgrouped.rules) 2405140 - ET CNC Shadowserver Reported CnC Server Port 7776 Group 1 (emerging-botcc.portgrouped.rules) 2405141 - ET CNC Shadowserver Reported CnC Server Port 7777 Group 1 (emerging-botcc.portgrouped.rules) 2405142 - ET CNC Shadowserver Reported CnC Server Port 7878 Group 1 (emerging-botcc.portgrouped.rules) 2405143 - ET CNC Shadowserver Reported CnC Server Port 8000 Group 1 (emerging-botcc.portgrouped.rules) 2405144 - ET CNC Shadowserver Reported CnC Server Port 8059 Group 1 (emerging-botcc.portgrouped.rules) 2405145 - ET CNC Shadowserver Reported CnC Server Port 8067 Group 1 (emerging-botcc.portgrouped.rules) 2405146 - ET CNC Shadowserver Reported CnC Server Port 8080 Group 1 (emerging-botcc.portgrouped.rules) 2405147 - ET CNC Shadowserver Reported CnC Server Port 8089 Group 1 (emerging-botcc.portgrouped.rules) 2405148 - ET CNC Shadowserver Reported CnC Server Port 8585 Group 1 (emerging-botcc.portgrouped.rules) 2405149 - ET CNC Shadowserver Reported CnC Server Port 8718 Group 1 (emerging-botcc.portgrouped.rules) 2405150 - ET CNC Shadowserver Reported CnC Server Port 8765 Group 1 (emerging-botcc.portgrouped.rules) 2405151 - ET CNC Shadowserver Reported CnC Server Port 8778 Group 1 (emerging-botcc.portgrouped.rules) 2405152 - ET CNC Shadowserver Reported CnC Server Port 8799 Group 1 (emerging-botcc.portgrouped.rules) 2405153 - ET CNC Shadowserver Reported CnC Server Port 8879 Group 1 (emerging-botcc.portgrouped.rules) 2405154 - ET CNC Shadowserver Reported CnC Server Port 8888 Group 1 (emerging-botcc.portgrouped.rules) 2405155 - ET CNC Shadowserver Reported CnC Server Port 9000 Group 1 (emerging-botcc.portgrouped.rules) 2405156 - ET CNC Shadowserver Reported CnC Server Port 9001 Group 1 (emerging-botcc.portgrouped.rules) 2405157 - ET CNC Shadowserver Reported CnC Server Port 9111 Group 1 (emerging-botcc.portgrouped.rules) 2405158 - ET CNC Shadowserver Reported CnC Server Port 9450 Group 1 (emerging-botcc.portgrouped.rules) 2405159 - ET CNC Shadowserver Reported CnC Server Port 9475 Group 1 (emerging-botcc.portgrouped.rules) 2405160 - ET CNC Shadowserver Reported CnC Server Port 9500 Group 1 (emerging-botcc.portgrouped.rules) 2405161 - ET CNC Shadowserver Reported CnC Server Port 9592 Group 1 (emerging-botcc.portgrouped.rules) 2405162 - ET CNC Shadowserver Reported CnC Server Port 9731 Group 1 (emerging-botcc.portgrouped.rules) 2405163 - ET CNC Shadowserver Reported CnC Server Port 9841 Group 1 (emerging-botcc.portgrouped.rules) 2405164 - ET CNC Shadowserver Reported CnC Server Port 9872 Group 1 (emerging-botcc.portgrouped.rules) 2405165 - ET CNC Shadowserver Reported CnC Server Port 9898 Group 1 (emerging-botcc.portgrouped.rules) 2405166 - ET CNC Shadowserver Reported CnC Server Port 9899 Group 1 (emerging-botcc.portgrouped.rules) 2405167 - ET CNC Shadowserver Reported CnC Server Port 9900 Group 1 (emerging-botcc.portgrouped.rules) 2405168 - ET CNC Shadowserver Reported CnC Server Port 9955 Group 1 (emerging-botcc.portgrouped.rules) 2405169 - ET CNC Shadowserver Reported CnC Server Port 10324 Group 1 (emerging-botcc.portgrouped.rules) 2405170 - ET CNC Shadowserver Reported CnC Server Port 11830 Group 1 (emerging-botcc.portgrouped.rules) 2405171 - ET CNC Shadowserver Reported CnC Server Port 13001 Group 1 (emerging-botcc.portgrouped.rules) 2405172 - ET CNC Shadowserver Reported CnC Server Port 15000 Group 1 (emerging-botcc.portgrouped.rules) 2405173 - ET CNC Shadowserver Reported CnC Server Port 15474 Group 1 (emerging-botcc.portgrouped.rules) 2405174 - ET CNC Shadowserver Reported CnC Server Port 15656 Group 1 (emerging-botcc.portgrouped.rules) 2405175 - ET CNC Shadowserver Reported CnC Server Port 16667 Group 1 (emerging-botcc.portgrouped.rules) 2405176 - ET CNC Shadowserver Reported CnC Server Port 18888 Group 1 (emerging-botcc.portgrouped.rules) 2405177 - ET CNC Shadowserver Reported CnC Server Port 19899 Group 1 (emerging-botcc.portgrouped.rules) 2405178 - ET CNC Shadowserver Reported CnC Server Port 21321 Group 1 (emerging-botcc.portgrouped.rules) 2405179 - ET CNC Shadowserver Reported CnC Server Port 21333 Group 1 (emerging-botcc.portgrouped.rules) 2405180 - ET CNC Shadowserver Reported CnC Server Port 24300 Group 1 (emerging-botcc.portgrouped.rules) 2405181 - ET CNC Shadowserver Reported CnC Server Port 24430 Group 1 (emerging-botcc.portgrouped.rules) 2405182 - ET CNC Shadowserver Reported CnC Server Port 26745 Group 1 (emerging-botcc.portgrouped.rules) 2405183 - ET CNC Shadowserver Reported CnC Server Port 27034 Group 1 (emerging-botcc.portgrouped.rules) 2405184 - ET CNC Shadowserver Reported CnC Server Port 31091 Group 1 (emerging-botcc.portgrouped.rules) 2405185 - ET CNC Shadowserver Reported CnC Server Port 31092 Group 1 (emerging-botcc.portgrouped.rules) 2405186 - ET CNC Shadowserver Reported CnC Server Port 31093 Group 1 (emerging-botcc.portgrouped.rules) 2405187 - ET CNC Shadowserver Reported CnC Server Port 31902 Group 1 (emerging-botcc.portgrouped.rules) 2405188 - ET CNC Shadowserver Reported CnC Server Port 32132 Group 1 (emerging-botcc.portgrouped.rules) 2405189 - ET CNC Shadowserver Reported CnC Server Port 32164 Group 1 (emerging-botcc.portgrouped.rules) 2405190 - ET CNC Shadowserver Reported CnC Server Port 32321 Group 1 (emerging-botcc.portgrouped.rules) 2405191 - ET CNC Shadowserver Reported CnC Server Port 32322 Group 1 (emerging-botcc.portgrouped.rules) 2405192 - ET CNC Shadowserver Reported CnC Server Port 32768 Group 1 (emerging-botcc.portgrouped.rules) 2405193 - ET CNC Shadowserver Reported CnC Server Port 33333 Group 1 (emerging-botcc.portgrouped.rules) 2405194 - ET CNC Shadowserver Reported CnC Server Port 40669 Group 1 (emerging-botcc.portgrouped.rules) 2405195 - ET CNC Shadowserver Reported CnC Server Port 45351 Group 1 (emerging-botcc.portgrouped.rules) 2405196 - ET CNC Shadowserver Reported CnC Server Port 47221 Group 1 (emerging-botcc.portgrouped.rules) 2405197 - ET CNC Shadowserver Reported CnC Server Port 51115 Group 1 (emerging-botcc.portgrouped.rules) 2405198 - ET CNC Shadowserver Reported CnC Server Port 51987 Group 1 (emerging-botcc.portgrouped.rules) 2405199 - ET CNC Shadowserver Reported CnC Server Port 54321 Group 1 (emerging-botcc.portgrouped.rules) 2405200 - ET CNC Shadowserver Reported CnC Server Port 64500 Group 1 (emerging-botcc.portgrouped.rules) 2405201 - ET CNC Shadowserver Reported CnC Server Port 65267 Group 1 (emerging-botcc.portgrouped.rules) [---] Disabled and modified rules: [---] 2016104 - ET TROJAN DNS Reply for unallocated address space - Potentially Malicious 1.1.1.0/24 (emerging-trojan.rules) 2021638 - ET CURRENT_EVENTS CottonCastle/Niteris EK Landing Aug 17 2015 (emerging-current_events.rules) 2025364 - ET CURRENT_EVENTS Google Docs Phishing Landing 2018-02-15 (emerging-current_events.rules) [---] Disabled rules: [---] 2012696 - ET TROJAN FakeAV InstallInternetProtection Download (emerging-trojan.rules) 2012714 - ET TROJAN FakeAV BestAntivirus2011 Download (emerging-trojan.rules) 2012828 - ET TROJAN Win32/Rimecud download (emerging-trojan.rules) 2012839 - ET TROJAN Trojan-Downloader.Win32.Small Checkin (emerging-trojan.rules) 2012867 - ET TROJAN Clicker.Win32.AutoIt.ai Checkin (emerging-trojan.rules) 2012871 - ET TROJAN Gozi posting form data (emerging-trojan.rules) 2012908 - ET TROJAN Backdoor Win32/Begman.A Checkin (emerging-trojan.rules) 2012918 - ET TROJAN Possible TDSS Trojan GET with xxxx_ string (emerging-trojan.rules) 2012934 - ET TROJAN Generic adClicker Checkin (emerging-trojan.rules) 2012961 - ET TROJAN Trojan.Vaklik.kku Checkin Response (emerging-trojan.rules) 2013034 - ET TROJAN WebToolbar.Win32.WhenU.r Reporting (emerging-trojan.rules) 2013046 - ET TROJAN DLoader PWS Module Data Upload Activity (emerging-trojan.rules) 2013062 - ET TROJAN MacShield FakeAV CnC Communication (emerging-trojan.rules) 2013071 - ET TROJAN Dropper.MSIL.Agent.ate Checkin (emerging-trojan.rules) 2013092 - ET TROJAN VBKrypt.cmtp Login to Server (emerging-trojan.rules) 2013122 - ET TROJAN Vilsel.ayjv Checkin (aid) (emerging-trojan.rules) 2013136 - ET TROJAN FakeAV FakeAlertRena.n Checkin Response from Server (emerging-trojan.rules) 2013154 - ET TROJAN Backdoor.Win32.Gbod.dv Checkin (emerging-trojan.rules) [+++] Added non-rule lines: [+++] -> Added to emerging-ciarmy.rules (1): # Version 39159 -> Added to sid-msg.map (7): 2025455 || ET TROJAN Win32/GandCrab Ransomware CnC Activity M2 || md5,8b7d3093c477b2e99effde5065affbd5 2025456 || ET USER_AGENTS Suspicious User-Agent (=Mozilla) 2025457 || ET TROJAN [PTsecurity] W32/Rodecap.StealRat C2 Payload (GIF) 2025458 || ET TROJAN [PTsecurity] Win32/SocStealer.Socelars C2 Response 2025459 || ET WEB_SPECIFIC_APPS Possible CVE-2013-2618 Attempt (PHP Weathermap Persistent XSS) || cve,2013-2618 || url,blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-miner-distributed-via-php-weathermap-vulnerability-targets-linux-servers/ 2025460 || ET INFO NYU Internet HTTP/SSL Census Scan || url,scan.lol 2025461 || ET SCAN NYU Internet Census UA Inbound || url,scan.lol [---] Removed non-rule lines: [---] -> Removed from emerging-ciarmy.rules (1): # Version 39135 -> Removed from sid-msg.map (18): 2500094 || ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 48 || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2500095 || ET COMPROMISED Known Compromised or Hostile Host Traffic UDP group 48 || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts 2523374 || ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 688 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523375 || ET TOR Known Tor Relay/Router (Not Exit) Node UDP Traffic group 688 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523376 || ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 689 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523377 || ET TOR Known Tor Relay/Router (Not Exit) Node UDP Traffic group 689 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523378 || ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 690 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523379 || ET TOR Known Tor Relay/Router (Not Exit) Node UDP Traffic group 690 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523380 || ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 691 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523381 || ET TOR Known Tor Relay/Router (Not Exit) Node UDP Traffic group 691 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523382 || ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 692 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523383 || ET TOR Known Tor Relay/Router (Not Exit) Node UDP Traffic group 692 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523384 || ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 693 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523385 || ET TOR Known Tor Relay/Router (Not Exit) Node UDP Traffic group 693 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523386 || ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 694 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523387 || ET TOR Known Tor Relay/Router (Not Exit) Node UDP Traffic group 694 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523388 || ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 695 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523389 || ET TOR Known Tor Relay/Router (Not Exit) Node UDP Traffic group 695 || url,doc.emergingthreats.net/bin/view/Main/TorRules