*********************** suricata-2.0-enhanced etpro *********************** [***] Results from Oinkmaster started Tue Sep 3 18:06:55 2019 [***] [+++] Added rules: [+++] 2027940 - ET MOBILE_MALWARE Evil Eye Android Malware Beacon (mobile_malware.rules) 2027941 - ET POLICY DNS Query to a Reverse Proxy Service Observed (policy.rules) 2027942 - ET POLICY DNS Query to a Reverse Proxy Service Observed (policy.rules) 2027943 - ET POLICY DNS Query to a Reverse Proxy Service Observed (policy.rules) 2838207 - ETPRO TROJAN MSIL/AlphaStealer PWS Exfil via HTTP M2 (trojan.rules) 2838254 - ETPRO CURRENT_EVENTS Successful Yahoo Phish 2019-09-03 (current_events.rules) 2838255 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-09-03 (current_events.rules) 2838256 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-09-03 (current_events.rules) 2838257 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-09-03 (current_events.rules) 2838258 - ETPRO CURRENT_EVENTS Successful Yahoo Capital One Phish 2019-09-03 (current_events.rules) 2838259 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-09-03 (current_events.rules) 2838260 - ETPRO CURRENT_EVENTS Successful Raiffeisen Bank Phish 2019-09-03 (current_events.rules) 2838261 - ETPRO CURRENT_EVENTS Successful Banco de Oro Phish 2019-09-03 (current_events.rules) 2838262 - ETPRO CURRENT_EVENTS Successful CenturyLink Phish 2019-09-03 (current_events.rules) 2838263 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 (current_events.rules) 2838264 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 (current_events.rules) 2838265 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 (current_events.rules) 2838266 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 (current_events.rules) 2838267 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 (current_events.rules) 2838268 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-09-03 (current_events.rules) 2838269 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-09-03 (current_events.rules) 2838270 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 (current_events.rules) 2838271 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 (current_events.rules) 2838272 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 (current_events.rules) 2838273 - ETPRO TROJAN Win32/Remcos RAT Checkin 143 (trojan.rules) 2838274 - ETPRO TROJAN Win32/Remcos RAT Checkin 144 (trojan.rules) 2838275 - ETPRO TROJAN Win32/Remcos RAT Checkin 145 (trojan.rules) 2838276 - ETPRO TROJAN Win32/Remcos RAT Checkin 146 (trojan.rules) 2838277 - ETPRO TROJAN Win32/Remcos RAT Checkin 147 (trojan.rules) 2838278 - ETPRO TROJAN Win32/Remcos RAT Checkin 148 (trojan.rules) 2838279 - ETPRO TROJAN Win32/Remcos RAT Checkin 149 (trojan.rules) 2838280 - ETPRO TROJAN Win32/Remcos RAT Checkin 150 (trojan.rules) 2838281 - ETPRO TROJAN Win32/Remcos RAT Checkin 142 (trojan.rules) 2838282 - ETPRO TROJAN Gh0stCringe CnC Activity M1 (trojan.rules) 2838283 - ETPRO TROJAN Gh0stCringe CnC Activity M2 (trojan.rules) 2838284 - ETPRO TROJAN Gh0stCringe CnC Activity M3 (trojan.rules) 2838285 - ETPRO TROJAN Gh0stCringe CnC Activity M4 (trojan.rules) [///] Modified active rules: [///] 2011409 - ET DNS DNS Query for Suspicious .co.cc Domain (dns.rules) 2011802 - ET DNS DNS Lookup for localhost.DOMAIN.TLD (dns.rules) 2012176 - ET MALWARE Lookup of Malware Domain twothousands.cm Likely Infection (malware.rules) 2012826 - ET DNS DNS Query to a Suspicious *.vv.cc domain (dns.rules) 2012901 - ET DNS Query for a Suspicious *.noc.su domain (dns.rules) 2012902 - ET DNS DNS Query for a Suspicious *.be.ma domain (dns.rules) 2013016 - ET DNS DNS Query for Illegal Drug Sales Site (SilkRoad) (dns.rules) 2013023 - ET MOBILE_MALWARE DNS Query for gongfu-android.com DroidKungFu CnC Server (mobile_malware.rules) 2013124 - ET DNS DNS Query for Suspicious .co.be Domain (dns.rules) 2013480 - ET TROJAN DNS query for Morto RDP worm related domain qfsl.net (trojan.rules) 2013481 - ET TROJAN DNS query for Morto RDP worm related domain jaifr.com (trojan.rules) 2013482 - ET TROJAN DNS query for Morto RDP worm related domain jaifr.net (trojan.rules) 2013483 - ET TROJAN DNS query for Morto RDP worm related domain jifr.co.cc (trojan.rules) 2013493 - ET TROJAN DNS query for Morto RDP worm related domain qfsl.co.be (trojan.rules) 2013494 - ET TROJAN DNS query for Morto RDP worm related domain qfsl.co.cc (trojan.rules) 2013495 - ET TROJAN DNS query for Morto RDP worm related domain jifr.info (trojan.rules) 2013496 - ET TROJAN DNS query for Morto RDP worm related domain jifr.co.be (trojan.rules) 2013843 - ET INFO DNS Query to a Suspicious *.orge.pl Domain (info.rules) 2013845 - ET INFO DYNAMIC_DNS Query to a Suspicious *.ez-dns.com Domain (info.rules) 2013847 - ET DNS Query for Suspicious .net.tf Domain (dns.rules) 2013848 - ET DNS Query for Suspicious .eu.tf Domain (dns.rules) 2013849 - ET DNS Query for Suspicious .int.tf Domain (dns.rules) 2013850 - ET DNS Query for Suspicious .edu.tf Domain (dns.rules) 2013851 - ET DNS Query for Suspicious .us.tf Domain (dns.rules) 2013852 - ET DNS Query for Suspicious .ca.tf Domain (dns.rules) 2013853 - ET DNS Query for Suspicious .bg.tf Domain (dns.rules) 2013854 - ET DNS Query for Suspicious .ru.tf Domain (dns.rules) 2013855 - ET DNS Query for Suspicious .pl.tf Domain (dns.rules) 2013856 - ET DNS Query for Suspicious .cz.tf Domain (dns.rules) 2013857 - ET DNS Query for Suspicious .de.tf Domain (dns.rules) 2013858 - ET DNS Query for Suspicious .at.tf Domain (dns.rules) 2013859 - ET DNS Query for Suspicious .ch.tf Domain (dns.rules) 2013860 - ET DNS Query for Suspicious .sg.tf Domain (dns.rules) 2013861 - ET DNS Query for Suspicious .nl.ai Domain (dns.rules) 2013862 - ET DNS Query for Suspicious .xe.cx Domain (dns.rules) 2013863 - ET INFO DYNAMIC_DNS Query to a Suspicious *.dyndns-web.com Domain (info.rules) 2013970 - ET DNS Query for Suspicious .noip.cn Domain (dns.rules) 2013971 - ET INFO DYNAMIC_DNS Query for Suspicious .dyndns-at-home.com Domain (info.rules) 2014139 - ET TROJAN Query to Known CnC Domain msnsolution.nicaze.net (trojan.rules) 2014277 - ET POLICY DNS Query for try2check.me Carder Tool (policy.rules) 2014285 - ET DNS DNS Query for Suspicious .ch.vu Domain (dns.rules) 2014480 - ET INFO DYNAMIC_DNS Query to a *.4irc.com Domain (info.rules) 2014482 - ET INFO DYNAMIC_DNS Query to a *.b0ne.com Domain (info.rules) 2014486 - ET INFO DYNAMIC_DNS Query to a *.chatnook.com Domain (info.rules) 2014488 - ET INFO DYNAMIC_DNS Query to a *.darktech.org Domain (info.rules) 2014490 - ET INFO DYNAMIC_DNS Query to a *.deaftone.com Domain (info.rules) 2014494 - ET INFO DYNAMIC_DNS Query to a *.effers.com Domain (info.rules) 2014496 - ET INFO DYNAMIC_DNS Query to a *.etowns.net Domain (info.rules) 2014498 - ET INFO DYNAMIC_DNS Query to a *.etowns.org Domain (info.rules) 2014502 - ET INFO DYNAMIC_DNS Query to a *.gotgeeks.com Domain (info.rules) 2014504 - ET INFO DYNAMIC_DNS Query to a *.scieron.com Domain (info.rules) 2014506 - ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain (info.rules) 2014510 - ET INFO DYNAMIC_DNS Query to a *.suroot.com Domain (info.rules) 2014572 - ET TROJAN DNS Query for a known malware domain (regicsgf.net) (trojan.rules) 2014573 - ET TROJAN DNS Query for a known malware domain (sektori.org) (trojan.rules) 2014779 - ET INFO DYNAMIC_DNS Query to 3322.net Domain *.2288.org (info.rules) 2014781 - ET INFO DYNAMIC_DNS Query to 3322.net Domain *.3322.net (info.rules) 2014782 - ET INFO DYNAMIC_DNS Query to 3322.net Domain *.6600.org (info.rules) 2014783 - ET INFO DYNAMIC_DNS Query to 3322.net Domain *.7766.org (info.rules) 2014786 - ET INFO DYNAMIC_DNS Query to 3322.net Domain *.9966.org (info.rules) 2014868 - ET INFO DYNAMIC_DNS Query to dns-stuff.com Domain *.dns-stuff.com (info.rules) 2014939 - ET POLICY DNS Query for TOR Hidden Domain .onion Accessible Via TOR (policy.rules) 2014941 - ET POLICY TOR .exit Pseudo TLD DNS Query (policy.rules) 2015550 - ET DNS Query for a Suspicious *.upas.su domain (dns.rules) 2015597 - ET TROJAN DNS Query Gauss Domain *.gowin7.com (trojan.rules) 2015598 - ET TROJAN DNS Query Gauss Domain *.secuurity.net (trojan.rules) 2015599 - ET TROJAN DNS Query Gauss Domain *.bestcomputeradvisor.com (trojan.rules) 2015600 - ET TROJAN DNS Query Gauss Domain *.dotnetadvisor.info (trojan.rules) 2015601 - ET TROJAN DNS Query Gauss Domain *.dataspotlight.net (trojan.rules) 2015602 - ET TROJAN DNS Query Gauss Domain *.guest-access.net (trojan.rules) 2015618 - ET TROJAN DNS Query Gauss Domain *.datajunction.org (trojan.rules) 2015875 - ET TROJAN DNS Query Known Reveton Domain whatwillber.com (trojan.rules) 2016135 - ET CURRENT_EVENTS CFR DRIVEBY CVE-2012-4792 DNS Query for C2 domain (current_events.rules) 2016586 - ET CURRENT_EVENTS Query to a *.opengw.net Open VPN Relay Domain (current_events.rules) 2016600 - ET CURRENT_EVENTS DNS Query Sykipot Domain peocity.com (current_events.rules) 2016601 - ET CURRENT_EVENTS DNS Query Sykipot Domain rusview.net (current_events.rules) 2016602 - ET CURRENT_EVENTS DNS Query Sykipot Domain skyruss.net (current_events.rules) 2016603 - ET CURRENT_EVENTS DNS Query Sykipot Domain commanal.net (current_events.rules) 2016604 - ET CURRENT_EVENTS DNS Query Sykipot Domain natareport.com (current_events.rules) 2016605 - ET CURRENT_EVENTS DNS Query Sykipot Domain photogellrey.com (current_events.rules) 2016606 - ET CURRENT_EVENTS DNS Query Sykipot Domain photogalaxyzone.com (current_events.rules) 2016607 - ET CURRENT_EVENTS DNS Query Sykipot Domain insdet.com (current_events.rules) 2016608 - ET CURRENT_EVENTS DNS Query Sykipot Domain creditrept.com (current_events.rules) 2016609 - ET CURRENT_EVENTS DNS Query Sykipot Domain pollingvoter.org (current_events.rules) 2016610 - ET CURRENT_EVENTS DNS Query Sykipot Domain dfasonline.com (current_events.rules) 2016611 - ET CURRENT_EVENTS DNS Query Sykipot Domain hudsoninst.com (current_events.rules) 2016612 - ET CURRENT_EVENTS DNS Query Sykipot Domain wsurveymaster.com (current_events.rules) 2016613 - ET CURRENT_EVENTS DNS Query Sykipot Domain nhrasurvey.org (current_events.rules) 2016614 - ET CURRENT_EVENTS DNS Query Sykipot Domain pdi2012.org (current_events.rules) 2016615 - ET CURRENT_EVENTS DNS Query Sykipot Domain nceba.org (current_events.rules) 2016616 - ET CURRENT_EVENTS DNS Query Sykipot Domain linkedin-blog.com (current_events.rules) 2016617 - ET CURRENT_EVENTS DNS Query Sykipot Domain aafbonus.com (current_events.rules) 2016618 - ET CURRENT_EVENTS DNS Query Sykipot Domain milstars.org (current_events.rules) 2016619 - ET CURRENT_EVENTS DNS Query Sykipot Domain vatdex.com (current_events.rules) 2016620 - ET CURRENT_EVENTS DNS Query Sykipot Domain insightpublicaffairs.org (current_events.rules) 2016621 - ET CURRENT_EVENTS DNS Query Sykipot Domain applesea.net (current_events.rules) 2016622 - ET CURRENT_EVENTS DNS Query Sykipot Domain appledmg.net (current_events.rules) 2016623 - ET CURRENT_EVENTS DNS Query Sykipot Domain appleintouch.net (current_events.rules) 2016624 - ET CURRENT_EVENTS DNS Query Sykipot Domain seyuieyahooapis.com (current_events.rules) 2016625 - ET CURRENT_EVENTS DNS Query Sykipot Domain appledns.net (current_events.rules) 2016626 - ET CURRENT_EVENTS DNS Query Sykipot Domain emailserverctr.com (current_events.rules) 2016627 - ET CURRENT_EVENTS DNS Query Sykipot Domain dailynewsjustin.com (current_events.rules) 2016628 - ET CURRENT_EVENTS DNS Query Sykipot Domain hi-tecsolutions.org (current_events.rules) 2016629 - ET CURRENT_EVENTS DNS Query Sykipot Domain slashdoc.org (current_events.rules) 2016630 - ET CURRENT_EVENTS DNS Query Sykipot Domain photosmagnum.com (current_events.rules) 2016631 - ET CURRENT_EVENTS DNS Query Sykipot Domain resume4jobs.net (current_events.rules) 2016632 - ET CURRENT_EVENTS DNS Query Sykipot Domain searching-job.net (current_events.rules) 2016633 - ET CURRENT_EVENTS DNS Query Sykipot Domain servagency.com (current_events.rules) 2016634 - ET CURRENT_EVENTS DNS Query Sykipot Domain gsasmartpay.org (current_events.rules) 2016635 - ET CURRENT_EVENTS DNS Query Sykipot Domain tech-att.com (current_events.rules) 2016711 - ET MOBILE_MALWARE DNS Query Targeted Tibetan Android Malware C2 Domain (mobile_malware.rules) 2017312 - ET TROJAN Win32/Pift DNS TXT CnC Lookup ppidn.net (trojan.rules) 2017925 - ET POLICY External IP Lookup / Tor Checker Domain (bridges.torproject .org in DNS lookup) (policy.rules) 2018114 - ET TROJAN DNS Query for Known Chewbacca CnC Server (trojan.rules) 2018265 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018266 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018267 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018268 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018269 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018270 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018271 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018272 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018273 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018274 - ET TROJAN Perl/Calfbot C&C DNS request (trojan.rules) 2018366 - ET INFO DYNAMIC_DNS Query to a *.mrbasic.com Domain (info.rules) 2018438 - ET DNS DNS Query for vpnoverdns - indicates DNS tunnelling (dns.rules) 2018609 - ET TROJAN Likely CryptoWall .onion Proxy DNS lookup (trojan.rules) 2018679 - ET TROJAN DNS Possible User trying to visit POSHCODER.A .onion link outside of torbrowser (trojan.rules) 2018874 - ET TROJAN Tor based locker .onion Proxy DNS lookup July 31 2014 (trojan.rules) 2018875 - ET POLICY tor4u tor2web .onion Proxy DNS lookup (policy.rules) 2018876 - ET POLICY DNS Query to .onion proxy Domain (onion.cab) (policy.rules) 2018893 - ET TROJAN Zbot .onion Proxy DNS lookup July 31 2014 (trojan.rules) 2018948 - ET TROJAN Likely Synolocker .onion DNS lookup (trojan.rules) 2019123 - ET TROJAN Cryptolocker .onion Proxy Domain (erhitnwfvpgajfbu) (trojan.rules) 2019396 - ET TROJAN TorrentLocker DNS Lookup (trojan.rules) 2019519 - ET TROJAN Win32/Chanitor.A DNS Lookup (trojan.rules) 2019564 - ET TROJAN Sofacy DNS Lookup adawareblock.com (trojan.rules) 2019565 - ET TROJAN Sofacy DNS Lookup adobeincorp.com (trojan.rules) 2019566 - ET TROJAN Sofacy DNS Lookup azureon-line.com (trojan.rules) 2019567 - ET TROJAN Sofacy DNS Lookup checkmalware.info (trojan.rules) 2019568 - ET TROJAN Sofacy DNS Lookup checkwinframe.com (trojan.rules) 2019569 - ET TROJAN Sofacy DNS Lookup check-fix.com (trojan.rules) 2019570 - ET TROJAN Sofacy DNS Lookup hotfix-update.com (trojan.rules) 2019571 - ET TROJAN Sofacy DNS Lookup microsofi.org (trojan.rules) 2019572 - ET TROJAN Sofacy DNS Lookup microsof-update.com (trojan.rules) 2019573 - ET TROJAN Sofacy DNS Lookup scanmalware.info (trojan.rules) 2019574 - ET TROJAN Sofacy DNS Lookup secnetcontrol.com (trojan.rules) 2019575 - ET TROJAN Sofacy DNS Lookup securitypractic.com (trojan.rules) 2019576 - ET TROJAN Sofacy DNS Lookup symanttec.org (trojan.rules) 2019577 - ET TROJAN Sofacy DNS Lookup testservice24.net (trojan.rules) 2019578 - ET TROJAN Sofacy DNS Lookup testsnetcontrol.com (trojan.rules) 2019579 - ET TROJAN Sofacy DNS Lookup updatepc.org (trojan.rules) 2019580 - ET TROJAN Sofacy DNS Lookup updatesoftware24.com (trojan.rules) 2019581 - ET TROJAN Sofacy DNS Lookup windows-updater.com (trojan.rules) 2019582 - ET TROJAN Sofacy DNS Lookup checkmalware.org (trojan.rules) 2019586 - ET TROJAN Sofacy DNS Lookup msonlinelive.com (trojan.rules) 2019640 - ET TROJAN Sofacy DNS Lookup malwarecheck.info (trojan.rules) 2019667 - ET TROJAN OSX/WireLurker DNS Query Domain www.comeinbaby.com (trojan.rules) 2019718 - ET TROJAN OSX/WireLurker DNS Query Domain manhuaba.com.cn (trojan.rules) 2019736 - ET TROJAN Likely CryptoWall 2.0 .onion Proxy domain lookup (trojan.rules) 2019788 - ET TROJAN DNS Query for Suspicious cvredirect.no-ip.net Domain - CoinLocker Domain (trojan.rules) 2019790 - ET TROJAN DNS Query for Suspicious cvredirect.ddns.net Domain - CoinLocker Domain (trojan.rules) 2019851 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019852 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019853 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019854 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019855 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019856 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019857 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019858 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019859 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019860 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019861 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019862 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019863 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019864 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019865 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019866 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019867 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019868 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019869 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019870 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019871 - ET TROJAN DNS Query for Operation Cleaver Domain (trojan.rules) 2019909 - ET TROJAN Win32/Critroni Tor DNS Proxy lookup (trojan.rules) 2019910 - ET TROJAN DNS Query for Cloud Atlas haarmannsi.cz (trojan.rules) 2019911 - ET TROJAN DNS Query for Cloud Atlas sanygroup.co.uk (trojan.rules) 2019912 - ET TROJAN DNS Query for Cloud Atlas ecolines.es (trojan.rules) 2019913 - ET TROJAN DNS Query for Cloud Atlas blackberry-support.herokuapp.com (trojan.rules) 2019934 - ET TROJAN DNS query for Known OphionLocker Domain (trojan.rules) 2019979 - ET TROJAN Cryptolocker .onion Proxy Domain (trojan.rules) 2019981 - ET POLICY DNS Query to .onion proxy Domain (torpovider.org) (policy.rules) 2019982 - ET POLICY DNS Query to .onion proxy Domain (way2tor) (policy.rules) 2019983 - ET POLICY DNS Query to .onion proxy Domain (torgateway.org) (policy.rules) 2019984 - ET TROJAN Cryptolocker .onion Proxy Domain (trojan.rules) 2019988 - ET POLICY DNS Query for Invisible Internet Project Domain (I2P) (policy.rules) 2020035 - ET TROJAN DNS query for known Anunak APT Domain (great-codes.com) (trojan.rules) 2020036 - ET TROJAN DNS query for known Anunak APT Domain (adguard.name) (trojan.rules) 2020037 - ET TROJAN DNS query for known Anunak APT Domain (coral-trevel.com) (trojan.rules) 2020038 - ET TROJAN DNS query for known Anunak APT Domain (ddnservice10.ru) (trojan.rules) 2020039 - ET TROJAN DNS query for known Anunak APT Domain (paradise-plaza.com) (trojan.rules) 2020040 - ET TROJAN DNS query for known Anunak APT Domain (worldnewsonline.pw) (trojan.rules) 2020041 - ET TROJAN DNS query for known Anunak APT Domain (update-java.net) (trojan.rules) 2020044 - ET TROJAN TorrentLocker DNS Lookup (allwayshappy.ru) (trojan.rules) 2020045 - ET TROJAN TorrentLocker DNS Lookup (casinoroyal7.ru) (trojan.rules) 2020046 - ET TROJAN TorrentLocker DNS Lookup (cryptdomain.dp.ua) (trojan.rules) 2020047 - ET TROJAN TorrentLocker DNS Lookup (deadwalk32.ru) (trojan.rules) 2020048 - ET TROJAN TorrentLocker DNS Lookup (doubleclickads.net) (trojan.rules) 2020049 - ET TROJAN TorrentLocker DNS Lookup (it-newsblog.ru) (trojan.rules) 2020050 - ET TROJAN TorrentLocker DNS Lookup (js-static.ru) (trojan.rules) 2020051 - ET TROJAN TorrentLocker DNS Lookup (lagosadventures.com) (trojan.rules) 2020052 - ET TROJAN TorrentLocker DNS Lookup (lebanonwarrior.ru) (trojan.rules) 2020053 - ET TROJAN TorrentLocker DNS Lookup (nigerianbrothers.net) (trojan.rules) 2020054 - ET TROJAN TorrentLocker DNS Lookup (octoberpics.ru) (trojan.rules) 2020055 - ET TROJAN TorrentLocker DNS Lookup (princeofnigeria.net) (trojan.rules) 2020056 - ET TROJAN TorrentLocker DNS Lookup (royalgourp.org) (trojan.rules) 2020057 - ET TROJAN TorrentLocker DNS Lookup (server38.info) (trojan.rules) 2020058 - ET TROJAN TorrentLocker DNS Lookup (ssl-server24.ru) (trojan.rules) 2020059 - ET TROJAN TorrentLocker DNS Lookup (tweeterplanet.ru) (trojan.rules) 2020060 - ET TROJAN TorrentLocker DNS Lookup (tweeter-stat.ru) (trojan.rules) 2020061 - ET TROJAN TorrentLocker DNS Lookup (updatemyhost.ru) (trojan.rules) 2020062 - ET TROJAN TorrentLocker DNS Lookup (walkingdead32.ru) (trojan.rules) 2020063 - ET TROJAN TorrentLocker DNS Lookup (worldnews247.net) (trojan.rules) 2020066 - ET TROJAN DNS query for known Anunak APT Domain (financialnewsonline.pw) (trojan.rules) 2020107 - ET POLICY DNS Query to .onion proxy Domain (bladetor.com) (policy.rules) 2020108 - ET POLICY DNS Query to .onion proxy Domain (bonytor.com) (policy.rules) 2020109 - ET POLICY DNS Query to .onion proxy Domain (bortor.com) (policy.rules) 2020110 - ET POLICY DNS Query to .onion proxy Domain (browsetor.com) (policy.rules) 2020111 - ET POLICY DNS Query to .onion proxy Domain (door2tor.org) (policy.rules) 2020112 - ET POLICY DNS Query to .onion proxy Domain (enter2tor.com) (policy.rules) 2020113 - ET POLICY DNS Query to .onion proxy Domain (jamator.com) (policy.rules) 2020114 - ET POLICY DNS Query to .onion proxy Domain (onion2web.com) (policy.rules) 2020115 - ET POLICY DNS Query to .onion proxy Domain (onion.lt) (policy.rules) 2020117 - ET POLICY DNS Query to .onion proxy Domain (pay2tor.com) (policy.rules) 2020118 - ET POLICY DNS Query to .onion proxy Domain (pay4tor.com) (policy.rules) 2020119 - ET POLICY DNS Query to .onion proxy Domain (payrobotor.com) (policy.rules) 2020120 - ET POLICY DNS Query to .onion proxy Domain (poltornik.com) (policy.rules) 2020121 - ET POLICY DNS Query to .onion proxy Domain (slavetor.com) (policy.rules) 2020122 - ET POLICY DNS Query to .onion proxy Domain (tanktor.com) (policy.rules) 2020123 - ET POLICY DNS Query to .onion proxy Domain (tor2pay.com) (policy.rules) 2020124 - ET POLICY DNS Query to .onion proxy Domain (tor2www.com) (policy.rules) 2020125 - ET POLICY DNS Query to .onion proxy Domain (tor4life.com) (policy.rules) 2020126 - ET POLICY DNS Query to .onion proxy Domain (tor4pay.com) (policy.rules) 2020127 - ET POLICY DNS Query to .onion proxy Domain (toralpacho.com) (policy.rules) 2020128 - ET POLICY DNS Query to .onion proxy Domain (torbama.com) (policy.rules) 2020129 - ET POLICY DNS Query to .onion proxy Domain (torchek.com) (policy.rules) 2020130 - ET POLICY DNS Query to .onion proxy Domain (torexplorer.com) (policy.rules) 2020131 - ET POLICY DNS Query to .onion proxy Domain (torforlove.com) (policy.rules) 2020132 - ET POLICY DNS Query to .onion proxy Domain (torjam.com) (policy.rules) 2020133 - ET POLICY DNS Query to .onion proxy Domain (torminater.com) (policy.rules) 2020134 - ET POLICY DNS Query to .onion proxy Domain (torpacho.com) (policy.rules) 2020135 - ET POLICY DNS Query to .onion proxy Domain (torpaycash.com) (policy.rules) 2020136 - ET POLICY DNS Query to .onion proxy Domain (torpaycnf.com) (policy.rules) 2020137 - ET POLICY DNS Query to .onion proxy Domain (torpayeur.com) (policy.rules) 2020138 - ET POLICY DNS Query to .onion proxy Domain (torpayusd.com) (policy.rules) 2020139 - ET POLICY DNS Query to .onion proxy Domain (torprivatebrowsing.org) (policy.rules) 2020140 - ET POLICY DNS Query to .onion proxy Domain (torsanctions.com) (policy.rules) 2020141 - ET POLICY DNS Query to .onion proxy Domain (torsona.com) (policy.rules) 2020142 - ET POLICY DNS Query to .onion proxy Domain (torvsusd.com) (policy.rules) 2020143 - ET POLICY DNS Query to .onion proxy Domain (torwild.com) (policy.rules) 2020144 - ET POLICY DNS Query to .onion proxy Domain (torwinner.com) (policy.rules) 2020145 - ET POLICY DNS Query to .onion proxy Domain (totortoweb.com) (policy.rules) 2020146 - ET POLICY DNS Query to .onion proxy Domain (vtorchike.com) (policy.rules) 2020147 - ET POLICY DNS Query to .onion proxy Domain (walterwtor.com) (policy.rules) 2020168 - ET TROJAN Win32/Spy.Obator .onion Proxy Domain (trojan.rules) 2020171 - ET TROJAN Hong Kong SWC Attack DNS Lookup (aoemvp.com) (trojan.rules) 2020182 - ET TROJAN Cryptowall 3.0 .onion Proxy Domain (trojan.rules) 2020183 - ET POLICY DNS Query to .onion proxy Domain (torforall.com) (policy.rules) 2020184 - ET POLICY DNS Query to .onion proxy Domain (torman2.com) (policy.rules) 2020185 - ET POLICY DNS Query to .onion proxy Domain (torwoman.com) (policy.rules) 2020186 - ET POLICY DNS Query to .onion proxy Domain (torroadsters.com) (policy.rules) 2020189 - ET POLICY I2P Reseed Domain Lookup (i2p-netdb.innovatio.no) (policy.rules) 2020190 - ET POLICY I2P Reseed Domain Lookup (i2p.mooo.com) (policy.rules) 2020191 - ET POLICY I2P Reseed Domain Lookup (netdb.i2p2.no) (policy.rules) 2020192 - ET POLICY I2P Reseed Domain Lookup (reseed.i2p-projekt.de) (policy.rules) 2020193 - ET POLICY I2P Reseed Domain Lookup (uk.reseed.i2p2.no) (policy.rules) 2020194 - ET POLICY I2P Reseed Domain Lookup (us.reseed.i2p2.no) (policy.rules) 2020206 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020210 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020211 - ET POLICY DNS Query to .onion proxy Domain (onion.gq) (policy.rules) 2020213 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020226 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020228 - ET TROJAN DNS Query for Suspicious proxy1-1-1.i2p Domain - Possible CryptoWall Activity (trojan.rules) 2020229 - ET TROJAN DNS Query for Suspicious proxy2-2-2.i2p Domain - Possible CryptoWall Activity (trojan.rules) 2020230 - ET TROJAN DNS Query for Suspicious proxy3-3-3.i2p Domain - Possible CryptoWall Activity (trojan.rules) 2020231 - ET TROJAN DNS Query for Suspicious proxy4-4-4.i2p Domain - Possible CryptoWall Activity (trojan.rules) 2020232 - ET TROJAN DNS Query for Suspicious proxy5-5-5.i2p Domain - Possible CryptoWall Activity (trojan.rules) 2020244 - ET TROJAN Scieron DNS Lookup (apple.dynamic-dns.net) (trojan.rules) 2020245 - ET TROJAN Scieron DNS Lookup (autocar.ServeUser.com) (trojan.rules) 2020246 - ET TROJAN Scieron DNS Lookup (blackblog.chatnook.com) (trojan.rules) 2020247 - ET TROJAN Scieron DNS Lookup (bulldog.toh.info) (trojan.rules) 2020248 - ET TROJAN Scieron DNS Lookup (cew58e.xxxy.info) (trojan.rules) 2020249 - ET TROJAN Scieron DNS Lookup (coastnews.darktech.org) (trojan.rules) 2020250 - ET TROJAN Scieron DNS Lookup (demon.4irc.com) (trojan.rules) 2020251 - ET TROJAN Scieron DNS Lookup (dynamic.ddns.mobi) (trojan.rules) 2020252 - ET TROJAN Scieron DNS Lookup (expert.4irc.com) (trojan.rules) 2020253 - ET TROJAN Scieron DNS Lookup (football.mrbasic.com) (trojan.rules) 2020254 - ET TROJAN Scieron DNS Lookup (gjjb.flnet.org) (trojan.rules) 2020255 - ET TROJAN Scieron DNS Lookup (imirnov.ddns.info) (trojan.rules) 2020256 - ET TROJAN Scieron DNS Lookup (jingnan88.chatnook.com) (trojan.rules) 2020257 - ET TROJAN Scieron DNS Lookup (lehnjb.epac.to) (trojan.rules) 2020258 - ET TROJAN Scieron DNS Lookup (logoff.25u.com) (trojan.rules) 2020259 - ET TROJAN Scieron DNS Lookup (logoff.ddns.info) (trojan.rules) 2020260 - ET TROJAN Scieron DNS Lookup (ls910329.my03.com) (trojan.rules) 2020261 - ET TROJAN Scieron DNS Lookup (mailru.25u.com) (trojan.rules) 2020262 - ET TROJAN Scieron DNS Lookup (Markshell.etowns.net) (trojan.rules) 2020263 - ET TROJAN Scieron DNS Lookup (mydear.ddns.info) (trojan.rules) 2020264 - ET TROJAN Scieron DNS Lookup (nazgul.zyns.com) (trojan.rules) 2020265 - ET TROJAN Scieron DNS Lookup (newdyndns.scieron.com) (trojan.rules) 2020266 - ET TROJAN Scieron DNS Lookup (newoutlook.darktech.org) (trojan.rules) 2020267 - ET TROJAN Scieron DNS Lookup (photocard.4irc.com) (trojan.rules) 2020268 - ET TROJAN Scieron DNS Lookup (pricetag.deaftone.com) (trojan.rules) 2020269 - ET TROJAN Scieron DNS Lookup (rubberduck.gotgeeks.com) (trojan.rules) 2020270 - ET TROJAN Scieron DNS Lookup (shutdown.25u.com) (trojan.rules) 2020271 - ET TROJAN Scieron DNS Lookup (sorry.ns2.name) (trojan.rules) 2020272 - ET TROJAN Scieron DNS Lookup (sskill.b0ne.com) (trojan.rules) 2020273 - ET TROJAN Scieron DNS Lookup (text-First.flnet.org) (trojan.rules) 2020274 - ET TROJAN Scieron DNS Lookup (uudog.4pu.com) (trojan.rules) 2020275 - ET TROJAN Scieron DNS Lookup (will-smith.dtdns.net) (trojan.rules) 2020276 - ET TROJAN Scieron DNS Lookup (ndcinformation.acmetoy.com) (trojan.rules) 2020277 - ET TROJAN Scieron DNS Lookup (service.authorizeddns.net) (trojan.rules) 2020278 - ET TROJAN Scieron DNS Lookup (text-first.trickip.org) (trojan.rules) 2020279 - ET TROJAN Scieron DNS Lookup (yellowblog.flnet.org) (trojan.rules) 2020280 - ET TROJAN DNS Query for Suspicious crptarv4hcu24ijv Domain - CryptoWall Domains (trojan.rules) 2020281 - ET TROJAN DNS Query for Suspicious crptbfoi5i54ubez Domain - CryptoWall Domains (trojan.rules) 2020282 - ET TROJAN DNS Query for Suspicious crptcj7wd4oaafdl Domain - CryptoWall Domains (trojan.rules) 2020284 - ET TROJAN DNS Query for Suspicious tolotor.com Domain - Possible CryptoWall Activity (trojan.rules) 2020285 - ET TROJAN DNS Query for Suspicious boltotor.com Domain - Possible CryptoWall Activity (trojan.rules) 2020286 - ET TROJAN DNS Query for Suspicious bonytor2.com Domain -Possible CryptoWall Activity (trojan.rules) 2020287 - ET TROJAN DNS Query for Suspicious speecostor.com Domain -Possible CryptoWall Activity (trojan.rules) 2020357 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020358 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020359 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020360 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020361 - ET TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2020374 - ET POLICY DNS Query to .onion proxy Domain (torpaysolutions.com) (policy.rules) 2020375 - ET POLICY DNS Query to .onion proxy Domain (torpayoptions.com) (policy.rules) 2020376 - ET POLICY DNS Query to .onion proxy Domain (torinvestment2.com) (policy.rules) 2020377 - ET POLICY DNS Query to .onion proxy Domain (torwillsmith.com) (policy.rules) 2020390 - ET POLICY DNS Query to .onion proxy Domain (optionstorpay22.com) (policy.rules) 2020391 - ET POLICY DNS Query to .onion proxy Domain (bananator.com) (policy.rules) 2020395 - ET POLICY DNS Query to .onion proxy Domain (monsterbbc.com) (policy.rules) 2020400 - ET POLICY DNS Query to .onion proxy Domain (tostotor.com) (policy.rules) 2020401 - ET POLICY DNS Query to .onion proxy Domain (trusteetor.com) (policy.rules) 2020402 - ET POLICY DNS Query to .onion proxy Domain (solutionstopaytor33.com) (policy.rules) 2020404 - ET POLICY DNS Query to .onion proxy Domain (onion.am) (policy.rules) 2020405 - ET POLICY DNS Query to .onion proxy Domain (batmantor.com) (policy.rules) 2020406 - ET POLICY DNS Query to .onion proxy Domain (dogotor.com) (policy.rules) 2020417 - ET POLICY Middle Earth Illegal Marketplace Tor Hidden Service DNS Query (policy.rules) 2020430 - ET POLICY DNS Query to .onion proxy Domain (onion.city) (policy.rules) 2020444 - ET TROJAN Arid Viper APT DNS Lookup (pstcmedia.com) (trojan.rules) 2020445 - ET TROJAN Arid Viper APT DNS Lookup (mixedwork.com) (trojan.rules) 2020446 - ET TROJAN Arid Viper APT DNS Lookup (ahmedfaiez.info) (trojan.rules) 2020447 - ET TROJAN Arid Viper APT DNS Lookup (flushupdate.com) (trojan.rules) 2020448 - ET TROJAN Arid Viper APT DNS Lookup (flushupate.com) (trojan.rules) 2020449 - ET TROJAN Arid Viper APT DNS Lookup (ineltdriver.com) (trojan.rules) 2020450 - ET TROJAN Arid Viper APT DNS Lookup (mediahitech.info) (trojan.rules) 2020451 - ET TROJAN Arid Viper APT DNS Lookup (plmedgroup.com) (trojan.rules) 2020452 - ET TROJAN Arid Viper APT Advtravel Campaign DNS Lookup (advtravel.info) (trojan.rules) 2020453 - ET TROJAN Arid Viper APT Advtravel Campaign DNS Lookup (fpupdate.info) (trojan.rules) 2020454 - ET TROJAN Arid Viper APT Advtravel Campaign DNS Lookup (linksis.info) (trojan.rules) 2020458 - ET TROJAN Chanitor Variant .onion Proxy Domain (trojan.rules) 2020459 - ET TROJAN Desert Falcon APT DNS Lookup (linkedim.in) (trojan.rules) 2020461 - ET TROJAN Desert Falcon APT DNS Lookup (androcity.com) (trojan.rules) 2020462 - ET TROJAN Desert Falcon APT DNS Lookup (liptona.net) (trojan.rules) 2020464 - ET TROJAN Desert Falcon Related APT DNS Lookup (nauss-lab.com) (trojan.rules) 2020465 - ET TROJAN Desert Falcon Related APT DNS Lookup (nice-mobiles.com) (trojan.rules) 2020466 - ET TROJAN Desert Falcon Related APT DNS Lookup (facebook-emoticons.bitblogoo.com) (trojan.rules) 2020467 - ET TROJAN Desert Falcon Related APT DNS Lookup (abuhmaid.net) (trojan.rules) 2020468 - ET TROJAN Desert Falcon Related APT DNS Lookup (blogging-host.info) (trojan.rules) 2020469 - ET TROJAN Desert Falcon Related APT DNS Lookup (tvgate.rocks) (trojan.rules) 2020472 - ET TROJAN Desert Falcon APT DNS Lookup (iwork-sys.com) (trojan.rules) 2020574 - ET POLICY DNS Query to .onion proxy Domain (onion.glass) (policy.rules) 2020577 - ET POLICY DNS Query to .onion proxy Domain (onion.direct) (policy.rules) 2020581 - ET TROJAN Chanitor .onion Proxy Domain (trojan.rules) 2020615 - ET TROJAN Teerac/CryptoFortress .onion Proxy Domain (3v6e2oe5y5ruimpe) (trojan.rules) 2020616 - ET TROJAN Teerac/CryptoFortress .onion Proxy Domain (h63rbx7gkd3gygag) (trojan.rules) 2020617 - ET POLICY DNS Query to .onion Proxy Domain (connect2tor.org) (policy.rules) 2020618 - ET POLICY DNS Query to .onion proxy Domain (torstorm.org) (policy.rules) 2020619 - ET POLICY DNS Query to .onion proxy Domain (bolistatapay.com) (policy.rules) 2020620 - ET POLICY DNS Query to .onion proxy Domain (sshowmethemoney.com) (policy.rules) 2020639 - ET POLICY DNS Query to .onion proxy Domain (optionstopaytos.com) (policy.rules) 2020640 - ET POLICY DNS Query to .onion proxy Domain (cheetosnotburitos.com) (policy.rules) 2020641 - ET POLICY DNS Query to .onion proxy Domain (optionsketchupay.com) (policy.rules) 2020642 - ET POLICY DNS Query to .onion proxy Domain (solutionsaccountor.com) (policy.rules) 2020670 - ET TROJAN Cryptolocker .onion Proxy Domain (juf5pjk4sl7uojh4) (trojan.rules) 2020684 - ET TROJAN Zbot .onion Proxy Domain (trojan.rules) 2020685 - ET TROJAN Cryptolocker .onion Proxy Domain (4elcqmis624seeo7) (trojan.rules) 2020686 - ET POLICY DNS Query to .onion proxy Domain (tor4free.org) (policy.rules) 2020703 - ET POLICY DNS Query to .onion proxy Domain (tordomain.org) (policy.rules) 2020704 - ET POLICY DNS Query to .onion proxy Domain (welcome2tor.org) (policy.rules) 2020713 - ET TROJAN 9002 RAT C&C DNS request (trojan.rules) 2020727 - ET TROJAN Zbot .onion Proxy Domain (3bjpwsf3fjcwtnwx) (trojan.rules) 2020739 - ET TROJAN Chanitor .onion Proxy Domain (l7gbml27czk3kvr5) (trojan.rules) 2020740 - ET TROJAN CryptoLocker .onion Proxy Domain (iezqmd4s2fflmh7n) (trojan.rules) 2020759 - ET TROJAN Vawtrak/NeverQuest .onion Proxy Domain (otsaa35gxbcwvrqs) (trojan.rules) 2020760 - ET TROJAN Vawtrak/NeverQuest .onion Proxy Domain (4bpthx5z4e7n6gnb) (trojan.rules) 2020761 - ET TROJAN Vawtrak/NeverQuest .onion Proxy Domain (bc3ywvif4m3lnw4o) (trojan.rules) 2020762 - ET TROJAN Vawtrak/NeverQuest .onion Proxy Domain (llgerw4plyyff446) (trojan.rules) 2020814 - ET TROJAN Volatile Cedar DNS Lookup (saveweb.wink.ws) (trojan.rules) 2020815 - ET TROJAN Volatile Cedar DNS Lookup (carima2012.site90.com) (trojan.rules) 2020816 - ET TROJAN Volatile Cedar DNS Lookup (explorerdotnt.info) (trojan.rules) 2020817 - ET TROJAN Volatile Cedar DNS Lookup (dotnetexplorer.info) (trojan.rules) 2020818 - ET TROJAN Volatile Cedar DNS Lookup (dotntexplorere.info) (trojan.rules) 2020819 - ET TROJAN Volatile Cedar DNS Lookup (xploreredotnet.info) (trojan.rules) 2020820 - ET TROJAN Volatile Cedar DNS Lookup (erdotntexplore.info) (trojan.rules) 2020839 - ET TROJAN Win32/Teslacrypt Ransomware .onion domain (63ghdye17.com) (trojan.rules) 2020915 - ET TROJAN CryptoLocker .onion Proxy Domain (33p5mqkaj22irv4z) (trojan.rules) 2020942 - ET TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (tkj3higtqlvohs7z) (trojan.rules) 2020952 - ET TROJAN CryptoLocker .onion Proxy Domain (pf3tlgkpks7pu7yr) (trojan.rules) 2020953 - ET TROJAN CryptoLocker .onion Proxy Domain (v7lfogalalzc2c4d) (trojan.rules) 2020958 - ET TROJAN CryptoLocker .onion Proxy Domain (zoqowm4kzz4cvvvl) (trojan.rules) 2020959 - ET TROJAN CryptoWall .onion Proxy Domain (7oqnsnzwwnm6zb7y) (trojan.rules) 2021019 - ET TROJAN MewsSpy/NionSpy .onion Proxy Domain (z3mm6cupmtw5b2xx) (trojan.rules) 2021041 - ET TROJAN Teerac/CryptoFortress .onion Proxy Domain (cld7vqwcvn2bii67) (trojan.rules) 2021077 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (is6xsotjdy4qtgur) (trojan.rules) 2021084 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (iq3ahijcfeont3xx) (trojan.rules) 2021115 - ET TROJAN CTB-Locker .onion Proxy Domain (tlunjscxn5n76iyz) (trojan.rules) 2021163 - ET TROJAN DNS Query to TOX Ransomware onion (wdthvb6jut2rupu4) (trojan.rules) 2021164 - ET TROJAN DNS Query to TOX Ransomware onion (xwxwninkssujglja) (trojan.rules) 2021165 - ET TROJAN DNS Query to TOX Ransomware onion (7fa6gldxg64t5wnt) (trojan.rules) 2021190 - ET POLICY DNS Query to .onion proxy Domain (clusterpaytor.com) (policy.rules) 2021191 - ET POLICY DNS Query to .onion proxy Domain (statepaytor.com) (policy.rules) 2021204 - ET TROJAN DNS Query to TOX Ransomware onion (toxicola7qwv37qj) (trojan.rules) 2021252 - ET TROJAN TorrentLocker .onion Proxy Domain (zbqxpjfvltb6d62m) (trojan.rules) 2021302 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (bpq4dub4rlivvswu) (trojan.rules) 2021303 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (gzc7lj4rvmkg25dm) (trojan.rules) 2021317 - ET TROJAN Win32/Ascrirac .onion proxy Domain (5sse6j4kdaeh3yus) (trojan.rules) 2021318 - ET TROJAN Ransomware Variant .onion proxy Domain (kurrmpfx6kgmsopm) (trojan.rules) 2021319 - ET TROJAN AlphaCrypt .onion proxy Domain (tkjthigtqlvohs7z) (trojan.rules) 2021325 - ET TROJAN CryptoLocker .onion Proxy Domain (xvha2ctkacx2ug3b) (trojan.rules) 2021326 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (aa.hostasa.org) (current_events.rules) 2021327 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (ns1.hostasa.org) (current_events.rules) 2021328 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (ns2.hostasa.org) (current_events.rules) 2021329 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (ns3.hostasa.org) (current_events.rules) 2021330 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (ns4.hostasa.org) (current_events.rules) 2021331 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (gh.dsaj2a1.org) (current_events.rules) 2021332 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (navert0p.com) (current_events.rules) 2021333 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (wangzongfacai.com) (current_events.rules) 2021363 - ET TROJAN AlphaCrypt .onion Proxy Domain (djdkduep62kz4nzx) (trojan.rules) 2021409 - ET CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (gggatat456.com) (current_events.rules) 2021410 - ET CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (xxxatat456.com) (current_events.rules) 2021412 - ET MOBILE_MALWARE DNS Android/Spy.Feabme.A Query (mobile_malware.rules) 2021443 - ET CURRENT_EVENTS Likely Linux/Xorddos.F DDoS Attack Participation (v8.f1122.org) (current_events.rules) 2021444 - ET CURRENT_EVENTS Likely Linux/IptabLesX C2 Domain Lookup (GroUndHog.MapSnode.CoM) (current_events.rules) 2021534 - ET TROJAN Poshcoder .onion Proxy Domain (hlvumvvclxy2nw7j) (trojan.rules) 2021545 - ET TROJAN EncryptorRaas .onion Proxy Domain (trojan.rules) 2021547 - ET TROJAN EncryptorRaas .onion Proxy Domain (trojan.rules) 2021549 - ET TROJAN CryptoLocker .onion Proxy Domain (vacdgwaw5djp5hmu) (trojan.rules) 2021551 - ET TROJAN Critroni .onion Proxy Domain (trojan.rules) 2021561 - ET TROJAN EncryptorRaas .onion Proxy Domain (613cb6owitcouepv) (trojan.rules) 2021576 - ET TROJAN APT SuperhardCorp DNS Lookup (drometic.suroot.com) (trojan.rules) 2021577 - ET TROJAN APT SuperhardCorp DNS Lookup (docume.sysbloger.com) (trojan.rules) 2021578 - ET TROJAN APT SuperhardCorp DNS Lookup (ohio.sysbloger.com) (trojan.rules) 2021579 - ET TROJAN APT SuperhardCorp DNS Lookup (specs.dnsrd.com) (trojan.rules) 2021580 - ET TROJAN APT SuperhardCorp DNS Lookup (np3.Jkub.com) (trojan.rules) 2021581 - ET TROJAN APT SuperhardCorp DNS Lookup (ns8.ddns1.com) (trojan.rules) 2021582 - ET TROJAN APT SuperhardCorp DNS Lookup (books.mrface.com) (trojan.rules) 2021583 - ET TROJAN APT SuperhardCorp DNS Lookup (kieti.ipsecsl.net) (trojan.rules) 2021642 - ET TROJAN Ponmocup Post Infection DNS Lookup messagewild (trojan.rules) 2021691 - ET CURRENT_EVENTS Likely Linux/Tsunami DDoS Attack Participation (s-p-o-o-f-e-d.h-o-s-t.name) (current_events.rules) 2021711 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (kb63vhjuk3wh4ex7) (trojan.rules) 2021712 - ET TROJAN Careto Mask DNS Lookup (msupdate.ath.cx) (trojan.rules) 2021714 - ET TROJAN Careto Mask DNS Lookup (karpeskmon.dyndns.org) (trojan.rules) 2021715 - ET TROJAN Careto Mask DNS Lookup (isaserver.minrex.gov.cu) (trojan.rules) 2021788 - ET TROJAN Iron Tiger DNSTunnel DNS Lookup (xssok.blogspot.com) (trojan.rules) 2021792 - ET TROJAN Iron Tiger Gh0ST/PlugX/Various Backdoors DNS Lookup (gameofthrones.ddns.net) (trojan.rules) 2021793 - ET TROJAN Iron Tiger Likely PlugX DNS Lookup (chrome.servehttp.com) (trojan.rules) 2021794 - ET TROJAN Iron Tiger Backdoor.GTalkTrojan DNS Lookup (update.gtalklite.com) (trojan.rules) 2021795 - ET TROJAN Iron Tiger HTTPBrowser DNS Lookup (trendmicro-update.org) (trojan.rules) 2021806 - ET TROJAN XCodeGhost DNS Lookup (trojan.rules) 2021807 - ET TROJAN XCodeGhost DNS Lookup (trojan.rules) 2021808 - ET TROJAN XCodeGhost DNS Lookup (trojan.rules) 2021831 - ET TROJAN Naikon DNS Lookup (greensky27.vicp.net) (trojan.rules) 2021849 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (trojan.rules) 2021850 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (trojan.rules) 2021927 - ET MOBILE_MALWARE Android/Kemoge DNS Lookup (mobile_malware.rules) 2021935 - ET TROJAN Possible PlugX DNS Lookup (googlemanage.com) (trojan.rules) 2021936 - ET TROJAN Possible PlugX DNS Lookup (operaa.net) (trojan.rules) 2021960 - ET TROJAN PlugX or EvilGrab DNS Lookup (websecexp.com) (trojan.rules) 2021961 - ET TROJAN PlugX or EvilGrab DNS Lookup (appeur.gnway.cc) (trojan.rules) 2021962 - ET TROJAN PlugX DNS Lookup (mailsecurityservice.com) (trojan.rules) 2022041 - ET POLICY DNS Query to .onion proxy Domain (paypartnerstodo.com) (policy.rules) 2022042 - ET POLICY DNS Query to .onion proxy Domain (allepohelpto.com) (policy.rules) 2022043 - ET POLICY DNS Query to .onion proxy Domain (marketcryptopartners.com) (policy.rules) 2022044 - ET POLICY DNS Query to .onion proxy Domain (partnersinvestpayto.com) (policy.rules) 2022046 - ET POLICY DNS Query to .onion proxy Domain (effectwaytopay.com) (policy.rules) 2022121 - ET TROJAN Sofacy DNS Lookup (trojan.rules) 2022122 - ET TROJAN Sofacy DNS Lookup (trojan.rules) 2022136 - ET CURRENT_EVENTS Netsolhost SSL Proxying - Possible Phishing Nov 24 2015 (current_events.rules) 2022145 - ET TROJAN Critroni .onion Proxy Domain (tmclybfqzgkaeilm) (trojan.rules) 2022148 - ET TROJAN Possible CopyKittens DNS Lookup (alhadath.mobi) (trojan.rules) 2022149 - ET TROJAN Possible CopyKittens DNS Lookup (big-windowss.com) (trojan.rules) 2022150 - ET TROJAN Possible CopyKittens DNS Lookup (cacheupdate14.com) (trojan.rules) 2022151 - ET TROJAN Possible CopyKittens DNS Lookup (fbstatic-a.space) (trojan.rules) 2022152 - ET TROJAN Possible CopyKittens DNS Lookup (fbstatic-a.xyz) (trojan.rules) 2022153 - ET TROJAN Possible CopyKittens DNS Lookup (fbstatic-akamaihd.com) (trojan.rules) 2022154 - ET TROJAN Possible CopyKittens DNS Lookup (gmailtagmanager.com) (trojan.rules) 2022155 - ET TROJAN Possible CopyKittens DNS Lookup (haaretz.link) (trojan.rules) 2022156 - ET TROJAN Possible CopyKittens DNS Lookup (haaretz-news.com) (trojan.rules) 2022157 - ET TROJAN Possible CopyKittens DNS Lookup (heartax.info) (trojan.rules) 2022158 - ET TROJAN Possible CopyKittens DNS Lookup (img.gmailtagmanager.com) (trojan.rules) 2022159 - ET TROJAN Possible CopyKittens DNS Lookup (kernel4windows.in) (trojan.rules) 2022160 - ET TROJAN Possible CopyKittens DNS Lookup (main.windowskernel14.com) (trojan.rules) 2022161 - ET TROJAN Possible CopyKittens DNS Lookup (micro-windows.in) (trojan.rules) 2022162 - ET TROJAN Possible CopyKittens DNS Lookup (mswordupdate15.com) (trojan.rules) 2022163 - ET TROJAN Possible CopyKittens DNS Lookup (mswordupdate16.com) (trojan.rules) 2022164 - ET TROJAN Possible CopyKittens DNS Lookup (mswordupdate17.com) (trojan.rules) 2022165 - ET TROJAN Possible CopyKittens DNS Lookup (mywindows24.in) (trojan.rules) 2022166 - ET TROJAN Possible CopyKittens DNS Lookup (patch7-windows.com) (trojan.rules) 2022167 - ET TROJAN Possible CopyKittens DNS Lookup (patch8-windows.com) (trojan.rules) 2022168 - ET TROJAN Possible CopyKittens DNS Lookup (patchthiswindows.com) (trojan.rules) 2022169 - ET TROJAN Possible CopyKittens DNS Lookup (u.mywindows24.in) (trojan.rules) 2022170 - ET TROJAN Possible CopyKittens DNS Lookup (walla.link) (trojan.rules) 2022171 - ET TROJAN Possible CopyKittens DNS Lookup (wethearservice.com) (trojan.rules) 2022172 - ET TROJAN Possible CopyKittens DNS Lookup (wheatherserviceapi.info) (trojan.rules) 2022173 - ET TROJAN Possible CopyKittens DNS Lookup (windowkernel.com) (trojan.rules) 2022174 - ET TROJAN Possible CopyKittens DNS Lookup (windows-10patch.in) (trojan.rules) 2022175 - ET TROJAN Possible CopyKittens DNS Lookup (windows24-kernel.in) (trojan.rules) 2022176 - ET TROJAN Possible CopyKittens DNS Lookup (windows-drive20.com) (trojan.rules) 2022177 - ET TROJAN Possible CopyKittens DNS Lookup (windows-india.in) (trojan.rules) 2022178 - ET TROJAN Possible CopyKittens DNS Lookup (windowskernel.in) (trojan.rules) 2022179 - ET TROJAN Possible CopyKittens DNS Lookup (windows-kernel.in) (trojan.rules) 2022180 - ET TROJAN Possible CopyKittens DNS Lookup (windowskernel14.com) (trojan.rules) 2022181 - ET TROJAN Possible CopyKittens DNS Lookup (windowslayer.in) (trojan.rules) 2022182 - ET TROJAN Possible CopyKittens DNS Lookup (windows-my50.com) (trojan.rules) 2022183 - ET TROJAN Possible CopyKittens DNS Lookup (windowssup.in) (trojan.rules) 2022184 - ET TROJAN Possible CopyKittens DNS Lookup (windowsupup.com) (trojan.rules) 2022191 - ET TROJAN Win32/Teslacrypt .onion Proxy Domain (tw7kaqthui5ojcez) (trojan.rules) 2022236 - ET TROJAN EncryptorRaas .onion Domain (75nzutdjjtnpgscz) (trojan.rules) 2022237 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Domain (trojan.rules) 2022238 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Domain (trojan.rules) 2022272 - ET TROJAN Sakula DNS Lookup (mail.cbppnews.com) (trojan.rules) 2022273 - ET TROJAN Sakula DNS Lookup (inocnation.com) (trojan.rules) 2022314 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (czc57cr2pn3zfn4b) (trojan.rules) 2022315 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (o7zeip6us33igmgw) (trojan.rules) 2022316 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (vr6g2curb2kcidou) (trojan.rules) 2022332 - ET POLICY DNS Query to .onion proxy Domain (onion.link) (policy.rules) 2022335 - ET TROJAN ELF.MrBlack DOS.TF Malformed Lookup (/lib32/libc.so.6) (trojan.rules) 2022346 - ET TROJAN Win32/Bulta DNS Lookup (kugo.f3322.net) (trojan.rules) 2022347 - ET TROJAN Win32/Bulta DNS Lookup (yk.ftwxw.com) (trojan.rules) 2022355 - ET TROJAN EvilGrab or APT.9002 DNS Lookup (secvies.com) (trojan.rules) 2022356 - ET TROJAN TrochilusRAT DNS Lookup (security-centers.com) (trojan.rules) 2022381 - ET INFO DYNAMIC_DNS Query to a Suspicious *.dnsalias.ru Domain (info.rules) 2022382 - ET INFO DYNAMIC_DNS Query to a Suspicious *.dnsip.ru Domain (info.rules) 2022383 - ET INFO DYNAMIC_DNS Query to a Suspicious *.dyn-dns.ru Domain (info.rules) 2022384 - ET INFO DYNAMIC_DNS Query to a Suspicious *.dns-free.ru Domain (info.rules) 2022398 - ET TROJAN Cryptolocker Payment Page (4nauizsaaopuj3qj) (trojan.rules) 2022399 - ET TROJAN Cryptolocker Payment Page (aynfksddnnfwkd) (trojan.rules) 2022400 - ET TROJAN Cryptolocker Payment Page (krfdnhfnsai3d) (trojan.rules) 2022411 - ET TROJAN Scarlet Mimic DNS Lookup 1 (trojan.rules) 2022412 - ET TROJAN Scarlet Mimic DNS Lookup 2 (trojan.rules) 2022413 - ET TROJAN Scarlet Mimic DNS Lookup 3 (trojan.rules) 2022414 - ET TROJAN Scarlet Mimic DNS Lookup 4 (trojan.rules) 2022415 - ET TROJAN Scarlet Mimic DNS Lookup 5 (trojan.rules) 2022416 - ET TROJAN Scarlet Mimic DNS Lookup 6 (trojan.rules) 2022417 - ET TROJAN Scarlet Mimic DNS Lookup 7 (trojan.rules) 2022418 - ET TROJAN Scarlet Mimic DNS Lookup 8 (trojan.rules) 2022419 - ET TROJAN Scarlet Mimic DNS Lookup 9 (trojan.rules) 2022420 - ET TROJAN Scarlet Mimic DNS Lookup 10 (trojan.rules) 2022421 - ET TROJAN Scarlet Mimic DNS Lookup 11 (trojan.rules) 2022422 - ET TROJAN Scarlet Mimic DNS Lookup 12 (trojan.rules) 2022423 - ET TROJAN Scarlet Mimic DNS Lookup 13 (trojan.rules) 2022424 - ET TROJAN Scarlet Mimic DNS Lookup 14 (trojan.rules) 2022425 - ET TROJAN Scarlet Mimic DNS Lookup 15 (trojan.rules) 2022426 - ET TROJAN Scarlet Mimic DNS Lookup 16 (trojan.rules) 2022427 - ET TROJAN Scarlet Mimic DNS Lookup 17 (trojan.rules) 2022428 - ET TROJAN Scarlet Mimic DNS Lookup 18 (trojan.rules) 2022429 - ET TROJAN Scarlet Mimic DNS Lookup 19 (trojan.rules) 2022430 - ET TROJAN Scarlet Mimic DNS Lookup 20 (trojan.rules) 2022431 - ET TROJAN Scarlet Mimic DNS Lookup 21 (trojan.rules) 2022432 - ET TROJAN Scarlet Mimic DNS Lookup 22 (trojan.rules) 2022433 - ET TROJAN Scarlet Mimic DNS Lookup 23 (trojan.rules) 2022434 - ET TROJAN Scarlet Mimic DNS Lookup 24 (trojan.rules) 2022435 - ET TROJAN Scarlet Mimic DNS Lookup 25 (trojan.rules) 2022436 - ET TROJAN Scarlet Mimic DNS Lookup 26 (trojan.rules) 2022437 - ET TROJAN Scarlet Mimic DNS Lookup 27 (trojan.rules) 2022438 - ET TROJAN Scarlet Mimic DNS Lookup 28 (trojan.rules) 2022439 - ET TROJAN Scarlet Mimic DNS Lookup 29 (trojan.rules) 2022440 - ET TROJAN Scarlet Mimic DNS Lookup 30 (trojan.rules) 2022441 - ET TROJAN Scarlet Mimic DNS Lookup 31 (trojan.rules) 2022442 - ET TROJAN Scarlet Mimic DNS Lookup 32 (trojan.rules) 2022443 - ET TROJAN Scarlet Mimic DNS Lookup 33 (trojan.rules) 2022444 - ET TROJAN Scarlet Mimic DNS Lookup 34 (trojan.rules) 2022445 - ET TROJAN Scarlet Mimic DNS Lookup 35 (trojan.rules) 2022446 - ET TROJAN Scarlet Mimic DNS Lookup 36 (trojan.rules) 2022447 - ET TROJAN Scarlet Mimic DNS Lookup 37 (trojan.rules) 2022448 - ET TROJAN Scarlet Mimic DNS Lookup 38 (trojan.rules) 2022449 - ET TROJAN Scarlet Mimic DNS Lookup 39 (trojan.rules) 2022450 - ET TROJAN Scarlet Mimic DNS Lookup 40 (trojan.rules) 2022451 - ET TROJAN Scarlet Mimic DNS Lookup 41 (trojan.rules) 2022453 - ET TROJAN Scarlet Mimic DNS Lookup 43 (trojan.rules) 2022455 - ET TROJAN Scarlet Mimic DNS Lookup 45 (trojan.rules) 2022456 - ET TROJAN Scarlet Mimic DNS Lookup 46 (trojan.rules) 2022457 - ET TROJAN Scarlet Mimic DNS Lookup 47 (trojan.rules) 2022458 - ET TROJAN Scarlet Mimic DNS Lookup 48 (trojan.rules) 2022459 - ET TROJAN Scarlet Mimic DNS Lookup 49 (trojan.rules) 2022460 - ET TROJAN Scarlet Mimic DNS Lookup 50 (trojan.rules) 2022461 - ET TROJAN Scarlet Mimic DNS Lookup 44 (trojan.rules) 2022473 - ET TROJAN CustomRAT DNS lookup (trojan.rules) 2022490 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain(yez2o5lwqkmlv5lc) (trojan.rules) 2022501 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain(fwgrhsao3aoml7ej) (trojan.rules) 2022507 - ET TROJAN TeslaCrypt/AlphaCrypt Payment DNS Lookup (trojan.rules) 2022517 - ET MOBILE_MALWARE Android/Fakeinst.KD .onion Proxy Domain (mobile_malware.rules) 2022555 - ET TROJAN Linux/Tsunami DNS Request (updates.absentvodka.com) (trojan.rules) 2022556 - ET TROJAN Linux/Tsunami DNS Request (updates.mintylinux.com) (trojan.rules) 2022557 - ET TROJAN Linux/Tsunami DNS Request (eggstrawdinarry.mylittlerepo.com) (trojan.rules) 2022558 - ET TROJAN Linux/Tsunami DNS Request (linuxmint.kernel-org.org) (trojan.rules) 2022560 - ET TROJAN Ransomware Locky .onion Payment Domain (trojan.rules) 2022561 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain(xlowfznrg4wf7dli) (trojan.rules) 2022562 - ET MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy Domain (mobile_malware.rules) 2022563 - ET MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy Domain 2 (mobile_malware.rules) 2022569 - ET TROJAN PadCrypt .onion Payment Domain (trojan.rules) 2022589 - ET TROJAN Ransomware Locky .onion Payment Domain (trojan.rules) 2022590 - ET TROJAN Ransomware Locky .onion Payment Domain (trojan.rules) 2022598 - ET TROJAN OSX/KeRanger Ransomware CnC DNS Request 1 (trojan.rules) 2022599 - ET TROJAN OSX/KeRanger Ransomware CnC DNS Request 2 (trojan.rules) 2022600 - ET TROJAN OSX/KeRanger Ransomware CnC DNS Request 3 (trojan.rules) 2022601 - ET TROJAN OSX/KeRanger Ransomware CnC DNS Request 4 (trojan.rules) 2022610 - ET TROJAN Scarlet Mimic DNS Lookup 45 (trojan.rules) 2022611 - ET TROJAN Scarlet Mimic DNS Lookup 46 (trojan.rules) 2022612 - ET TROJAN Scarlet Mimic DNS Lookup 47 (trojan.rules) 2022614 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain(k7tlx3ghr3m4n2tu) (trojan.rules) 2022626 - ET TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2022634 - ET TROJAN Maktub Locker Payment Domain (trojan.rules) 2022641 - ET POLICY DNS Query to a *.ngrok domain (ngrok.com) (policy.rules) 2022642 - ET POLICY DNS Query to a *.ngrok domain (ngrok.io) (policy.rules) 2022643 - ET POLICY DNS Query to a *.neokred domain - Likely Hostile (policy.rules) 2022644 - ET POLICY DNS Query to .onion proxy Domain (torgate.es) (policy.rules) 2022645 - ET POLICY DNS Query to .onion proxy Domain (tormaster.fr) (policy.rules) 2022646 - ET POLICY DNS Query to .onion proxy Domain (torgateway.li) (policy.rules) 2022660 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky Payment) (trojan.rules) 2022661 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TeslaCrypt Payment) (trojan.rules) 2022662 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker Payment) (trojan.rules) 2022663 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky Payment) (trojan.rules) 2022664 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker Payment) (trojan.rules) 2022675 - ET TROJAN Ransomware/Coverton Onion Domain Lookup (trojan.rules) 2022680 - ET TROJAN Ransomware Locky Possible Payment Page (trojan.rules) 2022711 - ET TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain(xzjvzkgjxebzreap) (trojan.rules) 2022728 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker Payment) (trojan.rules) 2022747 - ET TROJAN Unknown PowerShell Loader DNS Lookup (spl.noip.me) (trojan.rules) 2022753 - ET TROJAN PoisonIvy SPIVY DNS Lookup (leeh0m.org) (trojan.rules) 2022761 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2022764 - ET TROJAN Retefe Banker .onion Domain (trojan.rules) 2022765 - ET TROJAN Retefe Banker .onion Domain (trojan.rules) 2022766 - ET TROJAN Retefe Banker .onion Domain (trojan.rules) 2022767 - ET TROJAN Retefe Banker .onion Domain (trojan.rules) 2022768 - ET TROJAN Retefe Banker .onion Domain (trojan.rules) 2022777 - ET TROJAN ABUSE.CH Ransomware Domain Detected (trojan.rules) 2022778 - ET TROJAN ABUSE.CH Locky Domain (trojan.rules) 2022780 - ET TROJAN Backdoor.Darpapox/Jaku CNAME CnC Beacon (WinVer 5.0) (trojan.rules) 2022781 - ET TROJAN Backdoor.Darpapox/Jaku CNAME CnC Beacon (WinVer 5.1) (trojan.rules) 2022782 - ET TROJAN Backdoor.Darpapox/Jaku CNAME CnC Beacon (WinVer 5.2) (trojan.rules) 2022783 - ET TROJAN Backdoor.Darpapox/Jaku CNAME CnC Beacon (WinVer 6.0) (trojan.rules) 2022784 - ET TROJAN Backdoor.Darpapox/Jaku CNAME CnC Beacon (WinVer 6.1) (trojan.rules) 2022785 - ET TROJAN Backdoor.Darpapox/Jaku CNAME CnC Beacon (WinVer 6.2) (trojan.rules) 2022786 - ET TROJAN Backdoor.Darpapox/Jaku CNAME CnC Beacon (WinVer 6.3) (trojan.rules) 2022787 - ET TROJAN Backdoor.Darpapox/Jaku CNAME CnC Beacon (WinVer 10.0) (trojan.rules) 2022798 - ET TROJAN SHUJIN .onion Payment Page (trojan.rules) 2022800 - ET TROJAN ABUSE.CH Cryptolocker Payment Page (de2nuvwegoo32oqv) (trojan.rules) 2022806 - ET TROJAN Ransomware Locky .onion Payment Domain (hw5qrh6fxv2tnaqn) (trojan.rules) 2022817 - ET TROJAN Ransomware Locky .onion Payment Domain (eqrvbczir5ua2emd) (trojan.rules) 2022831 - ET TROJAN Hidden-Tear Ransomware Variant (.bloccato) DNS Request to CnC Domain (trojan.rules) 2022835 - ET TROJAN PowerShell/Agent.A DNS Lookup (go0gIe.com) (trojan.rules) 2022843 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2022870 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2022876 - ET INFO DYNAMIC_DNS Query to a Suspicious dynapoint.pw Domain (info.rules) 2022917 - ET TROJAN Ransomware Locky .onion Payment Domain (mphtadhci5mrdlju) (trojan.rules) 2022947 - ET TROJAN BartCrypt Payment DNS Query to .onion proxy Domain (khh5cmzh5q7yp7th) (trojan.rules) 2022950 - ET TROJAN OSX/Keydnap DNS Query to CnC (trojan.rules) 2022951 - ET TROJAN OSX/Keydnap DNS Query to CnC (trojan.rules) 2022975 - ET MOBILE_MALWARE DNS Trojan-Banker.AndroidOS.Marcher.i Query (mobile_malware.rules) 2022999 - ET TROJAN ABUSE.CH Ransomware Domain Detected (trojan.rules) 2023000 - ET TROJAN ABUSE.CH Ransomware Domain Detected (trojan.rules) 2023001 - ET TROJAN ABUSE.CH Ransomware Domain Detected (trojan.rules) 2023002 - ET TROJAN ABUSE.CH Ransomware Domain Detected (trojan.rules) 2023003 - ET TROJAN ABUSE.CH Ransomware Domain Detected (trojan.rules) 2023004 - ET TROJAN ABUSE.CH Ransomware Domain Detected (trojan.rules) 2023020 - ET TROJAN ProjectSauron Remsec DNS Lookup (rapidcomments.com) (trojan.rules) 2023021 - ET TROJAN ProjectSauron Remsec DNS Lookup (bikessport.com) (trojan.rules) 2023022 - ET TROJAN ProjectSauron Remsec DNS Lookup (myhomemusic. com) (trojan.rules) 2023023 - ET TROJAN ProjectSauron Remsec DNS Lookup (flowershop22.110mb.com) (trojan.rules) 2023024 - ET TROJAN ProjectSauron Remsec DNS Lookup (wildhorses.awardspace.info) (trojan.rules) 2023059 - ET TROJAN DarkHotel DNS Lookup (apply-wsu.ebizx.net) (trojan.rules) 2023060 - ET TROJAN DarkHotel DNS Lookup (apply.ebizx.net) (trojan.rules) 2023084 - ET TROJAN Ransomware Locky .onion Payment Domain (5n7y4yihirccftc5) (trojan.rules) 2023093 - ET TROJAN Possible Pegasus Related DNS Lookup (aalaan .tv) (trojan.rules) 2023094 - ET TROJAN Possible Pegasus Related DNS Lookup (accounts .mx) (trojan.rules) 2023095 - ET TROJAN Possible Pegasus Related DNS Lookup (adjust-local-settings .com) (trojan.rules) 2023096 - ET TROJAN Possible Pegasus Related DNS Lookup (alawaeltech .com) (trojan.rules) 2023097 - ET TROJAN Possible Pegasus Related DNS Lookup (alljazeera .co) (trojan.rules) 2023098 - ET TROJAN Possible Pegasus Related DNS Lookup (asrararabiya .co) (trojan.rules) 2023099 - ET TROJAN Possible Pegasus Related DNS Lookup (asrararablya .com) (trojan.rules) 2023100 - ET TROJAN Possible Pegasus Related DNS Lookup (asrarrarabiya .com) (trojan.rules) 2023101 - ET TROJAN Possible Pegasus Related DNS Lookup (bahrainsms .co) (trojan.rules) 2023102 - ET TROJAN Possible Pegasus Related DNS Lookup (bbc-africa .com) (trojan.rules) 2023103 - ET TROJAN Possible Pegasus Related DNS Lookup (bulbazaur .com) (trojan.rules) 2023104 - ET TROJAN Possible Pegasus Related DNS Lookup (checkinonlinehere .com) (trojan.rules) 2023105 - ET TROJAN Possible Pegasus Related DNS Lookup (cnn-africa .co) (trojan.rules) 2023106 - ET TROJAN Possible Pegasus Related DNS Lookup (damanhealth .online) (trojan.rules) 2023107 - ET TROJAN Possible Pegasus Related DNS Lookup (emiratesfoundation .net) (trojan.rules) 2023108 - ET TROJAN Possible Pegasus Related DNS Lookup (fb-accounts .com) (trojan.rules) 2023109 - ET TROJAN Possible Pegasus Related DNS Lookup (googleplay-store .com) (trojan.rules) 2023110 - ET TROJAN Possible Pegasus Related DNS Lookup (icloudcacher .com) (trojan.rules) 2023111 - ET TROJAN Possible Pegasus Related DNS Lookup (icrcworld .com) (trojan.rules) 2023112 - ET TROJAN Possible Pegasus Related DNS Lookup (manoraonline .net) (trojan.rules) 2023113 - ET TROJAN Possible Pegasus Related DNS Lookup (mz-vodacom .info) (trojan.rules) 2023114 - ET TROJAN Possible Pegasus Related DNS Lookup (newtarrifs .net) (trojan.rules) 2023115 - ET TROJAN Possible Pegasus Related DNS Lookup (ooredoodeals .com) (trojan.rules) 2023116 - ET TROJAN Possible Pegasus Related DNS Lookup (pickuchu .com) (trojan.rules) 2023117 - ET TROJAN Possible Pegasus Related DNS Lookup (redcrossworld .com) (trojan.rules) 2023118 - ET TROJAN Possible Pegasus Related DNS Lookup (sabafon .info) (trojan.rules) 2023119 - ET TROJAN Possible Pegasus Related DNS Lookup (smser .net) (trojan.rules) 2023120 - ET TROJAN Possible Pegasus Related DNS Lookup (sms .webadv.co) (trojan.rules) 2023121 - ET TROJAN Possible Pegasus Related DNS Lookup (topcontactco .com) (trojan.rules) 2023122 - ET TROJAN Possible Pegasus Related DNS Lookup (tpcontact .co.uk) (trojan.rules) 2023123 - ET TROJAN Possible Pegasus Related DNS Lookup (track-your-fedex-package .org) (trojan.rules) 2023124 - ET TROJAN Possible Pegasus Related DNS Lookup (turkeynewsupdates .com) (trojan.rules) 2023125 - ET TROJAN Possible Pegasus Related DNS Lookup (turkishairines .info) (trojan.rules) 2023126 - ET TROJAN Possible Pegasus Related DNS Lookup (uaenews .online) (trojan.rules) 2023127 - ET TROJAN Possible Pegasus Related DNS Lookup (univision .click) (trojan.rules) 2023128 - ET TROJAN Possible Pegasus Related DNS Lookup (unonoticias .net) (trojan.rules) 2023129 - ET TROJAN Possible Pegasus Related DNS Lookup (whatsapp-app .com) (trojan.rules) 2023130 - ET TROJAN Possible Pegasus Related DNS Lookup (y0utube .com.mx) (trojan.rules) 2023142 - ET TROJAN TorrentLocker DNS Lookup (bigcrashcar.net) (trojan.rules) 2023154 - ET TROJAN BartCrypt Payment DNS Query to .onion proxy Domain (s3clm4lufbmfhmeb) (trojan.rules) 2023178 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2023179 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2023227 - ET WEB_SERVER DNS Query for Suspicious 33db9538.com Domain - Anuna Checkin - Compromised PHP Site (web_server.rules) 2023228 - ET WEB_SERVER DNS Query for Suspicious 9507c4e8.com Domain - Anuna Checkin - Compromised PHP Site (web_server.rules) 2023229 - ET WEB_SERVER DNS Query for Suspicious e5b57288.com Domain - Anuna Checkin - Compromised PHP Site (web_server.rules) 2023230 - ET WEB_SERVER DNS Query for Suspicious 54dfa1cb.com Domain - Anuna Checkin - Compromised PHP Site (web_server.rules) 2023247 - ET TROJAN Ransomware Locky .onion Payment Domain (f5xraa2y2ybtrefz) (trojan.rules) 2023256 - ET TROJAN Libyan Scorpions Adwind DNS Lookup (winmeif .myq-see.com) (trojan.rules) 2023257 - ET TROJAN Libyan Scorpions Adwind DNS Lookup (collge .myq-see.com) (trojan.rules) 2023258 - ET TROJAN Libyan Scorpions Adwind DNS Lookup (sara2011 .no-ip.biz) (trojan.rules) 2023259 - ET TROJAN Libyan Scorpions Netwire RAT DNS Lookup (samsung .ddns.me) (trojan.rules) 2023260 - ET TROJAN Libyan Scorpions Netwire RAT DNS Lookup (wininit .myq-see.com) (trojan.rules) 2023261 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2023297 - ET TROJAN ABUSE.CH SSL Blacklist DNS Lookup (Gozi MITM) (gtldsfs .com ) (trojan.rules) 2023298 - ET TROJAN ABUSE.CH SSL Blacklist DNS Lookup (Gozi MITM) (cdnfastnetwork .com) (trojan.rules) 2023299 - ET TROJAN APT28 Komplex DNS Lookup (appleupdate .com) (trojan.rules) 2023300 - ET TROJAN APT28 Komplex DNS Lookup (apple-iclouds .net) (trojan.rules) 2023301 - ET TROJAN APT28 Komplex DNS Lookup (itunes-helper .net) (trojan.rules) 2023310 - ET TROJAN ABUSE.CH SSL Blacklist DNS Lookup (Gozi MITM) (sdpvss .com) (trojan.rules) 2023327 - ET TROJAN ABUSE.CH TorrenLocker Payment Domain Detected (trojan.rules) 2023328 - ET TROJAN ABUSE.CH TorrenLocker Payment Domain Detected (trojan.rules) 2023329 - ET TROJAN ABUSE.CH Locky Payment Domain Detected (trojan.rules) 2023330 - ET TROJAN CryptoWall/TeslaCrypt Payment Domain (trojan.rules) 2023331 - ET TROJAN CryptoWall/TeslaCrypt Payment Domain (trojan.rules) 2023332 - ET TROJAN CryptoWall/TeslaCrypt Payment Domain (trojan.rules) 2023344 - ET TROJAN APT28 DealersChoice.B DNS Lookup (appexsrv .net) (trojan.rules) 2023354 - ET TROJAN Observed AgentTesla Domain Request (trojan.rules) 2023355 - ET TROJAN APT28/Sednit DNS Lookup (microsoftsupp .com) (trojan.rules) 2023356 - ET TROJAN APT28/Sednit DNS Lookup (aljazeera-news .com) (trojan.rules) 2023357 - ET TROJAN APT28/Sednit DNS Lookup (ausameetings .com) (trojan.rules) 2023358 - ET TROJAN APT28/Sednit DNS Lookup (bbc-press .org) (trojan.rules) 2023359 - ET TROJAN APT28/Sednit DNS Lookup (cnnpolitics .eu) (trojan.rules) 2023360 - ET TROJAN APT28/Sednit DNS Lookup (dailyforeignnews .com) (trojan.rules) 2023361 - ET TROJAN APT28/Sednit DNS Lookup (dailypoliticsnews .com) (trojan.rules) 2023362 - ET TROJAN APT28/Sednit DNS Lookup (defenceiq .us) (trojan.rules) 2023363 - ET TROJAN APT28/Sednit DNS Lookup (defencereview .eu) (trojan.rules) 2023364 - ET TROJAN APT28/Sednit DNS Lookup (diplomatnews .org) (trojan.rules) 2023365 - ET TROJAN APT28/Sednit DNS Lookup (euronews24 .info) (trojan.rules) 2023366 - ET TROJAN APT28/Sednit DNS Lookup (euroreport24 .com) (trojan.rules) 2023367 - ET TROJAN APT28/Sednit DNS Lookup (kg-news .org) (trojan.rules) 2023368 - ET TROJAN APT28/Sednit DNS Lookup (military-info .eu) (trojan.rules) 2023369 - ET TROJAN APT28/Sednit DNS Lookup (militaryadviser .org) (trojan.rules) 2023370 - ET TROJAN APT28/Sednit DNS Lookup (militaryobserver .net) (trojan.rules) 2023371 - ET TROJAN APT28/Sednit DNS Lookup (nato-hq .com) (trojan.rules) 2023372 - ET TROJAN APT28/Sednit DNS Lookup (nato-news .com) (trojan.rules) 2023373 - ET TROJAN APT28/Sednit DNS Lookup (natoint .com) (trojan.rules) 2023374 - ET TROJAN APT28/Sednit DNS Lookup (natopress .com) (trojan.rules) 2023375 - ET TROJAN APT28/Sednit DNS Lookup (osce-info .com) (trojan.rules) 2023376 - ET TROJAN APT28/Sednit DNS Lookup (osce-press .org) (trojan.rules) 2023377 - ET TROJAN APT28/Sednit DNS Lookup (pakistan-mofa .net) (trojan.rules) 2023378 - ET TROJAN APT28/Sednit DNS Lookup (politicalreview .eu) (trojan.rules) 2023379 - ET TROJAN APT28/Sednit DNS Lookup (politicsinform .com) (trojan.rules) 2023380 - ET TROJAN APT28/Sednit DNS Lookup (reuters-press .com) (trojan.rules) 2023381 - ET TROJAN APT28/Sednit DNS Lookup (shurl .biz) (trojan.rules) 2023382 - ET TROJAN APT28/Sednit DNS Lookup (stratforglobal .net) (trojan.rules) 2023383 - ET TROJAN APT28/Sednit DNS Lookup (thediplomat-press .com) (trojan.rules) 2023384 - ET TROJAN APT28/Sednit DNS Lookup (theguardiannews .org) (trojan.rules) 2023385 - ET TROJAN APT28/Sednit DNS Lookup (trend-news .org) (trojan.rules) 2023386 - ET TROJAN APT28/Sednit DNS Lookup (unian-news .info) (trojan.rules) 2023387 - ET TROJAN APT28/Sednit DNS Lookup (unitednationsnews .eu) (trojan.rules) 2023388 - ET TROJAN APT28/Sednit DNS Lookup (virusdefender .org) (trojan.rules) 2023389 - ET TROJAN APT28/Sednit DNS Lookup (worldmilitarynews .org) (trojan.rules) 2023390 - ET TROJAN APT28/Sednit DNS Lookup (worldpoliticsnews .org) (trojan.rules) 2023391 - ET TROJAN APT28/Sednit DNS Lookup (capisp .com) (trojan.rules) 2023392 - ET TROJAN APT28/Sednit DNS Lookup (dataclen .org) (trojan.rules) 2023393 - ET TROJAN APT28/Sednit DNS Lookup (mscoresvw .com) (trojan.rules) 2023394 - ET TROJAN APT28/Sednit DNS Lookup (windowscheckupdater .net) (trojan.rules) 2023395 - ET TROJAN APT28/Sednit DNS Lookup (acledit .com) (trojan.rules) 2023396 - ET TROJAN APT28/Sednit DNS Lookup (biocpl .org) (trojan.rules) 2023398 - ET MOBILE_MALWARE AndroRAT Bitter DNS Lookup (info2t .com) (mobile_malware.rules) 2023407 - ET TROJAN APT28/Sednit DNS Lookup (ciscohelpcenter .com) (trojan.rules) 2023408 - ET TROJAN APT28/Sednit DNS Lookup (timezoneutc .com) (trojan.rules) 2023409 - ET TROJAN APT28/Sednit DNS Lookup (inteldrv64 .com) (trojan.rules) 2023410 - ET TROJAN APT28/Sednit DNS Lookup (advpdxapi .com) (trojan.rules) 2023411 - ET TROJAN APT28/Sednit DNS Lookup (cloudflarecdn .com) (trojan.rules) 2023412 - ET TROJAN APT28/Sednit DNS Lookup (driversupdate .info) (trojan.rules) 2023413 - ET TROJAN APT28/Sednit DNS Lookup (kenlynton .com) (trojan.rules) 2023414 - ET TROJAN APT28/Sednit DNS Lookup (microsoftdriver .com) (trojan.rules) 2023415 - ET TROJAN APT28/Sednit DNS Lookup (microsofthelpcenter .info) (trojan.rules) 2023416 - ET TROJAN APT28/Sednit DNS Lookup (nortonupdate .org) (trojan.rules) 2023417 - ET TROJAN APT28/Sednit DNS Lookup (softwaresupportsv .com) (trojan.rules) 2023418 - ET TROJAN APT28/Sednit DNS Lookup (symantecsupport .org) (trojan.rules) 2023419 - ET TROJAN APT28/Sednit DNS Lookup (updatecenter .name) (trojan.rules) 2023420 - ET TROJAN APT28/Sednit DNS Lookup (updatesystems .net) (trojan.rules) 2023421 - ET TROJAN APT28/Sednit DNS Lookup (updmanager .com) (trojan.rules) 2023422 - ET TROJAN APT28/Sednit DNS Lookup (windowsappstore .net) (trojan.rules) 2023425 - ET TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023426 - ET TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023427 - ET TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023428 - ET TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023503 - ET TROJAN XRatLocker/AiraCrop Ransomware Payment Domain (trojan.rules) 2023504 - ET TROJAN XRatLocker/AiraCrop Ransomware Payment Domain (trojan.rules) 2023515 - ET POLICY Android Adups Firmware DNS Query (policy.rules) 2023519 - ET POLICY Android Adups Firmware DNS Query 5 (policy.rules) 2023523 - ET TROJAN KeyBoy DNS Lookup (www .about.jkub.com) (trojan.rules) 2023524 - ET TROJAN KeyBoy DNS Lookup (www .eleven.mypop3.org) (trojan.rules) 2023525 - ET TROJAN KeyBoy DNS Lookup (www .backus.myftp.name) (trojan.rules) 2023526 - ET TROJAN KeyBoy DNS Lookup (tibetvoices .com) (trojan.rules) 2023573 - ET TROJAN Unknown AutoIt Bot DNS Lookup (webmail .duia.in) (trojan.rules) 2023578 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2023579 - ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023580 - ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023581 - ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023582 - ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023584 - ET TROJAN Ransomware Goldeneye .onion Payment Domain (goldenhjnqvc2lld) (trojan.rules) 2023585 - ET TROJAN Ransomware Goldeneye .onion Payment Domain (golden2uqpiqcs6j) (trojan.rules) 2023589 - ET TROJAN Ransomware Popcorn-Time .onion Payment Domain (3hnuhydu4pd247qb) (trojan.rules) 2023597 - ET POLICY DNS Query to .onion proxy Domain (anonym.to) (policy.rules) 2023600 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023601 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023602 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023603 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023604 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023605 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023606 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023607 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023608 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023609 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023610 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023630 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023631 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023632 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023633 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023634 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023635 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023636 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023637 - ET TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023641 - ET TROJAN NEODYMIUM Wingbird DNS Lookup (srv601 .ddns.net) (trojan.rules) 2023642 - ET TROJAN NEODYMIUM Wingbird DNS Lookup (srv602 .ddns.net) (trojan.rules) 2023643 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (updatesync .com) (trojan.rules) 2023644 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (svnservices .com) (trojan.rules) 2023645 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (mynetenergy .com) (trojan.rules) 2023646 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (windriversupport .com) (trojan.rules) 2023647 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (truecrypte .org) (trojan.rules) 2023648 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (edicupd002 .com) (trojan.rules) 2023649 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (jourrapid .com) (trojan.rules) 2023650 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (true-crypte .website) (trojan.rules) 2023651 - ET TROJAN PROMETHIUM/StrongPity DNS Lookup (myrappid .com) (trojan.rules) 2023655 - ET TROJAN Ransomware Maktub .onion Payment Domain (maktubebz6z6cgtw) (trojan.rules) 2023658 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023659 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023660 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023661 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023662 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023663 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023664 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023665 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023666 - ET TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023667 - ET TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2023690 - ET TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023705 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2023706 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker Payment) (trojan.rules) 2023709 - ET MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2023710 - ET MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2023728 - ET TROJAN Spora Ransomware DNS Query (trojan.rules) 2023729 - ET TROJAN DeepEnd Research Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2023730 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023731 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023732 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023733 - ET TROJAN DeepEnd Research Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2023734 - ET TROJAN DeepEnd Research Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2023735 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023736 - ET TROJAN DeepEnd Research Ransomware CryptoWall .onion Proxy Domain (trojan.rules) 2023737 - ET TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023761 - ET TROJAN APT28 DealersChoice DNS Lookup (gtranm .com) (trojan.rules) 2023762 - ET TROJAN APT28 DealersChoice DNS Lookup (zpfgr .com) (trojan.rules) 2023763 - ET TROJAN OSX Backdoor Quimitchin DNS Lookup (trojan.rules) 2023777 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (webfile .myq-see.com) (trojan.rules) 2023778 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (downloadmyhost .zapto.org) (trojan.rules) 2023779 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (help2014 .linkpc.net) (trojan.rules) 2023780 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (safara .sytes.net) (trojan.rules) 2023781 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (exportball .servegame.org) (trojan.rules) 2023782 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (viewnet .better-than.tv) (trojan.rules) 2023783 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (down .downloadoneyoutube.co.vu) (trojan.rules) 2023784 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (netstreamag .publicvm.com) (trojan.rules) 2023785 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (hostgatero .ddns.net) (trojan.rules) 2023786 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (subsidiaryohio .linkpc.net) (trojan.rules) 2023787 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (helpyoume .linkpc.net) (trojan.rules) 2023788 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (downloadtesting .com) (trojan.rules) 2023789 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (gameoolines .com) (trojan.rules) 2023790 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (onlinesoft .space) (trojan.rules) 2023791 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (newphoneapp .com) (trojan.rules) 2023792 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (gamestoplay .bid) (trojan.rules) 2023793 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (smartsftp .pw) (trojan.rules) 2023794 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (galaxysupdates .com) (trojan.rules) 2023795 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (galaxy-s .com) (trojan.rules) 2023796 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (datasamsung .com) (trojan.rules) 2023797 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (progsupdate .com) (trojan.rules) 2023798 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (topgamse .com) (trojan.rules) 2023799 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (bandtester .com) (trojan.rules) 2023800 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (speedbind .com) (trojan.rules) 2023801 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (ukgames .tech) (trojan.rules) 2023802 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (wallanews .publicvm.com) (trojan.rules) 2023803 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (wallanews .sytes.net) (trojan.rules) 2023804 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (noredirecto .redirectme.net) (trojan.rules) 2023805 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (dynamicipaddress .linkpc.net) (trojan.rules) 2023806 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (downloadlog .linkpc.net) (trojan.rules) 2023807 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (havan .qhigh.com) (trojan.rules) 2023808 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (kolabdown .sytes.net) (trojan.rules) 2023809 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (rotter2 .publicvm.com) (trojan.rules) 2023810 - ET TROJAN DustySky Downeks/Quasar/other DNS Lookup (ftpserverit .otzo.com) (trojan.rules) 2023833 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 01 (current_events.rules) 2023834 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 02 (current_events.rules) 2023835 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 03 (current_events.rules) 2023836 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 04 (current_events.rules) 2023837 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 05 (current_events.rules) 2023838 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 06 (current_events.rules) 2023839 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 07 (current_events.rules) 2023840 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 08 (current_events.rules) 2023841 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 09 (current_events.rules) 2023842 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 10 (current_events.rules) 2023843 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 11 (current_events.rules) 2023844 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 12 (current_events.rules) 2023845 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 13 (current_events.rules) 2023846 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 14 (current_events.rules) 2023847 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 15 (current_events.rules) 2023848 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 16 (current_events.rules) 2023849 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 17 (current_events.rules) 2023850 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 18 (current_events.rules) 2023851 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 19 (current_events.rules) 2023852 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 20 (current_events.rules) 2023853 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 21 (current_events.rules) 2023854 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 22 (current_events.rules) 2023855 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 23 (current_events.rules) 2023856 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 24 (current_events.rules) 2023857 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 25 (current_events.rules) 2023858 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 26 (current_events.rules) 2023859 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 27 (current_events.rules) 2023860 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 28 (current_events.rules) 2023861 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 29 (current_events.rules) 2023862 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 30 (current_events.rules) 2023863 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 31 (current_events.rules) 2023864 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 32 (current_events.rules) 2023865 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 33 (current_events.rules) 2023866 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 34 (current_events.rules) 2023867 - ET CURRENT_EVENTS DNS Request to NilePhish Domain 35 (current_events.rules) 2023877 - ET TROJAN iKittens OSX MacDownloader DNS Lookup (officialswebsites .info) (trojan.rules) 2023884 - ET TROJAN Banker.Win32.Alreay DNS Lookup (tradeboard .mefound .com) (trojan.rules) 2023885 - ET TROJAN Banker.Win32.Alreay DNS Lookup (movis-es .ignorelist .com) (trojan.rules) 2023886 - ET TROJAN Banker.Win32.Alreay DNS Lookup (exbonus .mrbasic .com) (trojan.rules) 2023887 - ET TROJAN Spora Ransomware DNS Query (trojan.rules) 2023893 - ET TROJAN Qadars CnC DNS Lookup (bst2bgxin81a.org) (trojan.rules) 2023894 - ET TROJAN Qadars CnC DNS Lookup (websecuranalityc.com) (trojan.rules) 2023895 - ET TROJAN Qadars CnC DNS Lookup (liveskansys.com) (trojan.rules) 2023898 - ET TROJAN Possible Pegasus Related DNS Lookup (iusacell-movil .com.mx) (trojan.rules) 2023899 - ET TROJAN Possible Pegasus Related DNS Lookup (smsmensaje .mx) (trojan.rules) 2023932 - ET TROJAN Qadars CnC DNS Lookup (zkdef09i7ola.net) (trojan.rules) 2023935 - ET MOBILE_MALWARE Trojan-Spy.AndroidOS.Femas.b DNS Lookup (mobile_malware.rules) 2023936 - ET MOBILE_MALWARE Trojan-Spy.AndroidOS.Femas.b DNS Lookup (mobile_malware.rules) 2023937 - ET MOBILE_MALWARE Trojan-Spy.AndroidOS.Femas.b DNS Lookup (mobile_malware.rules) 2023938 - ET MOBILE_MALWARE Trojan-Spy.AndroidOS.Femas.b DNS Lookup (mobile_malware.rules) 2023939 - ET MOBILE_MALWARE Trojan-Spy.AndroidOS.Femas.b DNS Lookup (mobile_malware.rules) 2023953 - ET TROJAN MAGICHOUND-related DNS Lookup (chrome-up .date) (trojan.rules) 2023954 - ET TROJAN MAGICHOUND-related DNS Lookup (timezone .live) (trojan.rules) 2023955 - ET TROJAN MAGICHOUND-related DNS Lookup (servicesystem .serveirc.com) (trojan.rules) 2023956 - ET TROJAN MAGICHOUND-related DNS Lookup (analytics-google .org) (trojan.rules) 2023957 - ET TROJAN MAGICHOUND-related DNS Lookup (com-adm .in) (trojan.rules) 2023958 - ET TROJAN MAGICHOUND-related DNS Lookup (microsoftexplorerservices .cloud) (trojan.rules) 2023959 - ET TROJAN MAGICHOUND-related DNS Lookup (msservice .site) (trojan.rules) 2023960 - ET TROJAN MAGICHOUND-related DNS Lookup (com-ho .me) (trojan.rules) 2023961 - ET TROJAN MAGICHOUND-related DNS Lookup (ntg-sa .com) (trojan.rules) 2023962 - ET TROJAN MAGICHOUND-related DNS Lookup (briefl .ink) (trojan.rules) 2023968 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 1 (trojan.rules) 2023969 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 2 (trojan.rules) 2023970 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 3 (trojan.rules) 2023971 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 4 (trojan.rules) 2023972 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 5 (trojan.rules) 2023973 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 6 (trojan.rules) 2023974 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 7 (trojan.rules) 2023975 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 8 (trojan.rules) 2023976 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 9 (trojan.rules) 2023977 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 10 (trojan.rules) 2023978 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 11 (trojan.rules) 2023979 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 12 (trojan.rules) 2023980 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 13 (trojan.rules) 2023981 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 14 (trojan.rules) 2023982 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 15 (trojan.rules) 2023983 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 16 (trojan.rules) 2023984 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 17 (trojan.rules) 2023985 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 18 (trojan.rules) 2023986 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 19 (trojan.rules) 2023987 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 20 (trojan.rules) 2023988 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 21 (trojan.rules) 2023989 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 22 (trojan.rules) 2023990 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 23 (trojan.rules) 2023991 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 24 (trojan.rules) 2023992 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 25 (trojan.rules) 2023993 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 26 (trojan.rules) 2023994 - ET TROJAN ShellCrew.APT StreamEx DNS Lookup 27 (trojan.rules) 2023998 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2024005 - ET TROJAN FakeM SSL DNS Lookup (islamhood .net) (trojan.rules) 2024104 - ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2024105 - ET TROJAN Win32/Teslacrypt Ransomware .onion domain (2kjb7.net) (trojan.rules) 2024108 - ET TROJAN KHRAT DragonOK DNS Lookup (inter-ctrip .com) (trojan.rules) 2024110 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024111 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024112 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024113 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024114 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024115 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024116 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024117 - ET TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024118 - ET TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024119 - ET TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024143 - ET TROJAN Possible CopyKitten DNS Lookup (1e100 .tech) (trojan.rules) 2024144 - ET TROJAN Possible CopyKitten DNS Lookup (1m100 .tech) (trojan.rules) 2024145 - ET TROJAN Possible CopyKitten DNS Lookup (ads-youtube .online) (trojan.rules) 2024146 - ET TROJAN Possible CopyKitten DNS Lookup (akamaitechnology .com) (trojan.rules) 2024147 - ET TROJAN Possible CopyKitten DNS Lookup (alkamaihd .net) (trojan.rules) 2024148 - ET TROJAN Possible CopyKitten DNS Lookup (azurewebsites .tech) (trojan.rules) 2024149 - ET TROJAN Possible CopyKitten DNS Lookup (broadcast-microsoft .tech) (trojan.rules) 2024150 - ET TROJAN Possible CopyKitten DNS Lookup (chromeupdates .online) (trojan.rules) 2024151 - ET TROJAN Possible CopyKitten DNS Lookup (cloudmicrosoft .net) (trojan.rules) 2024152 - ET TROJAN Possible CopyKitten DNS Lookup (dnsserv .host) (trojan.rules) 2024153 - ET TROJAN Possible CopyKitten DNS Lookup (elasticbeanstalk .tech) (trojan.rules) 2024154 - ET TROJAN Possible CopyKitten DNS Lookup (fdgdsg .xyz) (trojan.rules) 2024155 - ET TROJAN Possible CopyKitten DNS Lookup (jguery .net) (trojan.rules) 2024156 - ET TROJAN Possible CopyKitten DNS Lookup (jguery .online) (trojan.rules) 2024157 - ET TROJAN Possible CopyKitten DNS Lookup (microsoft-ds .com) (trojan.rules) 2024158 - ET TROJAN Possible CopyKitten DNS Lookup (microsoft-security .host) (trojan.rules) 2024159 - ET TROJAN Possible CopyKitten DNS Lookup (nameserver .win) (trojan.rules) 2024160 - ET TROJAN Possible CopyKitten DNS Lookup (newsfeeds-microsoft .press) (trojan.rules) 2024161 - ET TROJAN Possible CopyKitten DNS Lookup (owa-microsoft .online) (trojan.rules) 2024162 - ET TROJAN Possible CopyKitten DNS Lookup (primeminister-goverment-techcenter .tech) (trojan.rules) 2024163 - ET TROJAN Possible CopyKitten DNS Lookup (qoldenlines .net) (trojan.rules) 2024164 - ET TROJAN Possible CopyKitten DNS Lookup (sharepoint-microsoft .co) (trojan.rules) 2024165 - ET TROJAN Possible CopyKitten DNS Lookup (ssl-gstatic .online) (trojan.rules) 2024166 - ET TROJAN Possible CopyKitten DNS Lookup (trendmicro .tech) (trojan.rules) 2024189 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024190 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024205 - ET TROJAN Win32/Cradle Ransomware Onion Domain (trojan.rules) 2024244 - ET TROJAN Known IoT Malware Domain (trojan.rules) 2024245 - ET TROJAN Known IoT Malware Domain (trojan.rules) 2024263 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024264 - ET TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024271 - ET TROJAN Turla Snake OSX DNS Lookup (car-service .effers.com) (trojan.rules) 2024284 - ET TROJAN OSX/Proton.B DNS Lookup (trojan.rules) 2024286 - ET TROJAN Turla SHIRIME DNS Lookup (trojan.rules) 2024289 - ET TROJAN DNS Query to Jaff Domain (fkksjobnn43 . org) (trojan.rules) 2024323 - ET TROJAN UIWIX Ransomware .onion Payment Domain (4ujngbdqqm6t2c53) (trojan.rules) 2024324 - ET TROJAN Spora Ransomware DNS Query (trojan.rules) 2024330 - ET TROJAN APT32 Komprogo DNS Lookup (trojan.rules) 2024331 - ET TROJAN APT32 Komprogo DNS Lookup (trojan.rules) 2024332 - ET TROJAN APT32 Komprogo DNS Lookup (trojan.rules) 2024333 - ET TROJAN APT32 Komprogo DNS Lookup (trojan.rules) 2024334 - ET TROJAN APT32 Komprogo DNS Lookup (trojan.rules) 2024339 - ET TROJAN DNS Query to Jaff Domain (orhangazitur . com) (trojan.rules) 2024341 - ET TROJAN DNS Query to Jaff Domain (comboratiogferrdto . com) (trojan.rules) 2024349 - ET CURRENT_EVENTS SUSPICIOUS DNS Request for Grey Advertising Often Leading to EK (current_events.rules) 2024405 - ET TROJAN Possible Pegasus Related DNS Lookup (secure-access10 .mx) (trojan.rules) 2024406 - ET TROJAN Possible Pegasus Related DNS Lookup (network190 .com) (trojan.rules) 2024407 - ET TROJAN Possible Pegasus Related DNS Lookup (mymensaje-sms .com) (trojan.rules) 2024408 - ET TROJAN Possible Pegasus Related DNS Lookup (smscentro .com) (trojan.rules) 2024409 - ET TROJAN Possible Pegasus Related DNS Lookup (ideas-telcel .com.mx) (trojan.rules) 2024410 - ET TROJAN Possible Pegasus Related DNS Lookup (twiitter .com.mx) (trojan.rules) 2024437 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2024438 - ET TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2024439 - ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2024440 - ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2024456 - ET TROJAN Possible Winnti-related DNS Lookup (vps2java .securitytactics .com) (trojan.rules) 2024457 - ET TROJAN Possible Winnti-related DNS Lookup (job .yoyakuweb .technology) (trojan.rules) 2024458 - ET TROJAN Possible Winnti-related DNS Lookup (resume .immigrantlol .com) (trojan.rules) 2024459 - ET TROJAN Possible Winnti-related DNS Lookup (macos .exoticlol .com) (trojan.rules) 2024460 - ET TROJAN Possible Winnti-related DNS Lookup (css .google-statics .com) (trojan.rules) 2024467 - ET TROJAN Observed DNS Query to Known Fenrir Ransomware CnC Domain (trojan.rules) 2024469 - ET TROJAN Observed Malicious DNS Query (Reyptson Ransomware CnC) (trojan.rules) 2024472 - ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup (trojan.rules) 2024473 - ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup (trojan.rules) 2024474 - ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup (trojan.rules) 2024475 - ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup (trojan.rules) 2024476 - ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup (trojan.rules) 2024477 - ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup (trojan.rules) 2024478 - ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup (trojan.rules) 2024479 - ET TROJAN CDT Credphish/Netwire Campaign DNS Lookup (trojan.rules) 2024487 - ET TROJAN LokiBot Related DNS query (trojan.rules) 2024488 - ET TROJAN LokiBot Related DNS query (trojan.rules) 2024491 - ET TROJAN Shifr Ransomware CnC DNS Query (v5t5z6a55ksmt3oh) (trojan.rules) 2024492 - ET TROJAN Shifr Ransomware CnC DNS Query (ojdue4474qghybjb) (trojan.rules) 2024495 - ET TROJAN CopyKittens Matryoshka DNS Lookup 1 (winupdate64 . com) (trojan.rules) 2024496 - ET TROJAN CopyKittens Matryoshka DNS Lookup 2 (twiter-statics . info) (trojan.rules) 2024497 - ET TROJAN CopyKittens Cobalt Strike DNS Lookup (cloudflare-analyse . com) (trojan.rules) 2024504 - ET TROJAN ISMAgent DNS Tunneling (microsoft-publisher . com) (trojan.rules) 2024506 - ET TROJAN Observed DNS Query to Reborn/Ovidiy Stealer CnC Domain (trojan.rules) 2024509 - ET MOBILE_MALWARE ANDROIDOS_LEAKERLOCKER.HRX DNS Lookup (mobile_malware.rules) 2024516 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024517 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024518 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024519 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024520 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024521 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024522 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024523 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024524 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024525 - ET TROJAN CryptON/Nemesis/X3M Ransomware Onion Domain (trojan.rules) 2024529 - ET TROJAN OSX/Mughthesec/SafeFinder/OperatorMac DNS Query Observed (trojan.rules) 2024530 - ET TROJAN OSX/Mughthesec/SafeFinder/OperatorMac Rogue Search Engine DNS Query Observed (trojan.rules) 2024543 - ET TROJAN Observed DNS Query to Gryphon CnC Domain / GlobeImposter Payment Domain (trojan.rules) 2024588 - ET TROJAN DNS Query for known ShadowPad CnC 1 (trojan.rules) 2024589 - ET TROJAN DNS Query for known ShadowPad CnC 2 (trojan.rules) 2024590 - ET TROJAN DNS Query for known ShadowPad CnC 3 (trojan.rules) 2024591 - ET TROJAN DNS Query for known ShadowPad CnC 4 (trojan.rules) 2024592 - ET TROJAN DNS Query for known ShadowPad CnC 5 (trojan.rules) 2024593 - ET TROJAN DNS Query for known ShadowPad CnC 6 (trojan.rules) 2024594 - ET TROJAN DNS Query for known ShadowPad CnC 7 (trojan.rules) 2024595 - ET TROJAN DNS Query for known ShadowPad CnC 8 (trojan.rules) 2024596 - ET TROJAN DNS Query for known ShadowPad CnC 9 (trojan.rules) 2024597 - ET TROJAN DNS Query for known ShadowPad CnC 10 (trojan.rules) 2024598 - ET TROJAN DNS Query for known ShadowPad CnC 11 (trojan.rules) 2024603 - ET TROJAN Spora Ransomware DNS Query (trojan.rules) 2024615 - ET MOBILE_MALWARE WireX Botnet DNS Lookup (mobile_malware.rules) 2024619 - ET TROJAN APT12 THREEBYTE DNS Lookup (trojan.rules) 2024620 - ET TROJAN ISMAgent DNS Lookup (msoffice-cdn . com) (trojan.rules) 2024626 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024627 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024628 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024629 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024630 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024631 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024632 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024633 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024634 - ET TROJAN DeepEnd Research Ransomware Domain Detected (trojan.rules) 2024635 - ET TROJAN ABUSE.CH Cerber Ransomware Domain Detected (trojan.rules) 2024636 - ET TROJAN ABUSE.CH Cerber Ransomware Domain Detected (trojan.rules) 2024641 - ET TROJAN Gazer DNS query observed (soligro . com) (trojan.rules) 2024642 - ET TROJAN Gazer DNS query observed (mydreamhoroscope . com) (trojan.rules) 2024658 - ET TROJAN KHRAT DNS Lookup (upload-dropbox .com) (trojan.rules) 2024662 - ET POLICY DNS Query to .onion proxy Domain (onion.guide) (policy.rules) 2024665 - ET POLICY DNS Query to .onion proxy Domain (onion.top) (policy.rules) 2024680 - ET TROJAN ABUSE.CH Zloader CnC Domain Detected (trojan.rules) 2024722 - ET MALWARE Malicious Chrome Ext. DNS Query For Adware CnC (startupfraction) (malware.rules) 2024723 - ET MALWARE Malicious Chrome Ext. DNS Query For Adware CnC (search.feedvertizus) (malware.rules) 2024724 - ET MALWARE Malicious Chrome Ext. DNS Query For Adware CnC (go.querymo) (malware.rules) 2024725 - ET MALWARE Malicious Chrome Ext. DNS Query For Adware CnC (opurie) (malware.rules) 2024728 - ET TROJAN ABUSE.CH Ransomware Domain Detected (trojan.rules) 2024730 - ET TROJAN DNS Query For TURNEDUP.Backdoor CnC (chromup) (trojan.rules) 2024731 - ET TROJAN DNS Query For TURNEDUP.Backdoor CnC (securityupdated) (trojan.rules) 2024732 - ET TROJAN DNS Query For TURNEDUP.Backdoor CnC (googlmail) (trojan.rules) 2024733 - ET TROJAN DNS Query For TURNEDUP.Backdoor / NanoCore CnC (microsoftupdated) (trojan.rules) 2024734 - ET TROJAN DNS Query For TURNEDUP.Backdoor CnC (syn.broadcaster) (trojan.rules) 2024735 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup (mobile_malware.rules) 2024736 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 2 (mobile_malware.rules) 2024737 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 3 (mobile_malware.rules) 2024738 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 4 (mobile_malware.rules) 2024739 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 5 (mobile_malware.rules) 2024740 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 6 (mobile_malware.rules) 2024741 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 7 (mobile_malware.rules) 2024742 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 8 (mobile_malware.rules) 2024743 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 9 (mobile_malware.rules) 2024744 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 10 (mobile_malware.rules) 2024745 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 11 (mobile_malware.rules) 2024746 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 12 (mobile_malware.rules) 2024747 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 13 (mobile_malware.rules) 2024748 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 14 (mobile_malware.rules) 2024749 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 15 (mobile_malware.rules) 2024750 - ET MOBILE_MALWARE Android/Bankbot.HH!tr DNS Lookup 16 (mobile_malware.rules) 2024789 - ET POLICY DNS request for Monero mining pool (policy.rules) 2024803 - ET TROJAN Lazarus Decafett DNS Lookup 1 (trojan.rules) 2024804 - ET TROJAN Lazarus Decafett DNS Lookup 2 (trojan.rules) 2024805 - ET TROJAN Lazarus Decafett DNS Lookup 3 (trojan.rules) 2024806 - ET TROJAN Lazarus Decafett DNS Lookup 4 (trojan.rules) 2024852 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024854 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024856 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024858 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024860 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024862 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024865 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024867 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024869 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024870 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024871 - ET TROJAN Possible Winnti-related DNS Lookup (google-statics .com) (trojan.rules) 2024872 - ET TROJAN Possible Winnti-related DNS Lookup (google-searching .com) (trojan.rules) 2024873 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024874 - ET TROJAN Possible Winnti-related DNS Lookup (trojan.rules) 2024921 - ET TROJAN IoT_reaper DNS Lookup M1 (trojan.rules) 2024922 - ET TROJAN IoT_reaper DNS Lookup M2 (trojan.rules) 2024923 - ET TROJAN IoT_reaper DNS Lookup M3 (trojan.rules) 2026858 - ET TROJAN W32.Razy Inject Domain in DNS Lookup (trojan.rules) 2027757 - ET DNS Query for .to TLD (dns.rules) 2027758 - ET DNS Query for .cc TLD (dns.rules) 2402000 - ET DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ET CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ET CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ET CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ET CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ET CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ET CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ET CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ET CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ET CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ET CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ET CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ET CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ET CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ET CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ET CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ET CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ET CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ET CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ET CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ET CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ET CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ET CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ET CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ET CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ET CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ET CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ET CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ET CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ET CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ET CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ET CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ET CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ET CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ET CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ET CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ET CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ET CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ET CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ET CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ET CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ET CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ET CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ET CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ET CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ET CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ET CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ET CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ET CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ET CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ET CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ET CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ET CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ET CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ET CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ET CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ET CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ET CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ET CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ET CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ET CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ET CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ET CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ET CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ET CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ET CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ET CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ET CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ET CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ET CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ET CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ET CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ET CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ET CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ET CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ET CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ET CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ET CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ET CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ET CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ET CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ET CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ET CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ET CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ET CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ET CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ET CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ET CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ET CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ET CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ET CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ET CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ET CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ET CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ET CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ET CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ET CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ET CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ET CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ET CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ET CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ET CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405001 - ET CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405002 - ET CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405003 - ET CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405004 - ET CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405005 - ET CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405006 - ET CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405007 - ET CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405008 - ET CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405009 - ET CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405010 - ET CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405011 - ET CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405012 - ET CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405013 - ET CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405014 - ET CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405015 - ET CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405016 - ET CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405017 - ET CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2802860 - ETPRO DNS Query to a Suspicious *-0-0.info domain (dns.rules) 2804174 - ETPRO INFO DYNAMIC_DNS Query to a *.ddns.info Domain (info.rules) 2804175 - ETPRO INFO DYNAMIC_DNS Query to a *.ddns.me.uk Domain (info.rules) 2804177 - ETPRO INFO DYNAMIC_DNS Query to a *.ddns.ms Domain (info.rules) 2804178 - ETPRO INFO DYNAMIC_DNS Query to a *.ddns.name Domain (info.rules) 2804179 - ETPRO INFO DYNAMIC_DNS Query to a *.ddns.us Domain (info.rules) 2804180 - ETPRO INFO DYNAMIC_DNS Query to a *.freeddns.com Domain (info.rules) 2804181 - ETPRO INFO DYNAMIC_DNS Query to a *.myDDNS.com Domain (info.rules) 2804198 - ETPRO INFO DNS Query to a *.net.ms Free Domain (info.rules) 2804199 - ETPRO INFO DNS Query to a *.info.ms Free Domain (info.rules) 2804200 - ETPRO INFO DNS Query to a *.us.ms Free Domain (info.rules) 2804201 - ETPRO INFO DNS Query to a *.shop.ms Free Domain (info.rules) 2804202 - ETPRO INFO DNS Query to a *.au.ms Free Domain (info.rules) 2804203 - ETPRO INFO DNS Query to a *.de.ms Free Domain (info.rules) 2804204 - ETPRO INFO DNS Query to a *.fr.ms Free Domain (info.rules) 2804205 - ETPRO INFO DNS Query to a *.cn.ms Free Domain (info.rules) 2804206 - ETPRO INFO DNS Query to a *.hk.ms Free Domain (info.rules) 2804207 - ETPRO INFO DNS Query to a *.br.ms Free Domain (info.rules) 2804338 - ETPRO INFO DYNAMIC_DNS Query to a *.25u.com Domain (info.rules) 2804340 - ETPRO INFO DYNAMIC_DNS Query to a *.BigMoney.biz Domain (info.rules) 2804342 - ETPRO INFO DYNAMIC_DNS Query to a *.dns04.com Domain (info.rules) 2804344 - ETPRO INFO DYNAMIC_DNS Query to a *.dns05.com Domain (info.rules) 2804346 - ETPRO INFO DYNAMIC_DNS Query to a *.dynamic-dns.net Domain (info.rules) 2804348 - ETPRO INFO DYNAMIC_DNS Query to a *.dynamicDNS.biz Domain (info.rules) 2804350 - ETPRO INFO DYNAMIC_DNS Query to a *.freeWWW.biz Domain (info.rules) 2804352 - ETPRO INFO DYNAMIC_DNS Query to a *.dns-dns.com Domain (info.rules) 2804354 - ETPRO INFO DYNAMIC_DNS Query to a *.ProxyDNS.com Domain (info.rules) 2804356 - ETPRO INFO DYNAMIC_DNS Query to a *.gr8name.biz Domain (info.rules) 2804358 - ETPRO INFO DYNAMIC_DNS Query to a *.gr8domain.biz Domain (info.rules) 2804360 - ETPRO INFO DYNAMIC_DNS Query to a *.my03.com Domain (info.rules) 2804362 - ETPRO INFO DYNAMIC_DNS Query to a *.ns01.biz Domain (info.rules) 2804364 - ETPRO INFO DYNAMIC_DNS Query to a *.ns01.info Domain (info.rules) 2804366 - ETPRO INFO DYNAMIC_DNS Query to a *.ns01.us Domain (info.rules) 2804368 - ETPRO INFO DYNAMIC_DNS Query to a *.ns02.biz Domain (info.rules) 2804370 - ETPRO INFO DYNAMIC_DNS Query to a *.ns02.info Domain (info.rules) 2804372 - ETPRO INFO DYNAMIC_DNS Query to a *.ns02.us Domain (info.rules) 2804374 - ETPRO INFO DYNAMIC_DNS Query to a *.ns1.name Domain (info.rules) 2804376 - ETPRO INFO DYNAMIC_DNS Query to a *.ns2.name Domain (info.rules) 2804378 - ETPRO INFO DYNAMIC_DNS Query to a *.ns3.name Domain (info.rules) 2804380 - ETPRO INFO DYNAMIC_DNS Query to a *.changeip.org Domain (info.rules) 2804633 - ETPRO INFO DYNAMIC_DNS Query to a *.sytes.net Domain (info.rules) 2804809 - ETPRO INFO DYNAMIC_DNS Query to *.gicp.net Domain (info.rules) 2807796 - ETPRO TROJAN Win32/Quervar.C DNS query to Domain kaspersky.localnet (trojan.rules) 2808735 - ETPRO TROJAN Backdoor.Backtor DNS lookup Sep 03 2014 (trojan.rules) 2808809 - ETPRO TROJAN Win32/Critroni Tor DNS Proxy lookup (trojan.rules) 2808861 - ETPRO TROJAN Likely Win32/Spy.Zbot.AAQ .onion Proxy DNS lookup (trojan.rules) 2808900 - ETPRO TROJAN Chanitor .onion Proxy Domain (trojan.rules) 2809214 - ETPRO TROJAN Win32/Chanitor.A .onion Proxy domain lookup (trojan.rules) 2809237 - ETPRO TROJAN Win32/Filecoder.NCP Ransomware .onion Proxy domain lookup (trojan.rules) 2809318 - ETPRO TROJAN Win32/Chanitor.A .onion Proxy domain lookup (trojan.rules) 2809348 - ETPRO TROJAN Win32/Pitou.B DNS Lookup (trojan.rules) 2809383 - ETPRO TROJAN Win32/Teerac.A .onion Proxy Domain (humapzcmz744fe7y) (trojan.rules) 2809384 - ETPRO POLICY DNS Query to .onion Proxy Domain (gate2tor.org) (policy.rules) 2809385 - ETPRO TROJAN Win32/Injector.BOVV .onion Proxy Domain (trojan.rules) 2809401 - ETPRO TROJAN Win32/Filecoder.EB Ransomware .onion Proxy Domain (trojan.rules) 2809402 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809403 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809404 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809412 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809413 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809414 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809415 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809416 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809417 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809418 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809419 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809420 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809421 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809422 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809423 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809442 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809477 - ETPRO TROJAN Backdoor.Win32.DarkKomet.emda .onion Proxy Domain (trojan.rules) 2809482 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809483 - ETPRO TROJAN Win32.Zbot.tykx .onion Proxy Domain (trojan.rules) 2809577 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809578 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809612 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809613 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809616 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809617 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809631 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809639 - ETPRO TROJAN Kakfum Possible DNS Query 1 (trojan.rules) 2809640 - ETPRO TROJAN Kakfum Possible DNS Query 2 (trojan.rules) 2809641 - ETPRO TROJAN Kakfum Possible DNS Query 3 (trojan.rules) 2809651 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809692 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809693 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809694 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809695 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809696 - ETPRO TROJAN Chanitor Variant .onion Proxy Domain (trojan.rules) 2809699 - ETPRO TROJAN Zemot Variant .onion Proxy Domain (trojan.rules) 2809706 - ETPRO TROJAN Trojan-Spy.Win32.Zbot.uljp .onion Proxy Domain (trojan.rules) 2809708 - ETPRO TROJAN Critroni .onion Proxy Domain (trojan.rules) 2809710 - ETPRO TROJAN Critroni Variant .onion Proxy Domain (trojan.rules) 2809775 - ETPRO TROJAN Win32/TrojanDownloader.Hancitor.B .onion Proxy Domain (trojan.rules) 2809803 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2809807 - ETPRO TROJAN Win32/Critroni Tor DNS Proxy lookup (trojan.rules) 2809808 - ETPRO TROJAN Win32/Critroni Tor DNS Proxy lookup (trojan.rules) 2809821 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2809827 - ETPRO TROJAN Chanitor .onion Proxy Domain (trojan.rules) 2809870 - ETPRO TROJAN Chanitor .onion Proxy Domain (trojan.rules) 2809871 - ETPRO TROJAN Chanitor .onion Proxy Domain (trojan.rules) 2809872 - ETPRO TROJAN Win32/Necurs DNS Lookup (miodzaki.bit) (trojan.rules) 2809875 - ETPRO TROJAN Unknown Trojan .onion Proxy Domain (trojan.rules) 2809879 - ETPRO TROJAN Athena Variant .onion Proxy Domain (trojan.rules) 2809881 - ETPRO TROJAN Unknown Trojan .onion Proxy Domain (qj2n3eebuuwvt7ju) (trojan.rules) 2809884 - ETPRO TROJAN Cryptolocker .onion Proxy Domain (udm744mfh5wbwxye) (trojan.rules) 2809887 - ETPRO TROJAN Win32/Injector.AEJK .onion Proxy Domain (trojan.rules) 2809889 - ETPRO TROJAN Win32/Injector.Autoit.VH .onion Proxy Domain (trojan.rules) 2809893 - ETPRO TROJAN Win32/Necurs DNS Lookup (qcmbartuop.bit) (trojan.rules) 2809911 - ETPRO TROJAN Ransom.Win32/Teerac.A DNS Lookup (bizdocassist.ru) (trojan.rules) 2809914 - ETPRO TROJAN Chanitor .onion Proxy Domain (trojan.rules) 2809939 - ETPRO TROJAN Teerac/CryptoFortress .onion Proxy Domain (tisoyhcp2y52ioyk) (trojan.rules) 2809940 - ETPRO TROJAN Teerac/CryptoFortress .onion Proxy Domain (4ptyziqllh5iyhx4) (trojan.rules) 2809942 - ETPRO TROJAN Win32/TrojanDownloader.Hancitor.B .onion Proxy Domain (trojan.rules) 2809955 - ETPRO TROJAN Chanitor .onion Proxy Domain (trojan.rules) 2809965 - ETPRO TROJAN Unknown Trojan .onion Proxy Domain (trojan.rules) 2809966 - ETPRO TROJAN Cryptolocker .onion Proxy Domain (7ziwuw5b2pbezpuy) (trojan.rules) 2809967 - ETPRO TROJAN Cryptolocker .onion Proxy Domain (4xau3z5os5byevya) (trojan.rules) 2809968 - ETPRO TROJAN Cryptolocker .onion Proxy Domain (f2d2v7soksbskekh) (trojan.rules) 2809969 - ETPRO POLICY DNS Query to .onion proxy Domain (tor4secure.org) (policy.rules) 2809970 - ETPRO POLICY DNS Query to .onion proxy Domain (tor4security.org) (policy.rules) 2809971 - ETPRO POLICY DNS Query to .onion proxy Domain (tor4privacy.org) (policy.rules) 2809972 - ETPRO POLICY DNS Query to .onion proxy Domain (access2tor.org) (policy.rules) 2809975 - ETPRO POLICY DNS Query to .onion proxy Domain (2kjb8.net) (policy.rules) 2809976 - ETPRO POLICY DNS Query to .onion proxy Domain (torconnectpay.com) (policy.rules) 2809979 - ETPRO TROJAN Win32/TrojanDownloader.Hancitor.B .onion Proxy Domain (trojan.rules) 2809987 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2809988 - ETPRO TROJAN KEYHolder ransomware Tor DNS Proxy .onion lookup (mwyigd4n52mkbyhe) (trojan.rules) 2809989 - ETPRO TROJAN Cryptolocker .onion Proxy Domain (nne4b5ujqqedvrkh) (trojan.rules) 2809990 - ETPRO TROJAN Cryptolocker .onion Proxy Domain (trojan.rules) 2809991 - ETPRO POLICY DNS Query to .onion proxy Domain (whitetor.com) (policy.rules) 2809992 - ETPRO TROJAN Win32/Critroni Tor DNS Proxy lookup (trojan.rules) 2809993 - ETPRO POLICY DNS Query to .onion proxy Domain (darktor.com) (policy.rules) 2809994 - ETPRO POLICY DNS Query to .onion proxy Domain (balzakoptions.com) (policy.rules) 2809996 - ETPRO TROJAN Possible Ransomware Variant .onion Proxy Domain (trojan.rules) 2810002 - ETPRO TROJAN Cryptorbit Ransomware .onion Proxy Domain (4sfxctgp53imlvzk) (trojan.rules) 2810015 - ETPRO POLICY DNS Query to .onion proxy Domain (2kjb9.net) (policy.rules) 2810037 - ETPRO POLICY DNS Query to .onion proxy Domain (t2w.pw) (policy.rules) 2810038 - ETPRO POLICY DNS Query to .onion proxy Domain (toraccess.org) (policy.rules) 2810040 - ETPRO POLICY DNS Query to .onion proxy Domain (forepaytobb.com) (policy.rules) 2810041 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.ca) (policy.rules) 2810042 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.sh) (policy.rules) 2810043 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.lu) (policy.rules) 2810044 - ETPRO POLICY DNS Query to .onion proxy Domain (torwalletpay.com) (policy.rules) 2810049 - ETPRO TROJAN Chanitor .onion Proxy Domain (xdndo2okt43cjx44) (trojan.rules) 2810052 - ETPRO POLICY DNS Query to .onion proxy Domain (welcomoptions.com) (policy.rules) 2810053 - ETPRO POLICY DNS Query to .onion proxy Domain (visatastor.com) (policy.rules) 2810054 - ETPRO POLICY DNS Query to .onion proxy Domain (drezdonhoster.com) (policy.rules) 2810075 - ETPRO TROJAN Win32/Teslacrypt Ransomware .onion Proxy Domain (34r6hq26q2h4jkzj) (trojan.rules) 2810114 - ETPRO POLICY DNS Query to .onion proxy Domain (2kjb10.net) (policy.rules) 2810130 - ETPRO TROJAN VaultCrypt .onion Proxy Domain (restoredz4xpmuqr) (trojan.rules) 2810131 - ETPRO TROJAN VaultCrypt .onion Proxy Domain (tj2es2lrxelpknfp) (trojan.rules) 2810132 - ETPRO TROJAN TorrentLocker .onion Proxy Domain (ndvgtf27xkhdvezr) (trojan.rules) 2810133 - ETPRO TROJAN CryptoLocker .onion Proxy Domain (bbsqfujyiblsrygu) (trojan.rules) 2810134 - ETPRO TROJAN TorrentLocker .onion Proxy Domain (a5xpevkpcmfmnaew) (trojan.rules) 2810150 - ETPRO TROJAN Exaction Cryptolocker .onion Proxy Domain (iupfnqg2uaigwoei) (trojan.rules) 2810151 - ETPRO TROJAN Trojan-Spy.Win32.Zbot.urtu .onion Proxy Domain (4tsur32luets6fhe) (trojan.rules) 2810160 - ETPRO TROJAN Chanitor .onion Proxy Domain (xlc2opjy2iniygev) (trojan.rules) 2810171 - ETPRO POLICY DNS Query to .onion proxy Domain (tor-explorer.org) (policy.rules) 2810172 - ETPRO POLICY DNS Query to .onion proxy Domain (42k0b13.net) (policy.rules) 2810173 - ETPRO POLICY DNS Query to .onion proxy Domain (42kjb11.net) (policy.rules) 2810190 - ETPRO TROJAN Critroni .onion Proxy Domain (trojan.rules) 2810241 - ETPRO POLICY DNS Query to .onion proxy Domain (tor4liberty.org) (policy.rules) 2810242 - ETPRO POLICY DNS Query to .onion proxy Domain (42k2b14.net) (policy.rules) 2810243 - ETPRO POLICY DNS Query to .onion proxy Domain (42k2b13.net) (policy.rules) 2810272 - ETPRO TROJAN Poshcoder Ransomware .onion Domain (r7twae4a7jtozjwv) (trojan.rules) 2810282 - ETPRO TROJAN Win32/Escad Variant DNS Lookup (dns01.zzux.com) (trojan.rules) 2810292 - ETPRO TROJAN Chanitor .onion Proxy Domain (dugjdv7z3h5x4nrp) (trojan.rules) 2810355 - ETPRO POLICY DNS Query to .onion proxy Domain (79fhdm16.com) (policy.rules) 2810356 - ETPRO POLICY DNS Query to .onion proxy Domain (42k2bu15.com) (policy.rules) 2810364 - ETPRO TROJAN Chanitor .onion Proxy Domain (omi62yc6jtsd2q37) (trojan.rules) 2810423 - ETPRO TROJAN Chanitor .onion Proxy Domain (jsrgmlud44wtvyfj) (trojan.rules) 2810426 - ETPRO POLICY DNS Query to .onion proxy Domain (42kdb12.net) (policy.rules) 2810455 - ETPRO TROJAN Ransom.Win32.Foreign Variant .onion Proxy Domain (trojan.rules) 2810456 - ETPRO TROJAN Neurevt .onion Proxy Domain (trojan.rules) 2810476 - ETPRO TROJAN Chanitor .onion Proxy Domain (um6fsdil5ecma5kf) (trojan.rules) 2810504 - ETPRO TROJAN Win32/Teslacrypt Ransomware .onion domain (3kxwjihmkgibht2s) (trojan.rules) 2810610 - ETPRO POLICY DNS Query to .onion proxy Domain (tor-gateways.de) (policy.rules) 2810632 - ETPRO TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (trojan.rules) 2810660 - ETPRO POLICY DNS Query to .onion proxy Domain (tor-privacyprotect.org) (policy.rules) 2810661 - ETPRO POLICY DNS Query to .onion proxy Domain (djw813nda20.com) (policy.rules) 2810662 - ETPRO POLICY DNS Query to .onion proxy Domain (9sj47wiuygn21.com) (policy.rules) 2810663 - ETPRO POLICY DNS Query to .onion proxy Domain (torprivacy.org) (policy.rules) 2810664 - ETPRO POLICY DNS Query to .onion proxy Domain (feoks62f22.com) (policy.rules) 2810665 - ETPRO POLICY DNS Query to .onion proxy Domain (torminator.org) (policy.rules) 2810666 - ETPRO POLICY DNS Query to .onion proxy Domain (oe92jfee23.com) (policy.rules) 2810696 - ETPRO POLICY DNS Query to .onion proxy Domain (asowbu3g24.com) (policy.rules) 2810697 - ETPRO POLICY DNS Query to .onion proxy Domain (toradvisor.com) (policy.rules) 2810698 - ETPRO POLICY DNS Query to .onion proxy Domain (kkfriw9425.com) (policy.rules) 2810705 - ETPRO POLICY DNS Query to .onion proxy Domain (ptiontor4pay.com) (policy.rules) 2810706 - ETPRO POLICY DNS Query to .onion proxy Domain (partypayonion.com) (policy.rules) 2810707 - ETPRO POLICY DNS Query to .onion proxy Domain (suntorpaymoon.com) (policy.rules) 2810708 - ETPRO POLICY DNS Query to .onion proxy Domain (vegetoptionspay.com) (policy.rules) 2810709 - ETPRO POLICY DNS Query to .onion proxy Domain (icepaytor.com) (policy.rules) 2810710 - ETPRO POLICY DNS Query to .onion proxy Domain (lifepayoptions.com) (policy.rules) 2810711 - ETPRO POLICY DNS Query to .onion proxy Domain (chaopayonion.com) (policy.rules) 2810712 - ETPRO POLICY DNS Query to .onion proxy Domain (waytopaytor.com) (policy.rules) 2810768 - ETPRO POLICY DNS Query to .onion proxy Domain (dfj3d8w3n27.com) (policy.rules) 2810769 - ETPRO POLICY DNS Query to .onion proxy Domain (torlocator.org) (policy.rules) 2810770 - ETPRO POLICY DNS Query to .onion proxy Domain (aw49f4j3n26.com) (policy.rules) 2810777 - ETPRO POLICY DNS Query to .onion proxy Domain (gigapaysun.com) (policy.rules) 2810778 - ETPRO POLICY DNS Query to .onion proxy Domain (aenf387awmx28.com) (policy.rules) 2810779 - ETPRO POLICY DNS Query to .onion proxy Domain (paletoption.com) (policy.rules) 2810780 - ETPRO TROJAN CTB-Locker .onion Proxy Domain (trojan.rules) 2810820 - ETPRO TROJAN Win32/Teslacrypt .onion Proxy Domain (trojan.rules) 2810826 - ETPRO POLICY DNS Query to .onion proxy Domain (od9wjn4iene29.com) (policy.rules) 2810878 - ETPRO TROJAN Possible Ransomware Variant .onion Proxy Domain (trojan.rules) 2810883 - ETPRO POLICY DNS Query to .onion proxy Domain (jjeyd2u37an30.com) (policy.rules) 2810884 - ETPRO POLICY DNS Query to .onion proxy Domain (tor4browser.org) (policy.rules) 2810887 - ETPRO POLICY DNS Query to .onion proxy Domain (afnwdsy4j32.com) (policy.rules) 2810892 - ETPRO POLICY DNS Query to .onion proxy Domain (9isernvur33.com) (policy.rules) 2810914 - ETPRO POLICY DNS Query to .onion proxy Domain (dconnect.eu) (policy.rules) 2810932 - ETPRO TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (trojan.rules) 2810937 - ETPRO POLICY DNS Query to .onion proxy Domain (anfeua74x36.com) (policy.rules) 2810938 - ETPRO POLICY DNS Query to .onion proxy Domain (dlosrngis35.com) (policy.rules) 2810950 - ETPRO POLICY DNS Query to .onion proxy Domain (htye943kjc38.com) (policy.rules) 2810951 - ETPRO POLICY DNS Query to .onion proxy Domain (p0oekds4we39.com) (policy.rules) 2810952 - ETPRO POLICY DNS Query to .onion proxy Domain (fedpayopinion.com) (policy.rules) 2810994 - ETPRO POLICY DNS Query to .onion proxy Domain (fenaow48fn42.com) (policy.rules) 2811009 - ETPRO POLICY DNS Query to .onion proxy Domain (torhsbrowser.us) (policy.rules) 2811010 - ETPRO POLICY DNS Query to .onion proxy Domain (vispaytoropinion.com) (policy.rules) 2811012 - ETPRO POLICY DNS Query to .onion proxy Domain (sm4i8smr3f43.com) (policy.rules) 2811039 - ETPRO TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (2k7vcwbzor5ybfto) (trojan.rules) 2811047 - ETPRO POLICY DNS Query to .onion proxy Domain (foi48wmc5de44.com) (policy.rules) 2811056 - ETPRO TROJAN Win32/Spy.POSCardStealer.N DNS Lookup (mail.rumpleskin.org) (trojan.rules) 2811075 - ETPRO POLICY DNS Query to .onion proxy Domain (djismrkcida45.com) (policy.rules) 2811081 - ETPRO TROJAN Pontoeb .onion Proxy Domain (trojan.rules) 2811102 - ETPRO TROJAN Ransom.Tox .onion Proxy Domain (trojan.rules) 2811104 - ETPRO TROJAN Win32/Beaugrit DNS Lookup (moqi.f3322.net) (trojan.rules) 2811105 - ETPRO POLICY DNS Query to .onion proxy Domain (paygateawayoros.com) (policy.rules) 2811140 - ETPRO POLICY DNS Query to .onion proxy Domain (paymentgateposa.com) (policy.rules) 2811199 - ETPRO TROJAN DNS Andromeda/Gamarue Query to .onion proxy Domain (74724z223r535723) (trojan.rules) 2811222 - ETPRO TROJAN CTB-Locker .onion Proxy Domain (trojan.rules) 2811223 - ETPRO MOBILE_MALWARE DNS Android.Trojan.AndroRAT.E Query (mobile_malware.rules) 2811252 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.nu) (policy.rules) 2811308 - ETPRO POLICY DNS Query to .onion proxy Domain (payoptionserver.com) (policy.rules) 2811309 - ETPRO POLICY DNS Query to .onion proxy Domain (optionpaymentprak.com) (policy.rules) 2811310 - ETPRO POLICY DNS Query to .onion proxy Domain (paytogateserver.com) (policy.rules) 2811311 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.in) (policy.rules) 2811366 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.site) (policy.rules) 2811418 - ETPRO POLICY DNS Query to .onion proxy Domain (toraccelerator.org) (policy.rules) 2811419 - ETPRO POLICY DNS Query to .onion proxy Domain (torprivacyprotect.org) (policy.rules) 2811450 - ETPRO TROJAN Possible Ransomware Variant .onion Proxy Domain (trojan.rules) 2811506 - ETPRO POLICY DNS Query to .onion proxy Domain (paypartyoptions.com) (policy.rules) 2811530 - ETPRO TROJAN VBS/TrojanDownloader.Small.NBL .onion Proxy Domain (trojan.rules) 2811610 - ETPRO POLICY DNS Query to .onion proxy Domain (payforusa.com) (policy.rules) 2811611 - ETPRO POLICY DNS Query to .onion proxy Domain (paywelcomefor.com) (policy.rules) 2811612 - ETPRO POLICY DNS Query to .onion proxy Domain (payemarateslines.com) (policy.rules) 2811613 - ETPRO POLICY DNS Query to .onion proxy Domain (payoptvars.com) (policy.rules) 2811614 - ETPRO TROJAN CryptoLocker .onion Proxy Domain (6i3cb6owitcouepv) (trojan.rules) 2811642 - ETPRO POLICY DNS Query to .onion proxy Domain (torplanet.org) (policy.rules) 2811653 - ETPRO POLICY DNS Query to .onion proxy Domain (paytwinkgirls.com) (policy.rules) 2811661 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2811778 - ETPRO TROJAN W32/Zbot.AVTH .onion Proxy Domain (trojan.rules) 2811784 - ETPRO POLICY DNS Query to .onion proxy Domain (paybalanceto.com) (policy.rules) 2811808 - ETPRO POLICY DNS Query to .onion proxy Domain (paybrakepoint.com) (policy.rules) 2811822 - ETPRO TROJAN Win32.Zbot.vqui .onion Proxy Domain (trojan.rules) 2811872 - ETPRO TROJAN CTB-Locker .onion Proxy Domain (trojan.rules) 2811879 - ETPRO TROJAN Possible Plat1 APT DNS Lookup (trojan.rules) 2811883 - ETPRO TROJAN PoisonIvy dropped by CVE-2015-5119 DNS Lookup (trojan.rules) 2811884 - ETPRO TROJAN APT RatJourMV DNS Lookup (trojan.rules) 2811899 - ETPRO TROJAN Trojan-Spy.Win32.Zbot.vpbr .onion Proxy Domain (trojan.rules) 2811914 - ETPRO TROJAN ZeusVM .onion Proxy Domain (trojan.rules) 2811925 - ETPRO POLICY DNS Query to .onion proxy Domain (myportopay.com) (policy.rules) 2811926 - ETPRO POLICY DNS Query to .onion proxy Domain (vivavtpaymaster.com) (policy.rules) 2811927 - ETPRO POLICY DNS Query to .onion proxy Domain (micropaysearch.com) (policy.rules) 2811928 - ETPRO POLICY DNS Query to .onion proxy Domain (paytostopigil.com) (policy.rules) 2811931 - ETPRO POLICY DNS Query to .onion proxy Domain (mywa2pay.com) (policy.rules) 2811932 - ETPRO POLICY DNS Query to .onion proxy Domain (light2mind.com) (policy.rules) 2811933 - ETPRO POLICY DNS Query to .onion proxy Domain (rightslavebb.com) (policy.rules) 2811964 - ETPRO TROJAN APT HTTPBrowser dropped by CVE-2015-5119 DNS Lookup (trojan.rules) 2811989 - ETPRO POLICY DNS Query to .onion proxy Domain (paytodoublemoney.com) (policy.rules) 2811990 - ETPRO POLICY DNS Query to .onion proxy Domain (micropay2all.com) (policy.rules) 2811991 - ETPRO POLICY DNS Query to .onion proxy Domain (democraticash.com) (policy.rules) 2812061 - ETPRO POLICY DNS Query to .onion proxy Domain (misterhoppo.com) (policy.rules) 2812080 - ETPRO CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (uc.ggdaili.com) (current_events.rules) 2812081 - ETPRO CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (u.nbdos.com) (current_events.rules) 2812096 - ETPRO POLICY DNS Query to .onion proxy Domain (ministryordas.com) (policy.rules) 2812133 - ETPRO TROJAN PoisonIvy DNS Lookup (xp.homeunix.org) (trojan.rules) 2812134 - ETPRO TROJAN AlphaCrypt .onion Proxy Domain (trojan.rules) 2812142 - ETPRO TROJAN Possible Pirpi DNS Lookup (product.sorgerealty.com) (trojan.rules) 2812143 - ETPRO TROJAN Possible Pirpi DNS Lookup (en.neatechguvenlik.com) (trojan.rules) 2812144 - ETPRO TROJAN Possible Pirpi DNS Lookup (inform.bedircati.com) (trojan.rules) 2812145 - ETPRO TROJAN Possible Pirpi DNS Lookup (swe.karasoyemlak.com) (trojan.rules) 2812146 - ETPRO TROJAN Possible Pirpi DNS Lookup (ww.dndssc.com) (trojan.rules) 2812147 - ETPRO TROJAN Possible Pirpi DNS Lookup (wds.jiscs.com) (trojan.rules) 2812148 - ETPRO TROJAN Possible Pirpi DNS Lookup (udi.ilovetustin.com) (trojan.rules) 2812149 - ETPRO TROJAN Possible Pirpi DNS Lookup (pn.lamb-site.com) (trojan.rules) 2812150 - ETPRO POLICY DNS Query to .onion proxy Domain (optiontosolutionss.com) (policy.rules) 2812151 - ETPRO POLICY DNS Query to .onion proxy Domain (paybullionbb.com) (policy.rules) 2812152 - ETPRO POLICY DNS Query to .onion proxy Domain (namepospay.com) (policy.rules) 2812153 - ETPRO POLICY DNS Query to .onion proxy Domain (winingpicturess.com) (policy.rules) 2812162 - ETPRO TROJAN Win32/Spy.Zbot.YW .onion Proxy Domain (trojan.rules) 2812209 - ETPRO POLICY DNS Query to .onion proxy Domain (spatopayforwin.com) (policy.rules) 2812210 - ETPRO POLICY DNS Query to .onion proxy Domain (speralpayopio.com) (policy.rules) 2812257 - ETPRO POLICY DNS Query to .onion proxy Domain (tor-network.org) (policy.rules) 2812258 - ETPRO POLICY DNS Query to .onion proxy Domain (torsafetyproxy.org) (policy.rules) 2812259 - ETPRO POLICY DNS Query to .onion proxy Domain (toroperator.org) (policy.rules) 2812260 - ETPRO POLICY DNS Query to .onion proxy Domain (torexplorer.org) (policy.rules) 2812261 - ETPRO POLICY DNS Query to .onion proxy Domain (toractive.org) (policy.rules) 2812262 - ETPRO POLICY DNS Query to .onion proxy Domain (bythepaywayall.com) (policy.rules) 2812263 - ETPRO POLICY DNS Query to .onion proxy Domain (torenable.org) (policy.rules) 2812264 - ETPRO POLICY DNS Query to .onion proxy Domain (torgate.org) (policy.rules) 2812265 - ETPRO POLICY DNS Query to .onion proxy Domain (toruplink.org) (policy.rules) 2812266 - ETPRO POLICY DNS Query to .onion proxy Domain (torhome.org) (policy.rules) 2812267 - ETPRO POLICY DNS Query to .onion proxy Domain (tor-area.org) (policy.rules) 2812268 - ETPRO POLICY DNS Query to .onion proxy Domain (tor2earth.org) (policy.rules) 2812269 - ETPRO POLICY DNS Query to .onion proxy Domain (torsector.org) (policy.rules) 2812270 - ETPRO POLICY DNS Query to .onion proxy Domain (vremlotofpa.org) (policy.rules) 2812298 - ETPRO TROJAN Sefnit .onion Proxy Domain (trojan.rules) 2812309 - ETPRO POLICY DNS Query to .onion proxy Domain (vremlotofpa.com) (policy.rules) 2812310 - ETPRO TROJAN Possible Ransomware Variant .onion Proxy Domain (trojan.rules) 2812317 - ETPRO POLICY DNS Query to .onion proxy Domain (torcarrier.org) (policy.rules) 2812327 - ETPRO TROJAN Sefnit .onion Proxy Domain (trojan.rules) 2812349 - ETPRO TROJAN Teracotta VPN C2 DNS request (trojan.rules) 2812369 - ETPRO POLICY DNS Query to .onion proxy Domain (wolfwallstreetpay.com) (policy.rules) 2812370 - ETPRO POLICY DNS Query to .onion proxy Domain (speralreaopio.com) (policy.rules) 2812371 - ETPRO POLICY DNS Query to .onion proxy Domain (optiontosolutionbbs.com) (policy.rules) 2812372 - ETPRO POLICY DNS Query to .onion proxy Domain (askhoweroption.com) (policy.rules) 2812373 - ETPRO TROJAN Win32/Injector.CGDU .onion Proxy Domain (trojan.rules) 2812436 - ETPRO TROJAN TorrentLocker .onion Proxy Domain (4nzchpngrtdhn27u) (trojan.rules) 2812437 - ETPRO POLICY DNS Query to .onion proxy Domain (torsecurityapp.org) (policy.rules) 2812438 - ETPRO POLICY DNS Query to .onion proxy Domain (torauthority.org) (policy.rules) 2812439 - ETPRO TROJAN Sefnit .onion Proxy Domain (trojan.rules) 2812447 - ETPRO TROJAN Win64/Wedex.A DNS Lookup (aexp.nyc) (trojan.rules) 2812457 - ETPRO TROJAN Sefnit .onion Proxy Domain (j2kiphmeb4m4ek66) (trojan.rules) 2812458 - ETPRO TROJAN Sefnit .onion Proxy Domain (qp4xhrnjuzq6glwx) (trojan.rules) 2812495 - ETPRO POLICY DNS Query to .onion proxy Domain (vremlreafpa.com) (policy.rules) 2812633 - ETPRO TROJAN CTB-Locker .onion Proxy Domain (trojan.rules) 2812660 - ETPRO CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (linux.bc5j.com) (current_events.rules) 2812661 - ETPRO CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (sbss.f3322.net) (current_events.rules) 2812662 - ETPRO CURRENT_EVENTS Likely Linux/Xorddos DDoS Attack Participation (8uc.f1122.org) (current_events.rules) 2812693 - ETPRO TROJAN Win32/Spy.Zbot.AAQ .onion Proxy Domain (trojan.rules) 2812707 - ETPRO TROJAN Linopid DNS Lookup (gameshare00.linkpc.net) (trojan.rules) 2812708 - ETPRO TROJAN Linopid DNS Lookup (securityqc.linkpc.net) (trojan.rules) 2812711 - ETPRO TROJAN Plugx and APT.9002 DNS Lookup (www.registre.instanthq.com) (trojan.rules) 2812728 - ETPRO TROJAN HTTPBrowser DNS Lookup (www.wordpress.zzux.com) (trojan.rules) 2812734 - ETPRO TROJAN AlphaCrypt .onion Proxy Domain (trojan.rules) 2812788 - ETPRO TROJAN Backdoor.Telnneru DNS Lookup (trojan.rules) 2812839 - ETPRO TROJAN CryptoWall .onion Proxy Domain (trojan.rules) 2812864 - ETPRO TROJAN Spyec Keylogger DNS Lookup (ftp.sypec-soft.com) (trojan.rules) 2812897 - ETPRO POLICY DNS Query to .onion proxy Domain (optionpay2all.com) (policy.rules) 2812921 - ETPRO POLICY DNS Query to .onion proxy Domain (abctopayforwin.com) (policy.rules) 2812922 - ETPRO POLICY DNS Query to .onion proxy Domain (bcdthepaywayall.com) (policy.rules) 2812990 - ETPRO POLICY DNS Query to .onion proxy Domain (blindpayallfor.com) (policy.rules) 2812991 - ETPRO POLICY DNS Query to .onion proxy Domain (optionbbs.com) (policy.rules) 2812992 - ETPRO POLICY DNS Query to .onion proxy Domain (stopmigrationss.com) (policy.rules) 2813030 - ETPRO TROJAN Rovnix DNS Lookup (cherniypoyas.ru) (trojan.rules) 2813031 - ETPRO TROJAN Rovnix DNS Lookup (chernoypoyas.su) (trojan.rules) 2813032 - ETPRO TROJAN Rovnix DNS Lookup (beliypoyas.ru) (trojan.rules) 2813033 - ETPRO TROJAN Rovnix DNS Lookup (beliypoyas.su) (trojan.rules) 2813034 - ETPRO TROJAN Rovnix DNS Lookup (zeleniypoyas.ru) (trojan.rules) 2813035 - ETPRO TROJAN Rovnix DNS Lookup (zeleniypoyas.su) (trojan.rules) 2814065 - ETPRO TROJAN Possible EncryptorRaas Variant .onion Proxy Domain (trojan.rules) 2814145 - ETPRO POLICY DNS Query to .onion proxy Domain (wolfwallsreaetpay.com) (policy.rules) 2814159 - ETPRO TROJAN TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (trojan.rules) 2814216 - ETPRO TROJAN Win32/Orxlocker.A Ransomware DNS Lookup (rkcgwcsfwhvuvgli) (trojan.rules) 2814277 - ETPRO TROJAN Redlonam .onion Proxy Domain (trojan.rules) 2814290 - ETPRO POLICY DNS Query to .onion proxy Domain (askhoreasption.com) (policy.rules) 2814291 - ETPRO POLICY DNS Query to .onion proxy Domain (armnsoptionpay.com) (policy.rules) 2814292 - ETPRO POLICY DNS Query to .onion proxy Domain (malerstoniska.com) (policy.rules) 2814293 - ETPRO POLICY DNS Query to .onion proxy Domain (transoptionpay.com) (policy.rules) 2814340 - ETPRO TROJAN Dusvext/Vertexbot Backdoor .onion Proxy Domain (trojan.rules) 2814407 - ETPRO TROJAN Sednit DNS Lookup (trojan.rules) 2814408 - ETPRO TROJAN Aldi Bot .onion Proxy Domain (trojan.rules) 2814409 - ETPRO TROJAN Critroni .onion Proxy Domain (trojan.rules) 2814417 - ETPRO TROJAN JS/RecJS DNS Lookup (calllgt.endofinternet.net) (trojan.rules) 2814418 - ETPRO TROJAN JS/RecJS DNS Lookup (offmkos.endofinternet.net) (trojan.rules) 2814419 - ETPRO TROJAN JS/RecJS DNS Lookup (poonahost.endofinternet.net) (trojan.rules) 2814420 - ETPRO TROJAN JS/RecJS DNS Lookup (askleonri.isteingeek.de) (trojan.rules) 2814421 - ETPRO TROJAN JS/RecJS DNS Lookup (edrimake.endofinternet.net) (trojan.rules) 2814422 - ETPRO TROJAN JS/RecJS DNS Lookup (qkmakein.endofinternet.net) (trojan.rules) 2814423 - ETPRO TROJAN JS/RecJS DNS Lookup (cuninn.servebbs.com) (trojan.rules) 2814424 - ETPRO TROJAN JS/RecJS DNS Lookup (grihostad.servebbs.com) (trojan.rules) 2814425 - ETPRO TROJAN JS/RecJS DNS Lookup (askpotubeda.isteingeek.de) (trojan.rules) 2814426 - ETPRO TROJAN JS/RecJS DNS Lookup (isqgt.isteingeek.de) (trojan.rules) 2814427 - ETPRO TROJAN JS/RecJS DNS Lookup (griahost.servebbs.com) (trojan.rules) 2814471 - ETPRO TROJAN InfiniteLocker .onion Proxy Domain (trojan.rules) 2814495 - ETPRO TROJAN Java/CoinWalletStealer .onion Proxy Domain (trojan.rules) 2814557 - ETPRO TROJAN Win32/Wedex TXT DNS Lookup 1 (trojan.rules) 2814558 - ETPRO TROJAN Win32/Wedex TXT DNS Lookup 2 (trojan.rules) 2814559 - ETPRO TROJAN Win32/Wedex TXT DNS Lookup 3 (trojan.rules) 2814605 - ETPRO TROJAN AlphaCrypt .onion Proxy Domain (trojan.rules) 2814618 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2814931 - ETPRO TROJAN Android/Spy.Agent.LP .onion Proxy Domain (trojan.rules) 2814994 - ETPRO POLICY DNS Query to .onion proxy Domain (starswarsspecs.com) (policy.rules) 2814995 - ETPRO POLICY DNS Query to .onion proxy Domain (maverickpaypartners.com) (policy.rules) 2815018 - ETPRO TROJAN Redyms CnC DNS Lookup (iqcgqyaeqimiiycs.org) (trojan.rules) 2815019 - ETPRO TROJAN Redyms CnC DNS Lookup (skgkyaqykaeegquu.org) (trojan.rules) 2815020 - ETPRO TROJAN Redyms CnC DNS Lookup (uokkwqswimaamcwe.org) (trojan.rules) 2815021 - ETPRO TROJAN Redyms CnC DNS Lookup (wscswugeiuayswqg.org) (trojan.rules) 2815022 - ETPRO TROJAN Redyms CnC DNS Lookup (ywyayoskasuciwuo.org) (trojan.rules) 2815037 - ETPRO TROJAN Ransomware/Poshcoder Onion Domain Lookup (trojan.rules) 2815296 - ETPRO POLICY DNS Query to .onion proxy Domain (paybtc798.com) (policy.rules) 2815297 - ETPRO POLICY DNS Query to .onion proxy Domain (softpay4562.com) (policy.rules) 2815298 - ETPRO POLICY DNS Query to .onion proxy Domain (bark1paypartners.com) (policy.rules) 2815299 - ETPRO POLICY DNS Query to .onion proxy Domain (btcpay435.com) (policy.rules) 2815300 - ETPRO POLICY DNS Query to .onion proxy Domain (nersinvestpayto.com) (policy.rules) 2815313 - ETPRO TROJAN Unknown Downloader .onion Proxy Domain (trojan.rules) 2815335 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2815368 - ETPRO TROJAN Derusbi/Winnti DNS Lookup (trojan.rules) 2815369 - ETPRO TROJAN Derusbi/Winnti DNS Lookup (trojan.rules) 2815370 - ETPRO TROJAN Derusbi/Winnti DNS Lookup (trojan.rules) 2815371 - ETPRO TROJAN Possible Winnti or other APT Implant DNS Lookup (trojan.rules) 2815383 - ETPRO TROJAN Derusbi/Winnti DNS Lookup (trojan.rules) 2815385 - ETPRO TROJAN TeslaCrypt/AlphaCrypt Payment DNS Lookup (trojan.rules) 2815416 - ETPRO POLICY DNS Query to .onion proxy Domain (waytopaytosystem.com) (policy.rules) 2815439 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2815545 - ETPRO POLICY DNS Query to .onion proxy Domain (deepwebgateway.com) (policy.rules) 2815546 - ETPRO POLICY DNS Query to .onion proxy Domain (malkintop100.com) (policy.rules) 2815569 - ETPRO TROJAN Trojan.Win32.Generic .onion Proxy Domain (trojan.rules) 2815574 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2815578 - ETPRO TROJAN Encryptor Raas .onion Proxy Domain (trojan.rules) 2815587 - ETPRO POLICY DNS Query to .onion proxy Domain (encpayment23.com) (policy.rules) 2815588 - ETPRO POLICY DNS Query to .onion proxy Domain (expay34.com) (policy.rules) 2815589 - ETPRO TROJAN Sacto DNS Lookup (trojan.rules) 2815590 - ETPRO TROJAN Sacto DNS Lookup (trojan.rules) 2815618 - ETPRO TROJAN Plugx DNS Lookup (trojan.rules) 2815619 - ETPRO TROJAN Sacto DNS Lookup (trojan.rules) 2815620 - ETPRO TROJAN Sacto DNS Lookup (trojan.rules) 2815621 - ETPRO TROJAN Sacto DNS Lookup (trojan.rules) 2815631 - ETPRO TROJAN Possible APT.SSLSneak DNS Lookup (trojan.rules) 2815632 - ETPRO TROJAN Possible APT.SSLSneak DNS Lookup (trojan.rules) 2815633 - ETPRO TROJAN Possible APT.SSLSneak DNS Lookup (trojan.rules) 2815634 - ETPRO TROJAN Possible APT.SSLSneak DNS Lookup (trojan.rules) 2815642 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2815794 - ETPRO CURRENT_EVENTS Possible EK SSL Redir DNS Lookup (current_events.rules) 2815795 - ETPRO CURRENT_EVENTS Possible EK SSL Redir DNS Lookup (current_events.rules) 2815796 - ETPRO CURRENT_EVENTS Possible EK SSL Redir DNS Lookup (current_events.rules) 2815797 - ETPRO CURRENT_EVENTS Possible EK SSL Redir DNS Lookup (current_events.rules) 2815815 - ETPRO CURRENT_EVENTS Observed Malvertising Domain DNS Request (markets.mediasoftmac.com) (current_events.rules) 2815816 - ETPRO CURRENT_EVENTS Observed Malvertising Domain DNS Request (advertising.northside-market.com) (current_events.rules) 2815851 - ETPRO TROJAN Ransomware/Poshcoder Onion Domain Lookup (trojan.rules) 2815857 - ETPRO TROJAN Superman APT DNS Lookup (trojan.rules) 2815869 - ETPRO TROJAN Kivars DNS Lookup (trojan.rules) 2815870 - ETPRO TROJAN Keylogger.Bedrun DNS Lookup (trojan.rules) 2815876 - ETPRO POLICY DNS Query to .onion proxy Domain (belladonnamonna.com) (policy.rules) 2815877 - ETPRO POLICY DNS Query to .onion proxy Domain (praypartnerstodo.com) (policy.rules) 2815878 - ETPRO POLICY DNS Query to .onion proxy Domain (hiltonpaytoo.com) (policy.rules) 2815879 - ETPRO POLICY DNS Query to .onion proxy Domain (barklpaypartners.com) (policy.rules) 2815959 - ETPRO TROJAN APT Related DNS Lookup (PlugX Gh0st Bergard) (trojan.rules) 2815996 - ETPRO TROJAN MSIL/Spy.Banker.DJ .onion Proxy Domain (trojan.rules) 2816031 - ETPRO TROJAN Fakben .onion Proxy Domain (trojan.rules) 2816075 - ETPRO TROJAN Ransomware Raas/Sarento .onion Proxy Domain (trojan.rules) 2816112 - ETPRO POLICY DNS Query to .onion proxy Domain (billingdetros.com) (policy.rules) 2816121 - ETPRO TROJAN Possible Ransomware Variant .onion Proxy Domain (trojan.rules) 2816194 - ETPRO POLICY DNS Query to .onion proxy Domain (fileinvestpaytor.com) (policy.rules) 2816195 - ETPRO POLICY DNS Query to .onion proxy Domain (worldoptionstopaytor.com) (policy.rules) 2816198 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816199 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816200 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816201 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816202 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816205 - ETPRO POLICY DNS Query to .onion proxy Domain (toragent.ch) (policy.rules) 2816206 - ETPRO POLICY DNS Query to .onion proxy Domain (torgateway.ch) (policy.rules) 2816207 - ETPRO POLICY DNS Query to .onion proxy Domain (privacytoday.ch) (policy.rules) 2816208 - ETPRO POLICY DNS Query to .onion proxy Domain (torconnection.ch) (policy.rules) 2816209 - ETPRO POLICY DNS Query to .onion proxy Domain (torwebsites.ch) (policy.rules) 2816210 - ETPRO POLICY DNS Query to .onion proxy Domain (tordevice.ch) (policy.rules) 2816211 - ETPRO POLICY DNS Query to .onion proxy Domain (ip2tor.be) (policy.rules) 2816212 - ETPRO POLICY DNS Query to .onion proxy Domain (torfilter.ch) (policy.rules) 2816213 - ETPRO POLICY DNS Query to .onion proxy Domain (torway.ch) (policy.rules) 2816214 - ETPRO POLICY DNS Query to .onion proxy Domain (torapplication.ch) (policy.rules) 2816222 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816236 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816237 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816238 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816239 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816240 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816241 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816242 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816243 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816244 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816245 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816246 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816247 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816248 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816249 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816250 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816251 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816252 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816253 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816254 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816255 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816256 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816257 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816258 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816259 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816260 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816261 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816262 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816263 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2816264 - ETPRO TROJAN Possible Superman APT DNS Lookup (trojan.rules) 2816265 - ETPRO TROJAN Possible APT.HTTPBrowser DNS Lookup (trojan.rules) 2816266 - ETPRO TROJAN Possible APT.HTTPBrowser DNS Lookup (trojan.rules) 2816267 - ETPRO TROJAN Possible Fowap DNS Lookup (trojan.rules) 2816316 - ETPRO TROJAN Win32/Agent.XRA (Robo) DNS Lookup (trojan.rules) 2816317 - ETPRO TROJAN Win32/Agent.XRA (Robo) DNS Lookup (trojan.rules) 2816318 - ETPRO TROJAN Win32/Agent.XRA (Robo) DNS Lookup (trojan.rules) 2816319 - ETPRO POLICY DNS Query to .onion proxy Domain (torsatellite.ch) (policy.rules) 2816320 - ETPRO POLICY DNS Query to .onion proxy Domain (toradapter.ch) (policy.rules) 2816324 - ETPRO TROJAN Encryptor Raas Variant .onion Proxy Domain (trojan.rules) 2816334 - ETPRO POLICY DNS Query to .onion proxy Domain (newhost2tor.ch) (policy.rules) 2816372 - ETPRO TROJAN Cryptolocker Variant .onion Proxy Domain (trojan.rules) 2816408 - ETPRO TROJAN Qadars 2.0 Onion Domain Lookup (trojan.rules) 2816409 - ETPRO TROJAN Qadars 2.0 CnC DNS Lookup (kakaja24.com) (trojan.rules) 2816410 - ETPRO TROJAN Qadars 2.0 CnC DNS Lookup (halopov.com) (trojan.rules) 2816411 - ETPRO TROJAN Qadars 2.0 CnC DNS Lookup (kisliy.com) (trojan.rules) 2816412 - ETPRO TROJAN Qadars 2.0 CnC DNS Lookup (angela127.com) (trojan.rules) 2816413 - ETPRO TROJAN Qadars 2.0 CnC DNS Lookup (photo-a5.pw) (trojan.rules) 2816414 - ETPRO TROJAN Qadars 2.0 CnC DNS Lookup (koktail24.com) (trojan.rules) 2816415 - ETPRO TROJAN Qadars 2.0 Injects DNS Lookup (ssldigic3rt.com) (trojan.rules) 2816416 - ETPRO TROJAN Qadars 2.0 Injects DNS Lookup (digidetectsys.com) (trojan.rules) 2816468 - ETPRO POLICY DNS Query to a *.fagdns.com domain - Likely Hostile (policy.rules) 2816486 - ETPRO TROJAN Ransomware Troyano .onion Domain (trojan.rules) 2816508 - ETPRO POLICY Incog-Neato .onion Proxy Domain (policy.rules) 2816518 - ETPRO TROJAN Ransomware/Poshcoder Onion Domain Lookup (trojan.rules) 2816688 - ETPRO TROJAN Rokku Ransomware Payment DNS Lookup (trojan.rules) 2816705 - ETPRO POLICY DNS Query to .onion proxy Domain (walterwhitepay.com) (policy.rules) 2816771 - ETPRO TROJAN Possible Bergard/Derusbi DNS Lookup (trojan.rules) 2816772 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2816773 - ETPRO TROJAN Unknown Keylogger .onion Checkin (trojan.rules) 2816780 - ETPRO TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816781 - ETPRO TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816782 - ETPRO TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816783 - ETPRO TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816784 - ETPRO TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816785 - ETPRO TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816822 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816823 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816824 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816825 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816826 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816827 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816828 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816829 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816830 - ETPRO TROJAN Suckfly/Nidiran Backdoor DNS Lookup (trojan.rules) 2816866 - ETPRO TROJAN GO/Neetog .onion Proxy Domain (trojan.rules) 2816867 - ETPRO MOBILE_MALWARE Andr/InfoStl-AU .onion Proxy Domain (mobile_malware.rules) 2816868 - ETPRO POLICY DNS Query to .onion proxy Domain (tor2you.ch) (policy.rules) 2816869 - ETPRO POLICY DNS Query to .onion proxy Domain (torcommunity.ch) (policy.rules) 2816870 - ETPRO POLICY DNS Query to .onion proxy Domain (livegaming.ch) (policy.rules) 2816871 - ETPRO POLICY DNS Query to .onion proxy Domain (tornode.ru) (policy.rules) 2816872 - ETPRO POLICY DNS Query to .onion proxy Domain (angortra.at) (policy.rules) 2816873 - ETPRO POLICY DNS Query to .onion proxy Domain (livewargaming.ch) (policy.rules) 2816942 - ETPRO TROJAN Possible Derusbi DNS Lookup (trojan.rules) 2819650 - ETPRO POLICY DNS Query to .onion proxy Domain (livecamshow.ch) (policy.rules) 2819651 - ETPRO POLICY DNS Query to .onion proxy Domain (mainroom.ch) (policy.rules) 2819652 - ETPRO POLICY DNS Query to .onion proxy Domain (torlink2.ru) (policy.rules) 2819653 - ETPRO POLICY DNS Query to .onion proxy Domain (tormain.li) (policy.rules) 2819654 - ETPRO POLICY DNS Query to .onion proxy Domain (tormaster.ch) (policy.rules) 2819655 - ETPRO POLICY DNS Query to .onion proxy Domain (torstartup.ch) (policy.rules) 2819656 - ETPRO POLICY DNS Query to .onion proxy Domain (truewargame.ch) (policy.rules) 2819792 - ETPRO POLICY DNS Query to .onion proxy Domain (torcreator.li) (policy.rules) 2819793 - ETPRO POLICY DNS Query to .onion proxy Domain (torweb.org) (policy.rules) 2819794 - ETPRO POLICY DNS Query to .onion proxy Domain (torreactor.li) (policy.rules) 2819795 - ETPRO POLICY DNS Query to .onion proxy Domain (tordonator.li) (policy.rules) 2819806 - ETPRO TROJAN CryptXXX Possible Payment Page (trojan.rules) 2819813 - ETPRO TROJAN TorrentLocker DNS query to Domain *.dirtyslim.org (trojan.rules) 2819817 - ETPRO TROJAN iSpySoft Retrieving Payload .onion Proxy Domain (trojan.rules) 2819819 - ETPRO TROJAN Ransomware/Poshcoder Onion Domain Lookup (trojan.rules) 2819860 - ETPRO TROJAN MultiGrainPOS CnC over DNS (trojan.rules) 2819871 - ETPRO TROJAN Fareit/Pony .onion Domain (trojan.rules) 2819874 - ETPRO POLICY DNS Query to .onion proxy Domain (torclassik.li) (policy.rules) 2819875 - ETPRO POLICY DNS Query to .onion proxy Domain (tortelevision.li) (policy.rules) 2819888 - ETPRO TROJAN Andr/InfoStl-AU .onion Proxy Domain (trojan.rules) 2819893 - ETPRO TROJAN Backdoor.Win32.Mokes.vpf .onion Proxy Domain (trojan.rules) 2819913 - ETPRO TROJAN Jupiter Banker Injects DNS Lookup (trojan.rules) 2819915 - ETPRO TROJAN Jupiter Banker DNS Lookup (trojan.rules) 2819952 - ETPRO TROJAN Ransomware/TrueCrypter Onion Domain Lookup (trojan.rules) 2819961 - ETPRO TROJAN MSIL/TrojanDownloader.Agent.BRM .onion Proxy Domain (trojan.rules) 2819996 - ETPRO TROJAN MultiGrainPOS CnC over DNS (trojan.rules) 2820028 - ETPRO TROJAN Possible APT.HTTPBrowser DNS Lookup (trojan.rules) 2820047 - ETPRO TROJAN Possible APT.HTTPBrowser DNS Lookup (trojan.rules) 2820069 - ETPRO TROJAN Encryptor Raas .onion Proxy Domain (trojan.rules) 2820100 - ETPRO POLICY DNS Query to .onion proxy Domain (tormanager.org) (policy.rules) 2820101 - ETPRO POLICY DNS Query to .onion proxy Domain (balisticoption.com) (policy.rules) 2820156 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2820177 - ETPRO TROJAN Unknown Locker C2 domain (trojan.rules) 2820178 - ETPRO TROJAN Unknown Locker C2 domain (trojan.rules) 2820192 - ETPRO TROJAN Win32/PaySafeCrypt Ransomware .onion Proxy Domain (trojan.rules) 2820193 - ETPRO TROJAN Drixed .onion Proxy Domain (trojan.rules) 2820233 - ETPRO POLICY DNS Query to .onion proxy Domain (toradmin.li) (policy.rules) 2820234 - ETPRO POLICY DNS Query to .onion proxy Domain (torbook.li) (policy.rules) 2820268 - ETPRO TROJAN DNS Query to Cerber Domain (kipfgs65s . com) (trojan.rules) 2820269 - ETPRO TROJAN DNS Query to Cerber Domain (fastpaybtc . com) (trojan.rules) 2820278 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.net) (policy.rules) 2820279 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.org) (policy.rules) 2820280 - ETPRO POLICY DNS Query to .onion proxy Domain (torspaces.li) (policy.rules) 2820281 - ETPRO POLICY DNS Query to .onion proxy Domain (torclever.li) (policy.rules) 2820282 - ETPRO POLICY DNS Query to .onion proxy Domain (torspeed.li) (policy.rules) 2820284 - ETPRO TROJAN DNS Query to Cerber Domain (easypaybtc . com) (trojan.rules) 2820290 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (android-securityupdate.com) (trojan.rules) 2820291 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (cibc-clients.com) (trojan.rules) 2820292 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (cibc-security.com) (trojan.rules) 2820293 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (knutesecos.com) (trojan.rules) 2820294 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (mensabuxus.net) (trojan.rules) 2820295 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (ogrthuvfewfdcfri5euwg.com) (trojan.rules) 2820296 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (ogrthuvwfdcfri5euwg.com) (trojan.rules) 2820297 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (rogers-ca.com) (trojan.rules) 2820298 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (rogers-clients.com) (trojan.rules) 2820299 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (signin-rogers.com) (trojan.rules) 2820300 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (signin-tangerine.com) (trojan.rules) 2820301 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (tangerine-ca.com) (trojan.rules) 2820302 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (tangerine-can.com) (trojan.rules) 2820303 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (tangerine-security.com) (trojan.rules) 2820304 - ETPRO TROJAN Bolek/Kbot CnC DNS Lookup (tangerine-zone.com) (trojan.rules) 2820345 - ETPRO TROJAN PowerShell/Agent.B .onion Domain (4nzchpngrtdhn27u) (trojan.rules) 2820346 - ETPRO TROJAN PowerShell/Agent.B .onion Domain (jj6yu3vr5chfxnyc) (trojan.rules) 2820347 - ETPRO TROJAN PowerShell/Agent.B .onion Domain (27vmq54zu46vmiel) (trojan.rules) 2820348 - ETPRO TROJAN PowerShell/Agent.B .onion Domain (6h5junbsz6gfssha) (trojan.rules) 2820368 - ETPRO TROJAN TorrentLocker DNS query to Domain *.blasters.biz (trojan.rules) 2820398 - ETPRO TROJAN Win32/Nystprac.A CnC Domain DNS Request (trojan.rules) 2820408 - ETPRO TROJAN DNS Query to Cerber Domain (tewoaq . win) (trojan.rules) 2820409 - ETPRO TROJAN DNS Query to Cerber Domain (red4is . win) (trojan.rules) 2820410 - ETPRO POLICY DNS Query to .onion proxy Domain (li4loi.win) (policy.rules) 2820412 - ETPRO TROJAN DNS Query to Cerber Domain (maqwe5 . win) (trojan.rules) 2820413 - ETPRO TROJAN DNS Query to Cerber Domain (wewiso . win) (trojan.rules) 2820414 - ETPRO TROJAN DNS Query to Cerber Domain (nerti5 . win) (trojan.rules) 2820415 - ETPRO TROJAN DNS Query to Cerber Domain (raress . win) (trojan.rules) 2820416 - ETPRO TROJAN DNS Query to Cerber Domain (workju . win) (trojan.rules) 2820417 - ETPRO TROJAN DNS Query to Cerber Domain (wet4io . win) (trojan.rules) 2820418 - ETPRO TROJAN DNS Query to Cerber Domain (mix3hi . win) (trojan.rules) 2820419 - ETPRO TROJAN DNS Query to Cerber Domain (oneswi . win) (trojan.rules) 2820420 - ETPRO TROJAN DNS Query to Cerber Domain (lib2vi . win) (trojan.rules) 2820421 - ETPRO TROJAN DNS Query to Cerber Domain (tigifc . win) (trojan.rules) 2820422 - ETPRO TROJAN DNS Query to Cerber Domain (ti4wic . win) (trojan.rules) 2820423 - ETPRO TROJAN DNS Query to Cerber Domain (amdeu5 . win) (trojan.rules) 2820424 - ETPRO TROJAN DNS Query to Cerber Domain (moneu5 . win) (trojan.rules) 2820425 - ETPRO TROJAN DNS Query to Cerber Domain (m5gid4 . win) (trojan.rules) 2820426 - ETPRO TROJAN DNS Query to Cerber Domain (m5fgoi . win) (trojan.rules) 2820427 - ETPRO TROJAN DNS Query to Cerber Domain (wins4n . win) (trojan.rules) 2820428 - ETPRO TROJAN DNS Query to Cerber Domain (m5gips . win) (trojan.rules) 2820429 - ETPRO POLICY DNS Query to .onion proxy Domain (watchdogpayment.com) (policy.rules) 2820434 - ETPRO TROJAN Redirector.Paco DNS Name (1.mtmyoq.se) (trojan.rules) 2820435 - ETPRO TROJAN Redirector.Paco DNS Name (2.mtmyoq.se) (trojan.rules) 2820436 - ETPRO TROJAN Redirector.Paco DNS Name (3.mtmyoq.se) (trojan.rules) 2820437 - ETPRO TROJAN Redirector.Paco DNS Name (4.mtmyoq.se) (trojan.rules) 2820438 - ETPRO TROJAN Redirector.Paco DNS Name (5.mtmyoq.se) (trojan.rules) 2820439 - ETPRO TROJAN Redirector.Paco DNS Name (6.mtmyoq.se) (trojan.rules) 2820440 - ETPRO TROJAN Redirector.Paco DNS Name (7.mtmyoq.se) (trojan.rules) 2820441 - ETPRO TROJAN Redirector.Paco DNS Name (8.mtmyoq.se) (trojan.rules) 2820442 - ETPRO TROJAN Redirector.Paco DNS Name (9.mtmyoq.se) (trojan.rules) 2820454 - ETPRO TROJAN Android/Spy.Agent.UN .onion Proxy Domain (trojan.rules) 2820478 - ETPRO TROJAN TorrentLocker DNS query to Domain *.lingeringhands.org (trojan.rules) 2820479 - ETPRO TROJAN TorrentLocker DNS query to Domain *.copypastes.net (trojan.rules) 2820483 - ETPRO TROJAN TorrentLocker DNS query to Domain *.bigfloristics.com (trojan.rules) 2820485 - ETPRO TROJAN TorrentLocker DNS query to Domain *.billmassanger.com (trojan.rules) 2820496 - ETPRO TROJAN DNS Query to Cerber Domain (azwsxe . win) (trojan.rules) 2820497 - ETPRO TROJAN DNS Query to Cerber Domain (xzcfr4 . win) (trojan.rules) 2820500 - ETPRO TROJAN DNS Query to Cerber Domain (werti4 . win) (trojan.rules) 2820501 - ETPRO TROJAN DNS Query to Cerber Domain (azlto5 . win) (trojan.rules) 2820502 - ETPRO TROJAN DNS Query to Cerber Domain (sdfiso . win) (trojan.rules) 2820503 - ETPRO TROJAN DNS Query to Cerber Domain (ad34ft . win) (trojan.rules) 2820504 - ETPRO TROJAN DNS Query to Cerber Domain (asxce4 . win) (trojan.rules) 2820505 - ETPRO TROJAN DNS Query to Cerber Domain (sims6n . win) (trojan.rules) 2820506 - ETPRO POLICY DNS Query to .onion proxy Domain (torking.li) (policy.rules) 2820507 - ETPRO TROJAN DNS Query to Cerber Domain (45kgok . win) (trojan.rules) 2820508 - ETPRO POLICY DNS Query to .onion proxy Domain (torbrouke.li) (policy.rules) 2820513 - ETPRO TROJAN TorrentLocker DNS query to Domain *.prolongedroads (trojan.rules) 2820519 - ETPRO TROJAN TorrentLocker DNS query to Domain *.fixplanet.org (trojan.rules) 2820520 - ETPRO TROJAN TorrentLocker DNS query to Domain *.manybigtoys.com (trojan.rules) 2820526 - ETPRO TROJAN Trojan-Ransom.Win32.Crypmod.xvg .onion Proxy Domain (trojan.rules) 2820538 - ETPRO TROJAN TorrentLocker DNS query to Domain *.gefryhard.org (trojan.rules) 2820540 - ETPRO TROJAN APT28 SEDNIT DNS Lookup (trojan.rules) 2820542 - ETPRO TROJAN APT28 SEDNIT DNS Lookup (trojan.rules) 2820551 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2820552 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2820556 - ETPRO TROJAN TorrentLocker DNS query to Domain *.felteron.com (trojan.rules) 2820560 - ETPRO TROJAN TorrentLocker DNS query to Domain *.pinterpoint.biz (trojan.rules) 2820561 - ETPRO TROJAN TorrentLocker DNS query to Domain *.capturen.net (trojan.rules) 2820573 - ETPRO TROJAN TorrentLocker DNS query to Domain *.varstent.net (trojan.rules) 2820574 - ETPRO TROJAN TorrentLocker DNS query to Domain *.vilosten.biz (trojan.rules) 2820575 - ETPRO TROJAN TorrentLocker DNS query to Domain *.businesnews.net (trojan.rules) 2820577 - ETPRO TROJAN TorrentLocker DNS query to Domain *.mybariton.com (trojan.rules) 2820583 - ETPRO TROJAN TorrentLocker DNS query to Domain pahrently.biz (trojan.rules) 2820585 - ETPRO TROJAN Ursnif DNS Query (trojan.rules) 2820588 - ETPRO TROJAN Win32/Agent.RWB .onion Proxy Domain (trojan.rules) 2820671 - ETPRO TROJAN TorrentLocker DNS query to Domain *.vesttessy.net (trojan.rules) 2820672 - ETPRO TROJAN TorrentLocker DNS query to Domain *.goldvredy.org (trojan.rules) 2820697 - ETPRO TROJAN TorrentLocker DNS query to Domain *.firsttoysworld.com (trojan.rules) 2820698 - ETPRO TROJAN TorrentLocker DNS query to Domain *.drinkwiskey.net (trojan.rules) 2820699 - ETPRO TROJAN TorrentLocker DNS query to Domain *.coaltrak.net (trojan.rules) 2820700 - ETPRO TROJAN TorrentLocker DNS query to Domain *.bigdigitals.com (trojan.rules) 2820701 - ETPRO TROJAN TorrentLocker DNS query to Domain *.billagefact.org (trojan.rules) 2820707 - ETPRO MALWARE Adwind .onion Proxy Domain (malware.rules) 2820708 - ETPRO TROJAN Ryzerlo .onion Proxy Domain (trojan.rules) 2820715 - ETPRO TROJAN Jenxcus .onion Proxy Domain (trojan.rules) 2820717 - ETPRO TROJAN DNS Query to Cerber Domain (6oifgr . win) (trojan.rules) 2820718 - ETPRO TROJAN DNS Query to Cerber Domain (zx34jk . win) (trojan.rules) 2820719 - ETPRO POLICY DNS Query to .onion proxy Domain (torminimals.li) (policy.rules) 2820720 - ETPRO TROJAN DNS Query to Cerber Domain (xo59ok . win) (trojan.rules) 2820721 - ETPRO TROJAN DNS Query to Cerber Domain (rt4e34 . win) (trojan.rules) 2820722 - ETPRO TROJAN DNS Query to Cerber Domain (as13fd . win) (trojan.rules) 2820723 - ETPRO TROJAN DNS Query to Cerber Domain (xlfp45 . win) (trojan.rules) 2820724 - ETPRO TROJAN DNS Query to Cerber Domain (xltnet . win) (trojan.rules) 2820725 - ETPRO TROJAN DNS Query to Cerber Domain (ret5kr . win) (trojan.rules) 2820726 - ETPRO TROJAN DNS Query to Cerber Domain (xmfhr6 . win) (trojan.rules) 2820727 - ETPRO POLICY DNS Query to .onion proxy Domain (tordrims.li) (policy.rules) 2820728 - ETPRO POLICY DNS Query to .onion proxy Domain (bibliopayoption.com) (policy.rules) 2820729 - ETPRO TROJAN DNS Query to Cerber Domain (slr849 . win) (trojan.rules) 2820730 - ETPRO TROJAN DNS Query to Cerber Domain (zgf48j . win) (trojan.rules) 2820731 - ETPRO TROJAN TorrentLocker DNS query to Domain *.clotherdor.net (trojan.rules) 2820737 - ETPRO TROJAN Omaneat .onion Proxy Domain (trojan.rules) 2820757 - ETPRO TROJAN APT SWC PluginDetect/Evercookie DNS Lookup (trojan.rules) 2820758 - ETPRO TROJAN APT SWC PluginDetect/Evercookie DNS Lookup (trojan.rules) 2820759 - ETPRO TROJAN APT SWC PluginDetect/Evercookie DNS Lookup (trojan.rules) 2820760 - ETPRO TROJAN APT SWC PluginDetect/Evercookie DNS Lookup (trojan.rules) 2820761 - ETPRO TROJAN RumbleCrypt Ransomware .onion Proxy Domain (trojan.rules) 2820795 - ETPRO TROJAN Backdoor.Win32.Androm.jufj .onion Proxy Domain (trojan.rules) 2820796 - ETPRO TROJAN APT28 Likely EK DNS Lookup (trojan.rules) 2820797 - ETPRO TROJAN APT28 Likely EK DNS Lookup (trojan.rules) 2820798 - ETPRO TROJAN APT28 Likely EK DNS Lookup (trojan.rules) 2820799 - ETPRO TROJAN APT28 Likely EK DNS Lookup (trojan.rules) 2820800 - ETPRO TROJAN APT28 Likely EK DNS Lookup (trojan.rules) 2820818 - ETPRO TROJAN DNS Query to Cerber Domain (dkrti5 . win) (trojan.rules) 2820819 - ETPRO TROJAN DNS Query to Cerber Domain (vmfu48 . win) (trojan.rules) 2820820 - ETPRO TROJAN DNS Query to Cerber Domain (gkfit9 . win) (trojan.rules) 2820821 - ETPRO TROJAN DNS Query to Cerber Domain (cneo59 . win) (trojan.rules) 2820822 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.rip) (policy.rules) 2820823 - ETPRO TROJAN DNS Query to Cerber Domain (xmfir0 . win) (trojan.rules) 2820865 - ETPRO TROJAN DNS Query to Cerber Domain (305iot . win) (trojan.rules) 2820866 - ETPRO TROJAN DNS Query to Cerber Domain (djre89 . win) (trojan.rules) 2820867 - ETPRO TROJAN DNS Query to Cerber Domain (fkri48 . win) (trojan.rules) 2820868 - ETPRO POLICY DNS Query to .onion proxy Domain (45tori.win) (policy.rules) 2820869 - ETPRO TROJAN DNS Query to Cerber Domain (xmfjr7 . top) (trojan.rules) 2820897 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2820936 - ETPRO TROJAN Ransomware WildFire Locker .onion Payment Domain (gsxrmcgsygcxfkbb) (trojan.rules) 2820956 - ETPRO TROJAN Zbot .onion Proxy Domain (trojan.rules) 2820957 - ETPRO TROJAN Possible Ransomware Variant .onion Proxy Domain (trojan.rules) 2820963 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2820966 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2820979 - ETPRO TROJAN CryptXXX Payment Onion Domain (trojan.rules) 2821000 - ETPRO MOBILE_MALWARE PokemonGo AndroidOS.DroidJack DNS Lookup (mobile_malware.rules) 2821004 - ETPRO POLICY DNS Query to .onion proxy Domain (paybonymans.com) (policy.rules) 2821005 - ETPRO POLICY DNS Query to .onion proxy Domain (zmdru5.top) (policy.rules) 2821006 - ETPRO POLICY DNS Query to .onion proxy Domain (er48rt.win) (policy.rules) 2821007 - ETPRO TROJAN DNS Query to Cerber Domain (xtrvb4 . win) (trojan.rules) 2821008 - ETPRO TROJAN DNS Query to Cerber Domain (ie7t8k . top) (trojan.rules) 2821009 - ETPRO POLICY DNS Query to .onion proxy Domain (305iot.top) (policy.rules) 2821010 - ETPRO TROJAN DNS Query to Cerber Domain (alri58 . win) (trojan.rules) 2821011 - ETPRO POLICY DNS Query to .onion proxy Domain (wi49ur.top) (policy.rules) 2821012 - ETPRO POLICY DNS Query to .onion proxy Domain (dk59jg.win) (policy.rules) 2821013 - ETPRO TROJAN DNS Query to Cerber Domain (fkgrie . top) (trojan.rules) 2821047 - ETPRO TROJAN DNS Query to Cerber Domain (5kti58 . top) (trojan.rules) 2821048 - ETPRO TROJAN DNS Query to Cerber Domain (xmfkr8 . top) (trojan.rules) 2821049 - ETPRO TROJAN DNS Query to Cerber Domain (to6maq . top) (trojan.rules) 2821050 - ETPRO TROJAN DNS Query to Cerber Domain (vmfur5 . top) (trojan.rules) 2821051 - ETPRO TROJAN DNS Query to Cerber Domain (lfotp5 . top) (trojan.rules) 2821052 - ETPRO TROJAN DNS Query to Cerber Domain (we34re . top) (trojan.rules) 2821094 - ETPRO TROJAN Ransomware Variant .onion Proxy Domain (trojan.rules) 2821096 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821097 - ETPRO TROJAN Possible Ransomware Variant .onion Proxy Domain (trojan.rules) 2821098 - ETPRO TROJAN APT28 (XAgent or other) DNS Lookup (trojan.rules) 2821099 - ETPRO TROJAN APT28 (XAgent or other) DNS Lookup (trojan.rules) 2821100 - ETPRO TROJAN APT28 (XAgent or other) DNS Lookup (trojan.rules) 2821101 - ETPRO TROJAN APT28 (XAgent or other) DNS Lookup (trojan.rules) 2821108 - ETPRO TROJAN DNS Query to Cerber Domain (adevf4 . win) (trojan.rules) 2821109 - ETPRO POLICY DNS Query to .onion proxy Domain (raress.top) (policy.rules) 2821110 - ETPRO POLICY DNS Query to .onion proxy Domain (moneu5.top) (policy.rules) 2821111 - ETPRO POLICY DNS Query to .onion proxy Domain (cmr95i.win) (policy.rules) 2821112 - ETPRO TROJAN DNS Query to Cerber Domain (fgfid6 . top) (trojan.rules) 2821113 - ETPRO TROJAN DNS Query to Cerber Domain (fkr84i . win) (trojan.rules) 2821114 - ETPRO TROJAN DNS Query to Cerber Domain (45gf4t . win) (trojan.rules) 2821115 - ETPRO POLICY DNS Query to .onion proxy Domain (5kti58.win) (policy.rules) 2821116 - ETPRO POLICY External IP DNS Lookup wtfismyip (policy.rules) 2821123 - ETPRO TROJAN PowerShell/TrojanDownloader.Agent.Q .onion Proxy Domain (trojan.rules) 2821124 - ETPRO TROJAN PowerShell/TrojanDownloader.Agent.Q .onion Proxy Domain (trojan.rules) 2821127 - ETPRO TROJAN Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2821131 - ETPRO TROJAN EncryptorRaas .onion Proxy Domain (ub5eirrbs34corvj) (trojan.rules) 2821150 - ETPRO POLICY DNS Query to .onion proxy Domain (wewiso.top) (policy.rules) 2821151 - ETPRO TROJAN DNS Query to Cerber Domain (cmti5o . win) (trojan.rules) 2821152 - ETPRO POLICY DNS Query to .onion proxy Domain (xmfu59.win) (policy.rules) 2821153 - ETPRO POLICY DNS Query to .onion proxy Domain (cmr95i.top) (policy.rules) 2821154 - ETPRO POLICY DNS Query to .onion proxy Domain (dkriur.top) (policy.rules) 2821155 - ETPRO POLICY DNS Query to .onion proxy Domain (qor499.top) (policy.rules) 2821176 - ETPRO TROJAN WaterTiger DNS Lookup (trojan.rules) 2821191 - ETPRO TROJAN Possible JS/Nemucod Variant .onion Proxy Domain (trojan.rules) 2821192 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821193 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821194 - ETPRO TROJAN PowerShell/TrojanDownloader.Agent .onion Proxy Domain (trojan.rules) 2821195 - ETPRO TROJAN PowerShell/TrojanDownloader.Agent .onion Proxy Domain (trojan.rules) 2821212 - ETPRO TROJAN Win32/TrojanDownloader.Agent.CGY .onion Proxy Domain (trojan.rules) 2821214 - ETPRO TROJAN DNS Query to Cerber Domain (asd3r3 . top) (trojan.rules) 2821215 - ETPRO POLICY DNS Query to .onion proxy Domain (oyiw92.top) (policy.rules) 2821216 - ETPRO POLICY DNS Query to .onion proxy Domain (i5cgcw.top) (policy.rules) 2821217 - ETPRO TROJAN DNS Query to Cerber Domain (bestfordownload . click) (trojan.rules) 2821218 - ETPRO TROJAN DNS Query to Cerber Domain (6ogy3i . top) (trojan.rules) 2821219 - ETPRO POLICY DNS Query to .onion proxy Domain (w512rc.top) (policy.rules) 2821220 - ETPRO TROJAN DNS Query to Cerber Domain (7jiff7 . top) (trojan.rules) 2821221 - ETPRO TROJAN DNS Query to Cerber Domain (o08a6d . top) (trojan.rules) 2821222 - ETPRO TROJAN DNS Query to Cerber Domain (k7oud1 . top) (trojan.rules) 2821223 - ETPRO TROJAN DNS Query to Cerber Domain (gletterstan . trade) (trojan.rules) 2821224 - ETPRO TROJAN DNS Query to Cerber Domain (j92msu . top) (trojan.rules) 2821225 - ETPRO POLICY DNS Query to .onion proxy Domain (afteghonte.lol) (policy.rules) 2821239 - ETPRO TROJAN DNS Query to Cerber Domain (g0ots2 . top) (trojan.rules) 2821240 - ETPRO POLICY DNS Query to .onion proxy Domain (fm0cga.top) (policy.rules) 2821241 - ETPRO TROJAN DNS Query to Cerber Domain (wer56t . top) (trojan.rules) 2821242 - ETPRO TROJAN DNS Query to Cerber Domain (kml2o2 . top) (trojan.rules) 2821243 - ETPRO TROJAN DNS Query to Cerber Domain (ka0te8 . top) (trojan.rules) 2821244 - ETPRO POLICY DNS Query to .onion proxy Domain (fe98iy.top) (policy.rules) 2821245 - ETPRO POLICY DNS Query to .onion proxy Domain (apperloads.win) (policy.rules) 2821246 - ETPRO TROJAN DNS Query to Cerber Domain (moonsides . faith) (trojan.rules) 2821247 - ETPRO POLICY DNS Query to .onion proxy Domain (deg5xr.top) (policy.rules) 2821248 - ETPRO POLICY DNS Query to .onion proxy Domain (imhhwm.top) (policy.rules) 2821249 - ETPRO TROJAN DNS Query to Cerber Domain (9nj8ex . top) (trojan.rules) 2821250 - ETPRO POLICY DNS Query to .onion proxy Domain (j228oe.top) (policy.rules) 2821251 - ETPRO POLICY DNS Query to .onion proxy Domain (fraspartypay.com) (policy.rules) 2821252 - ETPRO POLICY DNS Query to .onion proxy Domain (wins4n.top) (policy.rules) 2821253 - ETPRO POLICY DNS Query to .onion proxy Domain (vrid8l.top) (policy.rules) 2821254 - ETPRO TROJAN DNS Query to Cerber Domain (bigfooters . loan) (trojan.rules) 2821255 - ETPRO TROJAN DNS Query to Cerber Domain (c7ex9n . top) (trojan.rules) 2821256 - ETPRO TROJAN DNS Query to Cerber Domain (viceled . pw) (trojan.rules) 2821257 - ETPRO TROJAN DNS Query to Cerber Domain (ujtwhg . top) (trojan.rules) 2821258 - ETPRO TROJAN DNS Query to Cerber Domain (9ildst . top) (trojan.rules) 2821259 - ETPRO POLICY DNS Query to .onion proxy Domain (ag082d.top) (policy.rules) 2821260 - ETPRO TROJAN DNS Query to Cerber Domain (marksgain . kim) (trojan.rules) 2821261 - ETPRO TROJAN DNS Query to Cerber Domain (ep493u . top) (trojan.rules) 2821262 - ETPRO TROJAN DNS Query to Cerber Domain (nameuser . site) (trojan.rules) 2821263 - ETPRO TROJAN DNS Query to Cerber Domain (fgkr56 . top) (trojan.rules) 2821264 - ETPRO POLICY DNS Query to .onion proxy Domain (xneyvm.top) (policy.rules) 2821265 - ETPRO POLICY DNS Query to .onion proxy Domain (p4o8m0.top) (policy.rules) 2821266 - ETPRO TROJAN DNS Query to Cerber Domain (p2lsgr . top) (trojan.rules) 2821267 - ETPRO TROJAN DNS Query to Cerber Domain (o2dval . top) (trojan.rules) 2821268 - ETPRO TROJAN DNS Query to Cerber Domain (chargecar . vip) (trojan.rules) 2821269 - ETPRO TROJAN DNS Query to Cerber Domain (cmri58 . top) (trojan.rules) 2821270 - ETPRO TROJAN DNS Query to Cerber Domain (p8rruv . top) (trojan.rules) 2821271 - ETPRO POLICY DNS Query to .onion proxy Domain (factordo.site) (policy.rules) 2821272 - ETPRO TROJAN DNS Query to Cerber Domain (xkfi59 . top) (trojan.rules) 2821273 - ETPRO TROJAN DNS Query to Cerber Domain (x1kofw . top) (trojan.rules) 2821274 - ETPRO POLICY DNS Query to .onion proxy Domain (f0ps6o.top) (policy.rules) 2821275 - ETPRO TROJAN DNS Query to Cerber Domain (58na23 . top) (trojan.rules) 2821276 - ETPRO TROJAN DNS Query to Cerber Domain (zclw5i . top) (trojan.rules) 2821277 - ETPRO POLICY DNS Query to .onion proxy Domain (bt7r70.top) (policy.rules) 2821278 - ETPRO TROJAN DNS Query to Cerber Domain (5b1s82 . top) (trojan.rules) 2821279 - ETPRO TROJAN DNS Query to Cerber Domain (hasterlyston . cloud) (trojan.rules) 2821280 - ETPRO POLICY DNS Query to .onion proxy Domain (shutlazy.casa) (policy.rules) 2821281 - ETPRO TROJAN DNS Query to Cerber Domain (xmfru5 . top) (trojan.rules) 2821282 - ETPRO TROJAN DNS Query to Cerber Domain (laverhants . link) (trojan.rules) 2821283 - ETPRO TROJAN DNS Query to Cerber Domain (kcufx4 . top) (trojan.rules) 2821284 - ETPRO TROJAN DNS Query to Cerber Domain (0225r5 . top) (trojan.rules) 2821285 - ETPRO TROJAN DNS Query to Cerber Domain (lk0bzc . top) (trojan.rules) 2821286 - ETPRO TROJAN DNS Query to Cerber Domain (hlu8yz . top) (trojan.rules) 2821287 - ETPRO POLICY DNS Query to .onion proxy Domain (bonbestal.asia) (policy.rules) 2821288 - ETPRO TROJAN DNS Query to Cerber Domain (azwsxe . top) (trojan.rules) 2821289 - ETPRO POLICY DNS Query to .onion proxy Domain (h9ihx3.top) (policy.rules) 2821290 - ETPRO POLICY DNS Query to .onion proxy Domain (paypoints.red) (policy.rules) 2821291 - ETPRO TROJAN DNS Query to Cerber Domain (thyx30 . top) (trojan.rules) 2821292 - ETPRO POLICY DNS Query to .onion proxy Domain (sg62es.top) (policy.rules) 2821293 - ETPRO TROJAN DNS Query to Cerber Domain (grewmarks . vip) (trojan.rules) 2821294 - ETPRO TROJAN DNS Query to Cerber Domain (4oti58 . top) (trojan.rules) 2821295 - ETPRO TROJAN DNS Query to Cerber Domain (3lhjyx . top) (trojan.rules) 2821296 - ETPRO TROJAN DNS Query to Cerber Domain (mtxtul . top) (trojan.rules) 2821297 - ETPRO POLICY DNS Query to .onion proxy Domain (mix3hi.top) (policy.rules) 2821298 - ETPRO TROJAN DNS Query to Cerber Domain (092vu8 . top) (trojan.rules) 2821299 - ETPRO TROJAN DNS Query to Cerber Domain (b7mciu . top) (trojan.rules) 2821300 - ETPRO POLICY DNS Query to .onion proxy Domain (49uro5.top) (policy.rules) 2821301 - ETPRO TROJAN DNS Query to Cerber Domain (self56 . top) (trojan.rules) 2821302 - ETPRO TROJAN DNS Query to Cerber Domain (sentowing . trade) (trojan.rules) 2821303 - ETPRO TROJAN DNS Query to Cerber Domain (yv7l4b . top) (trojan.rules) 2821304 - ETPRO TROJAN DNS Query to Cerber Domain (freshsdog . loan) (trojan.rules) 2821305 - ETPRO POLICY DNS Query to .onion proxy Domain (adevf4.top) (policy.rules) 2821306 - ETPRO TROJAN DNS Query to Cerber Domain (pap44w . top) (trojan.rules) 2821307 - ETPRO TROJAN DNS Query to Cerber Domain (frn62e . top) (trojan.rules) 2821308 - ETPRO POLICY DNS Query to .onion proxy Domain (5kb3dl.top) (policy.rules) 2821314 - ETPRO TROJAN Win32/TrojanDownloader.Agent.CGY .onion Proxy Domain (trojan.rules) 2821315 - ETPRO TROJAN Retefe Banker .onion Domain (trojan.rules) 2821316 - ETPRO TROJAN Win32/TrojanDownloader.Agent.CGY .onion Proxy Domain (trojan.rules) 2821331 - ETPRO TROJAN Sefnit .onion Proxy Domain (trojan.rules) 2821332 - ETPRO TROJAN Sefnit .onion Proxy Domain (trojan.rules) 2821351 - ETPRO TROJAN Sefnit .onion Proxy Domain (trojan.rules) 2821352 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821353 - ETPRO TROJAN VBS/TrojanDownloader.Agent.NVH DNS Lookup (trojan.rules) 2821371 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup (mobile_malware.rules) 2821372 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 2 (mobile_malware.rules) 2821373 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 3 (mobile_malware.rules) 2821374 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 4 (mobile_malware.rules) 2821376 - ETPRO TROJAN APT28 SEDNIT DNS Lookup (trojan.rules) 2821377 - ETPRO TROJAN APT28 SEDNIT DNS Lookup (trojan.rules) 2821378 - ETPRO TROJAN APT28 SEDNIT DNS Lookup (trojan.rules) 2821379 - ETPRO TROJAN APT28 SEDNIT DNS Lookup (trojan.rules) 2821380 - ETPRO TROJAN Likely APT28 Win32/Sednit.U DNS Lookup (trojan.rules) 2821395 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821396 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821397 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821398 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821399 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821401 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821402 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821403 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821404 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821405 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821406 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821407 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821408 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821427 - ETPRO POLICY DNS Query to .onion proxy Domain (0npzm6.top) (policy.rules) 2821428 - ETPRO TROJAN DNS Query to Cerber Domain (0vgu64 . top) (trojan.rules) 2821429 - ETPRO TROJAN DNS Query to Cerber Domain (143h2a . top) (trojan.rules) 2821430 - ETPRO TROJAN DNS Query to Cerber Domain (1bipa9 . top) (trojan.rules) 2821431 - ETPRO TROJAN DNS Query to Cerber Domain (1de02r . top) (trojan.rules) 2821432 - ETPRO POLICY DNS Query to .onion proxy Domain (1o49wi.top) (policy.rules) 2821433 - ETPRO POLICY DNS Query to .onion proxy Domain (2agglf.top) (policy.rules) 2821434 - ETPRO TROJAN DNS Query to Cerber Domain (308an1 . top) (trojan.rules) 2821435 - ETPRO POLICY DNS Query to .onion proxy Domain (36xxk1.top) (policy.rules) 2821436 - ETPRO POLICY DNS Query to .onion proxy Domain (3di24a.top) (policy.rules) 2821437 - ETPRO TROJAN DNS Query to Cerber Domain (3odvfb . top) (trojan.rules) 2821438 - ETPRO TROJAN DNS Query to Cerber Domain (43wjor . top) (trojan.rules) 2821439 - ETPRO TROJAN DNS Query to Cerber Domain (4ynpjd . top) (trojan.rules) 2821440 - ETPRO POLICY DNS Query to .onion proxy Domain (62er3d.top) (policy.rules) 2821441 - ETPRO TROJAN DNS Query to Cerber Domain (67j6ht . top) (trojan.rules) 2821442 - ETPRO POLICY DNS Query to .onion proxy Domain (6ntrb6.top) (policy.rules) 2821443 - ETPRO POLICY DNS Query to .onion proxy Domain (7u8b59.top) (policy.rules) 2821444 - ETPRO POLICY DNS Query to .onion proxy Domain (a4coac.top) (policy.rules) 2821445 - ETPRO TROJAN DNS Query to Cerber Domain (ageshere . club) (trojan.rules) 2821446 - ETPRO TROJAN DNS Query to Cerber Domain (anypicked . red) (trojan.rules) 2821451 - ETPRO TROJAN DNS Query to Cerber Domain (apwzbe . top) (trojan.rules) 2821452 - ETPRO POLICY DNS Query to .onion proxy Domain (ar8msb.top) (policy.rules) 2821453 - ETPRO TROJAN DNS Query to Cerber Domain (aredark . mobi) (trojan.rules) 2821454 - ETPRO TROJAN DNS Query to Cerber Domain (barberryshin . casa) (trojan.rules) 2821455 - ETPRO TROJAN DNS Query to Cerber Domain (biologyup . date) (trojan.rules) 2821456 - ETPRO TROJAN DNS Query to Cerber Domain (bnctf6 . top) (trojan.rules) 2821457 - ETPRO TROJAN DNS Query to Cerber Domain (bookjumps . us) (trojan.rules) 2821458 - ETPRO TROJAN DNS Query to Cerber Domain (boxsame . kim) (trojan.rules) 2821459 - ETPRO POLICY DNS Query to .onion proxy Domain (cgf59i.top) (policy.rules) 2821460 - ETPRO TROJAN DNS Query to Cerber Domain (clockhate . loan) (trojan.rules) 2821461 - ETPRO TROJAN DNS Query to Cerber Domain (costlady . pw) (trojan.rules) 2821462 - ETPRO TROJAN DNS Query to Cerber Domain (crispkey . mobi) (trojan.rules) 2821463 - ETPRO POLICY DNS Query to .onion proxy Domain (csj0k5.top) (policy.rules) 2821464 - ETPRO POLICY DNS Query to .onion proxy Domain (daigy0.top) (policy.rules) 2821465 - ETPRO TROJAN DNS Query to Cerber Domain (dd4xo3 . top) (trojan.rules) 2821466 - ETPRO TROJAN DNS Query to Cerber Domain (dkrie7 . top) (trojan.rules) 2821467 - ETPRO TROJAN DNS Query to Cerber Domain (dkro3u . top) (trojan.rules) 2821468 - ETPRO TROJAN DNS Query to Cerber Domain (doggain . mobi) (trojan.rules) 2821469 - ETPRO TROJAN DNS Query to Cerber Domain (dozensby . loan) (trojan.rules) 2821470 - ETPRO TROJAN DNS Query to Cerber Domain (eatsdeal . black) (trojan.rules) 2821480 - ETPRO TROJAN DNS Query to Cerber Domain (fewbreaks . club) (trojan.rules) 2821481 - ETPRO TROJAN DNS Query to Cerber Domain (fishtotal . bid) (trojan.rules) 2821482 - ETPRO TROJAN DNS Query to Cerber Domain (flewleast . link) (trojan.rules) 2821483 - ETPRO TROJAN DNS Query to Cerber Domain (flyingsix . red) (trojan.rules) 2821484 - ETPRO TROJAN DNS Query to Cerber Domain (folkturns . date) (trojan.rules) 2821485 - ETPRO TROJAN DNS Query to Cerber Domain (g9tneb . top) (trojan.rules) 2821486 - ETPRO TROJAN DNS Query to Cerber Domain (gameswarm . loan) (trojan.rules) 2821487 - ETPRO POLICY DNS Query to .onion proxy Domain (gc4n2c.top) (policy.rules) 2821488 - ETPRO TROJAN DNS Query to Cerber Domain (gnee6i . top) (trojan.rules) 2821489 - ETPRO TROJAN DNS Query to Cerber Domain (gonesolve . lol) (trojan.rules) 2821490 - ETPRO TROJAN DNS Query to Cerber Domain (gpy3tc . top) (trojan.rules) 2821491 - ETPRO TROJAN DNS Query to Cerber Domain (groupline . info) (trojan.rules) 2821492 - ETPRO TROJAN DNS Query to Cerber Domain (gtnfgj . top) (trojan.rules) 2821493 - ETPRO TROJAN DNS Query to Cerber Domain (hf60kb . top) (trojan.rules) 2821494 - ETPRO TROJAN DNS Query to Cerber Domain (hw7o9w . top) (trojan.rules) 2821495 - ETPRO TROJAN DNS Query to Cerber Domain (iixz3g . top) (trojan.rules) 2821496 - ETPRO TROJAN DNS Query to Cerber Domain (innerband . lol) (trojan.rules) 2821497 - ETPRO TROJAN DNS Query to Cerber Domain (jn8ncm . top) (trojan.rules) 2821498 - ETPRO TROJAN DNS Query to Cerber Domain (jumplived . in) (trojan.rules) 2821499 - ETPRO POLICY DNS Query to .onion proxy Domain (k9z7pm.top) (policy.rules) 2821500 - ETPRO TROJAN DNS Query to Cerber Domain (knowhands . us) (trojan.rules) 2821501 - ETPRO TROJAN DNS Query to Cerber Domain (kswcuk . top) (trojan.rules) 2821502 - ETPRO POLICY DNS Query to .onion proxy Domain (kzo8mc.top) (policy.rules) 2821503 - ETPRO TROJAN DNS Query to Cerber Domain (liescale . in) (trojan.rules) 2821504 - ETPRO TROJAN DNS Query to Cerber Domain (lorrydo . lol) (trojan.rules) 2821505 - ETPRO POLICY DNS Query to .onion proxy Domain (lowallmoneypool.com) (policy.rules) 2821506 - ETPRO TROJAN DNS Query to Cerber Domain (metmet . win) (trojan.rules) 2821507 - ETPRO TROJAN DNS Query to Cerber Domain (mileslook . pro) (trojan.rules) 2821508 - ETPRO TROJAN DNS Query to Cerber Domain (msu96b . top) (trojan.rules) 2821509 - ETPRO POLICY DNS Query to .onion proxy Domain (n80yab.top) (policy.rules) 2821510 - ETPRO TROJAN DNS Query to Cerber Domain (nearlybut . us) (trojan.rules) 2821511 - ETPRO TROJAN DNS Query to Cerber Domain (needmight . win) (trojan.rules) 2821512 - ETPRO TROJAN DNS Query to Cerber Domain (nextask . loan) (trojan.rules) 2821513 - ETPRO TROJAN DNS Query to Cerber Domain (nfgpeb . top) (trojan.rules) 2821514 - ETPRO TROJAN DNS Query to Cerber Domain (ninedraws . black) (trojan.rules) 2821515 - ETPRO TROJAN DNS Query to Cerber Domain (nowants . pw) (trojan.rules) 2821516 - ETPRO TROJAN DNS Query to Cerber Domain (og5ezh . top) (trojan.rules) 2821517 - ETPRO TROJAN DNS Query to Cerber Domain (plambers . bid) (trojan.rules) 2821518 - ETPRO TROJAN DNS Query to Cerber Domain (plotbet . gdn) (trojan.rules) 2821519 - ETPRO TROJAN DNS Query to Cerber Domain (powersno . link) (trojan.rules) 2821532 - ETPRO TROJAN DNS Query to Cerber Domain (redefined . click) (trojan.rules) 2821533 - ETPRO TROJAN DNS Query to Cerber Domain (relyleafs . click) (trojan.rules) 2821534 - ETPRO TROJAN DNS Query to Cerber Domain (ridsimply . top) (trojan.rules) 2821535 - ETPRO TROJAN DNS Query to Cerber Domain (rl0bdw . top) (trojan.rules) 2821536 - ETPRO POLICY DNS Query to .onion proxy Domain (rnkj09.top) (policy.rules) 2821537 - ETPRO TROJAN DNS Query to Cerber Domain (sayssales . bid) (trojan.rules) 2821538 - ETPRO TROJAN DNS Query to Cerber Domain (seenmust . pro) (trojan.rules) 2821539 - ETPRO TROJAN DNS Query to Cerber Domain (sk8r54 . top) (trojan.rules) 2821540 - ETPRO TROJAN DNS Query to Cerber Domain (ssd5gt . top) (trojan.rules) 2821541 - ETPRO TROJAN DNS Query to Cerber Domain (stopsage . gdn) (trojan.rules) 2821542 - ETPRO TROJAN DNS Query to Cerber Domain (thanreal . link) (trojan.rules) 2821543 - ETPRO TROJAN DNS Query to Cerber Domain (themevery . win) (trojan.rules) 2821544 - ETPRO TROJAN DNS Query to Cerber Domain (topicside . club) (trojan.rules) 2821545 - ETPRO TROJAN DNS Query to Cerber Domain (v11z5e . top) (trojan.rules) 2821546 - ETPRO TROJAN DNS Query to Cerber Domain (variedtax . kim) (trojan.rules) 2821547 - ETPRO TROJAN DNS Query to Cerber Domain (vkm4l6 . top) (trojan.rules) 2821548 - ETPRO POLICY DNS Query to .onion proxy Domain (wht5py.top) (policy.rules) 2821549 - ETPRO POLICY DNS Query to .onion proxy Domain (wishsends.mobi) (policy.rules) 2821550 - ETPRO TROJAN DNS Query to Cerber Domain (wonrough . in) (trojan.rules) 2821551 - ETPRO TROJAN DNS Query to Cerber Domain (worsemine . pro) (trojan.rules) 2821552 - ETPRO TROJAN DNS Query to Cerber Domain (wz139z . top) (trojan.rules) 2821553 - ETPRO POLICY DNS Query to .onion proxy Domain (xab7m0.top) (policy.rules) 2821554 - ETPRO TROJAN DNS Query to Cerber Domain (y721yz . top) (trojan.rules) 2821555 - ETPRO POLICY DNS Query to .onion proxy Domain (yw4629.top) (policy.rules) 2821556 - ETPRO TROJAN DNS Query to Cerber Domain (z7ud98 . top) (trojan.rules) 2821588 - ETPRO TROJAN Unknown .onion Proxy Domain (trojan.rules) 2821622 - ETPRO TROJAN Python/SupAgent .onion Proxy Domain (trojan.rules) 2821689 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 5 (mobile_malware.rules) 2821690 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 6 (mobile_malware.rules) 2821698 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 7 (mobile_malware.rules) 2821721 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 8 (mobile_malware.rules) 2821722 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 9 (mobile_malware.rules) 2821754 - ETPRO INFO DYNAMIC_DNS Query to a Suspicious now-ip Domain (info.rules) 2821766 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821780 - ETPRO TROJAN Ransomware Alma Locker .onion Proxy Domain (trojan.rules) 2821781 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821782 - ETPRO TROJAN Sefnit .onion Proxy Domain (trojan.rules) 2821783 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821784 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821785 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821786 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821787 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821788 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821802 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2821817 - ETPRO TROJAN Ransomware CTB-Locker .onion Proxy Domain (trojan.rules) 2821844 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 10 (mobile_malware.rules) 2821923 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.my) (policy.rules) 2821924 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.tech) (policy.rules) 2821925 - ETPRO POLICY DNS Query to .onion proxy Domain (hiddenservice.net) (policy.rules) 2821926 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.cl) (policy.rules) 2821927 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.it) (policy.rules) 2821928 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.ink) (policy.rules) 2821929 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.live) (policy.rules) 2821930 - ETPRO POLICY DNS Query to .onion proxy Domain (torlink.co) (policy.rules) 2821931 - ETPRO POLICY DNS Query to .onion proxy Domain (tor2.club) (policy.rules) 2821932 - ETPRO POLICY DNS Query to .onion proxy Domain (onion.co) (policy.rules) 2821933 - ETPRO TROJAN ReverseShell Download .onion Proxy Domain (trojan.rules) 2821934 - ETPRO TROJAN Meterpreter .onion Proxy Domain (trojan.rules) 2821951 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821999 - ETPRO TROJAN Cry Ransomware Onion Domain Lookup (trojan.rules) 2822008 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.n DNS Lookup (mobile_malware.rules) 2822032 - ETPRO TROJAN Ransomware/Poshcoder Onion Domain Lookup (trojan.rules) 2822062 - ETPRO TROJAN Possible APT3 DNS Lookup (trojan.rules) 2822063 - ETPRO TROJAN Possible APT3 DNS Lookup (trojan.rules) 2822064 - ETPRO TROJAN Possible APT3 DNS Lookup (trojan.rules) 2822065 - ETPRO TROJAN Possible APT3 DNS Lookup (trojan.rules) 2822091 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.q DNS Lookup (mobile_malware.rules) 2822139 - ETPRO TROJAN Possible Remcos/Remvio DNS Lookup (trojan.rules) 2822140 - ETPRO TROJAN Possible Remcos/Remvio DNS Lookup (trojan.rules) 2822141 - ETPRO TROJAN Possible Remcos/Remvio DNS Lookup (trojan.rules) 2822161 - ETPRO TROJAN Win32/Agent.XTP .onion Proxy Domain (trojan.rules) 2822182 - ETPRO TROJAN Bolek CnC DNS Lookup (trojan.rules) 2822192 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 11 (mobile_malware.rules) 2822193 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 12 (mobile_malware.rules) 2822194 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 13 (mobile_malware.rules) 2822200 - ETPRO TROJAN Shifu DNS Request (trojan.rules) 2822204 - ETPRO TROJAN APT28 Likely EK DNS Lookup (trojan.rules) 2822205 - ETPRO TROJAN Known Spam Domain DNS Lookup (trojan.rules) 2822206 - ETPRO TROJAN APT28 Likely CnC DNS Lookup (trojan.rules) 2822207 - ETPRO TROJAN APT28 Likely XAgent DNS Lookup (trojan.rules) 2822208 - ETPRO TROJAN APT28 Likely XAgent DNS Lookup (trojan.rules) 2822210 - ETPRO TROJAN Shade/Troldesh .onion Proxy C2 Domain (m77mb3hcftljwrom) (trojan.rules) 2822214 - ETPRO TROJAN Shade/Troldesh .onion Proxy Payment Domain (cryptsen7fo43rr6) (trojan.rules) 2822215 - ETPRO TROJAN Shade/Troldesh .onion Proxy Payment Domain (cryptorz76e7vuik) (trojan.rules) 2822234 - ETPRO TROJAN Observed DNS Query (Zeus Panda) (trojan.rules) 2822239 - ETPRO TROJAN Ransomware.MarsJoke .onion Proxy Domain (trojan.rules) 2822256 - ETPRO TROJAN Unlock92 Ransomware .onion Proxy Payment Domain (ezulxxtwqos5g736) (trojan.rules) 2822261 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822262 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822263 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822264 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822265 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822266 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822267 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822268 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822269 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822270 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822271 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822272 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822273 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822274 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822275 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822276 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822277 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822278 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822279 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822280 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822281 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822354 - ETPRO INFO DNS Query to server.com (Possible Misconfiguration) (info.rules) 2822382 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822383 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822397 - ETPRO TROJAN Zbot!CI .onion Proxy Domain (trojan.rules) 2822404 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.p DNS Lookup (mobile_malware.rules) 2822405 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822406 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822408 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822409 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822410 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822411 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822412 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822454 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822455 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822456 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822500 - ETPRO TROJAN APT28 Stage1 Uploader DNS Lookup (trojan.rules) 2822501 - ETPRO TROJAN APT28 Stage1 Uploader DNS Lookup (trojan.rules) 2822509 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822510 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822511 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822512 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822513 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822514 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822515 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822516 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822544 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Rittew.a DNS Lookup (mobile_malware.rules) 2822545 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Rittew.a DNS Lookup (mobile_malware.rules) 2822546 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822548 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.q DNS Lookup (mobile_malware.rules) 2822557 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822558 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822608 - ETPRO TROJAN DNS Query to Cerber Domain (u2r7tm . bid) (trojan.rules) 2822609 - ETPRO TROJAN DNS Query to Cerber Domain (gvoafg . bid) (trojan.rules) 2822610 - ETPRO TROJAN DNS Query to Cerber Domain (zbj2kc . bid) (trojan.rules) 2822611 - ETPRO TROJAN DNS Query to Cerber Domain (2y4t6f . bid) (trojan.rules) 2822612 - ETPRO TROJAN DNS Query to Cerber Domain (w6sj06 . bid) (trojan.rules) 2822613 - ETPRO TROJAN DNS Query to Cerber Domain (8zi4pf . bid) (trojan.rules) 2822614 - ETPRO TROJAN DNS Query to Cerber Domain (tauunm . bid) (trojan.rules) 2822616 - ETPRO TROJAN DNS Query to Cerber Domain (vmotsf . bid) (trojan.rules) 2822617 - ETPRO TROJAN DNS Query to Cerber Domain (drawsif . loan) (trojan.rules) 2822648 - ETPRO TROJAN DNS Query to Cerber Domain (bipnnp . bid) (trojan.rules) 2822649 - ETPRO TROJAN DNS Query to Cerber Domain (y12acl . bid) (trojan.rules) 2822650 - ETPRO TROJAN DNS Query to Cerber Domain (whomate . red) (trojan.rules) 2822651 - ETPRO TROJAN DNS Query to Cerber Domain (samesizes . asia) (trojan.rules) 2822652 - ETPRO TROJAN DNS Query to Cerber Domain (outpolicy . men) (trojan.rules) 2822653 - ETPRO TROJAN DNS Query to Cerber Domain (easyits . black) (trojan.rules) 2822654 - ETPRO TROJAN DNS Query to Cerber Domain (5ctoeb . bid) (trojan.rules) 2822655 - ETPRO TROJAN DNS Query to Cerber Domain (g948g1 . bid) (trojan.rules) 2822656 - ETPRO TROJAN DNS Query to Cerber Domain (rexjyp . bid) (trojan.rules) 2822657 - ETPRO TROJAN DNS Query to Cerber Domain (fx4wz2 . top) (trojan.rules) 2822673 - ETPRO TROJAN DNS Query to Cerber Domain (kb6051 . bid) (trojan.rules) 2822674 - ETPRO TROJAN DNS Query to Cerber Domain (oldboxs . red) (trojan.rules) 2822675 - ETPRO TROJAN DNS Query to Cerber Domain (hhc366 . bid) (trojan.rules) 2822676 - ETPRO TROJAN DNS Query to Cerber Domain (ev99ln . bid) (trojan.rules) 2822677 - ETPRO TROJAN DNS Query to Cerber Domain (homehuge . top) (trojan.rules) 2822678 - ETPRO TROJAN DNS Query to Cerber Domain (flowpoint . black) (trojan.rules) 2822679 - ETPRO TROJAN DNS Query to Cerber Domain (onlyprove . top) (trojan.rules) 2822681 - ETPRO TROJAN DNS Query to Cerber Domain (249isv . bid) (trojan.rules) 2822682 - ETPRO TROJAN DNS Query to Cerber Domain (pfija1 . bid) (trojan.rules) 2822698 - ETPRO TROJAN DNS Query to Cerber Domain (io9ygi . bid) (trojan.rules) 2822699 - ETPRO TROJAN DNS Query to Cerber Domain (tolgens . black) (trojan.rules) 2822700 - ETPRO TROJAN DNS Query to Cerber Domain (wheelball . black) (trojan.rules) 2822701 - ETPRO TROJAN DNS Query to Cerber Domain (vpsj40 . top) (trojan.rules) 2822702 - ETPRO TROJAN DNS Query to Cerber Domain (yoursdoor . lol) (trojan.rules) 2822703 - ETPRO TROJAN DNS Query to Cerber Domain (patchmans . gdn) (trojan.rules) 2822704 - ETPRO TROJAN DNS Query to Cerber Domain (065ism . bid) (trojan.rules) 2822705 - ETPRO TROJAN DNS Query to Cerber Domain (getsbug . kim) (trojan.rules) 2822706 - ETPRO TROJAN DNS Query to Cerber Domain (stageend . link) (trojan.rules) 2822707 - ETPRO TROJAN DNS Query to Cerber Domain (hotcopies . bid) (trojan.rules) 2822721 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822736 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822739 - ETPRO TROJAN DNS Query to Cerber Domain (2ym6om . bid) (trojan.rules) 2822740 - ETPRO TROJAN DNS Query to Cerber Domain (06boy8 . bid) (trojan.rules) 2822741 - ETPRO TROJAN DNS Query to Cerber Domain (zmfhjr . top) (trojan.rules) 2822742 - ETPRO TROJAN DNS Query to Cerber Domain (holescase . pw) (trojan.rules) 2822743 - ETPRO TROJAN DNS Query to Cerber Domain (tankplain . date) (trojan.rules) 2822744 - ETPRO TROJAN DNS Query to Cerber Domain (n41n1a . top) (trojan.rules) 2822745 - ETPRO TROJAN DNS Query to Cerber Domain (storingus . gdn) (trojan.rules) 2822746 - ETPRO TROJAN DNS Query to Cerber Domain (piitem . in) (trojan.rules) 2822747 - ETPRO TROJAN DNS Query to Cerber Domain (jvrh8g . bid) (trojan.rules) 2822748 - ETPRO TROJAN DNS Query to Cerber Domain (laterugly . win) (trojan.rules) 2822761 - ETPRO TROJAN DNS Query to Cerber Domain (eventeach . gdn) (trojan.rules) 2822762 - ETPRO TROJAN DNS Query to Cerber Domain (gg4dgp . bid) (trojan.rules) 2822763 - ETPRO TROJAN DNS Query to Cerber Domain (dsv023 . bid) (trojan.rules) 2822764 - ETPRO TROJAN DNS Query to Cerber Domain (uwckha . bid) (trojan.rules) 2822765 - ETPRO TROJAN DNS Query to Cerber Domain (metpast . date) (trojan.rules) 2822766 - ETPRO TROJAN DNS Query to Cerber Domain (phasetied . pw) (trojan.rules) 2822767 - ETPRO TROJAN DNS Query to Cerber Domain (gnuvaw . bid) (trojan.rules) 2822768 - ETPRO TROJAN DNS Query to Cerber Domain (shiftany . date) (trojan.rules) 2822769 - ETPRO TROJAN DNS Query to Cerber Domain (choiceher . win) (trojan.rules) 2822770 - ETPRO TROJAN DNS Query to Cerber Domain (9tftgh . bid) (trojan.rules) 2822778 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822779 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822780 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822791 - ETPRO TROJAN DNS Query to Cerber Domain (ledreject . pw) (trojan.rules) 2822792 - ETPRO TROJAN DNS Query to Cerber Domain (7j6htz . bid) (trojan.rules) 2822793 - ETPRO TROJAN DNS Query to Cerber Domain (sitcalls . us) (trojan.rules) 2822794 - ETPRO TROJAN DNS Query to Cerber Domain (8a0sf6 . top) (trojan.rules) 2822795 - ETPRO TROJAN DNS Query to Cerber Domain (lesstree . info) (trojan.rules) 2822796 - ETPRO TROJAN DNS Query to Cerber Domain (w0ii21 . bid) (trojan.rules) 2822797 - ETPRO TROJAN DNS Query to Cerber Domain (en3oyw . bid) (trojan.rules) 2822798 - ETPRO TROJAN DNS Query to Cerber Domain (apreserve . asia) (trojan.rules) 2822799 - ETPRO TROJAN DNS Query to Cerber Domain (t01jw0 . bid) (trojan.rules) 2822800 - ETPRO TROJAN DNS Query to Cerber Domain (xvstbw . bid) (trojan.rules) 2822862 - ETPRO TROJAN DNS Query to Cerber Domain (spotsvia . top) (trojan.rules) 2822863 - ETPRO TROJAN DNS Query to Cerber Domain (opposemod . one) (trojan.rules) 2822864 - ETPRO TROJAN DNS Query to Cerber Domain (2gbbja . top) (trojan.rules) 2822865 - ETPRO TROJAN DNS Query to Cerber Domain (wrd4fo . top) (trojan.rules) 2822866 - ETPRO TROJAN DNS Query to Cerber Domain (asfall . in) (trojan.rules) 2822867 - ETPRO TROJAN DNS Query to Cerber Domain (m33d4b . bid) (trojan.rules) 2822868 - ETPRO TROJAN DNS Query to Cerber Domain (gapplayed . link) (trojan.rules) 2822869 - ETPRO TROJAN DNS Query to Cerber Domain (hurryball . asia) (trojan.rules) 2822870 - ETPRO TROJAN DNS Query to Cerber Domain (ij0cia . bid) (trojan.rules) 2822871 - ETPRO TROJAN DNS Query to Cerber Domain (7wrwp4 . top) (trojan.rules) 2822881 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822882 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822883 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822884 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822906 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2822907 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2822913 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822917 - ETPRO TROJAN DNS Query to Cerber Domain (o8hpwj . bid) (trojan.rules) 2822918 - ETPRO TROJAN DNS Query to Cerber Domain (pushstory . bid) (trojan.rules) 2822919 - ETPRO TROJAN DNS Query to Cerber Domain (chaingame . info) (trojan.rules) 2822920 - ETPRO TROJAN DNS Query to Cerber Domain (1h37ce . top) (trojan.rules) 2822921 - ETPRO TROJAN DNS Query to Cerber Domain (f3z72p . bid) (trojan.rules) 2822922 - ETPRO TROJAN DNS Query to Cerber Domain (msf27y . bid) (trojan.rules) 2822923 - ETPRO TROJAN DNS Query to Cerber Domain (gio6f6 . bid) (trojan.rules) 2822924 - ETPRO TROJAN DNS Query to Cerber Domain (goodslet . win) (trojan.rules) 2822925 - ETPRO TROJAN DNS Query to Cerber Domain (charhesare . mobi) (trojan.rules) 2822926 - ETPRO TROJAN DNS Query to Cerber Domain (7156et . bid) (trojan.rules) 2822927 - ETPRO POLICY DNS Query to .onion proxy Domain (deballmoneypool.com) (policy.rules) 2822928 - ETPRO POLICY DNS Query to .onion proxy Domain (toysworlds.at) (policy.rules) 2822929 - ETPRO POLICY DNS Query to .onion proxy Domain (torhelper.pl) (policy.rules) 2822930 - ETPRO POLICY DNS Query to .onion proxy Domain (bigclear.at) (policy.rules) 2822931 - ETPRO POLICY DNS Query to .onion proxy Domain (tormidle.at) (policy.rules) 2822950 - ETPRO TROJAN Observed DNS Request for ShinoLocker Ransomware Domain (trojan.rules) 2822957 - ETPRO TROJAN DNS Query to Cerber Domain (67my9k . bid) (trojan.rules) 2822958 - ETPRO TROJAN DNS Query to Cerber Domain (mn1kms . bid) (trojan.rules) 2822959 - ETPRO TROJAN DNS Query to Cerber Domain (ywoi5n . bid) (trojan.rules) 2822960 - ETPRO TROJAN DNS Query to Cerber Domain (sxjdpg . bid) (trojan.rules) 2822962 - ETPRO TROJAN DNS Query to Cerber Domain (s7jadj . bid) (trojan.rules) 2822963 - ETPRO TROJAN DNS Query to Cerber Domain (areasput . link) (trojan.rules) 2822964 - ETPRO TROJAN DNS Query to Cerber Domain (yfr0o1 . bid) (trojan.rules) 2822965 - ETPRO TROJAN DNS Query to Cerber Domain (veupl2 . top) (trojan.rules) 2822966 - ETPRO TROJAN DNS Query to Cerber Domain (cutslifes . bid) (trojan.rules) 2822973 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822974 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822975 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822976 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822990 - ETPRO TROJAN DNS Query to Cerber Domain (t1r4ut . bid) (trojan.rules) 2822991 - ETPRO TROJAN DNS Query to Cerber Domain (ye42cp . bid) (trojan.rules) 2822992 - ETPRO TROJAN DNS Query to Cerber Domain (k8ytej . bid) (trojan.rules) 2822993 - ETPRO TROJAN DNS Query to Cerber Domain (cokacg . bid) (trojan.rules) 2822994 - ETPRO TROJAN DNS Query to Cerber Domain (x9a6yb . bid) (trojan.rules) 2822995 - ETPRO TROJAN DNS Query to Cerber Domain (u50s89 . bid) (trojan.rules) 2822996 - ETPRO TROJAN DNS Query to Cerber Domain (leastoff . us) (trojan.rules) 2822997 - ETPRO TROJAN DNS Query to Cerber Domain (ibngww . top) (trojan.rules) 2822998 - ETPRO TROJAN DNS Query to Cerber Domain (fi50le . bid) (trojan.rules) 2822999 - ETPRO TROJAN DNS Query to Cerber Domain (ojesoa . bid) (trojan.rules) 2823000 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823001 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823002 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823025 - ETPRO TROJAN DNS Query to Cerber Domain (iiujsy . bid) (trojan.rules) 2823026 - ETPRO TROJAN DNS Query to Cerber Domain (mustspace . us) (trojan.rules) 2823027 - ETPRO TROJAN DNS Query to Cerber Domain (someputt . bid) (trojan.rules) 2823028 - ETPRO TROJAN DNS Query to Cerber Domain (5ggovj . bid) (trojan.rules) 2823029 - ETPRO TROJAN DNS Query to Cerber Domain (54vw9b . bid) (trojan.rules) 2823030 - ETPRO TROJAN DNS Query to Cerber Domain (n8niwa . bid) (trojan.rules) 2823031 - ETPRO TROJAN DNS Query to Cerber Domain (8kcfnk . bid) (trojan.rules) 2823032 - ETPRO TROJAN DNS Query to Cerber Domain (zp9i1l . bid) (trojan.rules) 2823033 - ETPRO TROJAN DNS Query to Cerber Domain (zda7bk . top) (trojan.rules) 2823034 - ETPRO TROJAN DNS Query to Cerber Domain (4pjetv . bid) (trojan.rules) 2823036 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823037 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823038 - ETPRO TROJAN Observed APT28/Sofacy DNS Query (trojan.rules) 2823047 - ETPRO TROJAN DNS Query to Cerber Domain (nxmu0x . bid) (trojan.rules) 2823048 - ETPRO TROJAN DNS Query to Cerber Domain (5r1sol . bid) (trojan.rules) 2823049 - ETPRO TROJAN DNS Query to Cerber Domain (8hphyr . top) (trojan.rules) 2823050 - ETPRO TROJAN DNS Query to Cerber Domain (x43d02 . top) (trojan.rules) 2823051 - ETPRO TROJAN DNS Query to Cerber Domain (zmr4fn . bid) (trojan.rules) 2823052 - ETPRO TROJAN DNS Query to Cerber Domain (y5j7e6 . top) (trojan.rules) 2823053 - ETPRO TROJAN DNS Query to Cerber Domain (packetair . us) (trojan.rules) 2823054 - ETPRO TROJAN DNS Query to Cerber Domain (boxmodern . date) (trojan.rules) 2823055 - ETPRO TROJAN DNS Query to Cerber Domain (7asel7 . top) (trojan.rules) 2823056 - ETPRO TROJAN DNS Query to Cerber Domain (iait3w . bid) (trojan.rules) 2823057 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823062 - ETPRO TROJAN DNS Query to Cerber Domain (3do9h1 . bid) (trojan.rules) 2823063 - ETPRO TROJAN DNS Query to Cerber Domain (whmykv . bid) (trojan.rules) 2823064 - ETPRO TROJAN DNS Query to Cerber Domain (cc0r87 . bid) (trojan.rules) 2823065 - ETPRO TROJAN DNS Query to Cerber Domain (4xiiup . bid) (trojan.rules) 2823066 - ETPRO TROJAN DNS Query to Cerber Domain (wl52rt . bid) (trojan.rules) 2823067 - ETPRO TROJAN DNS Query to Cerber Domain (x9le66 . top) (trojan.rules) 2823068 - ETPRO TROJAN DNS Query to Cerber Domain (endsdoubt . loan) (trojan.rules) 2823069 - ETPRO TROJAN DNS Query to Cerber Domain (childsten . site) (trojan.rules) 2823070 - ETPRO TROJAN DNS Query to Cerber Domain (myaddress . link) (trojan.rules) 2823071 - ETPRO TROJAN DNS Query to Cerber Domain (56185u . bid) (trojan.rules) 2823073 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823074 - ETPRO TROJAN APT28 Unknown C2 DNS Lookup (trojan.rules) 2823080 - ETPRO TROJAN DNS Query to Cerber Domain (j8873f . bid) (trojan.rules) 2823081 - ETPRO TROJAN DNS Query to Cerber Domain (rg51ik . bid) (trojan.rules) 2823082 - ETPRO TROJAN DNS Query to Cerber Domain (eventsresg . info) (trojan.rules) 2823083 - ETPRO TROJAN DNS Query to Cerber Domain (hossy5 . bid) (trojan.rules) 2823084 - ETPRO TROJAN DNS Query to Cerber Domain (31wkhu . top) (trojan.rules) 2823085 - ETPRO TROJAN DNS Query to Cerber Domain (gi49w8 . bid) (trojan.rules) 2823086 - ETPRO TROJAN DNS Query to Cerber Domain (7iups0 . top) (trojan.rules) 2823087 - ETPRO TROJAN DNS Query to Cerber Domain (pbpju9 . bid) (trojan.rules) 2823088 - ETPRO TROJAN DNS Query to Cerber Domain (r21wmw . top) (trojan.rules) 2823089 - ETPRO TROJAN DNS Query to Cerber Domain (dks71o . bid) (trojan.rules) 2823090 - ETPRO TROJAN APT28 EK DNS Lookup (trojan.rules) 2823091 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823094 - ETPRO TROJAN Ransomware Locky .onion Payment Domain (mwddgguaa5rj7b54) (trojan.rules) 2823095 - ETPRO TROJAN APT28 EK DNS Lookup (trojan.rules) 2823096 - ETPRO TROJAN APT28 EK DNS Lookup (trojan.rules) 2823105 - ETPRO TROJAN DNS Query to Cerber Domain (d4u711 . bid) (trojan.rules) 2823106 - ETPRO TROJAN DNS Query to Cerber Domain (js43vy . bid) (trojan.rules) 2823108 - ETPRO TROJAN DNS Query to Cerber Domain (rbrkng . bid) (trojan.rules) 2823109 - ETPRO TROJAN DNS Query to Cerber Domain (gmnjzj . bid) (trojan.rules) 2823110 - ETPRO TROJAN DNS Query to Cerber Domain (liesshall . bid) (trojan.rules) 2823111 - ETPRO TROJAN DNS Query to Cerber Domain (cv3fdi . bid) (trojan.rules) 2823112 - ETPRO TROJAN DNS Query to Cerber Domain (unzcm1 . bid) (trojan.rules) 2823113 - ETPRO TROJAN DNS Query to Cerber Domain (vx5whc . bid) (trojan.rules) 2823119 - ETPRO TROJAN DNS Query to Cerber Domain (itdrink . club) (trojan.rules) 2823120 - ETPRO TROJAN DNS Query to Cerber Domain (jal9lk . bid) (trojan.rules) 2823121 - ETPRO TROJAN DNS Query to Cerber Domain (0ndl3j . bid) (trojan.rules) 2823122 - ETPRO TROJAN DNS Query to Cerber Domain (t0su8p . bid) (trojan.rules) 2823123 - ETPRO TROJAN DNS Query to Cerber Domain (yg767p . bid) (trojan.rules) 2823124 - ETPRO TROJAN DNS Query to Cerber Domain (goshare . red) (trojan.rules) 2823125 - ETPRO TROJAN DNS Query to Cerber Domain (fgzgvw . bid) (trojan.rules) 2823126 - ETPRO TROJAN DNS Query to Cerber Domain (bipa9k . bid) (trojan.rules) 2823127 - ETPRO TROJAN DNS Query to Cerber Domain (9473jk . top) (trojan.rules) 2823128 - ETPRO TROJAN DNS Query to Cerber Domain (69ju9u . bid) (trojan.rules) 2823174 - ETPRO TROJAN Enigma Ransomware Payment Domain (trojan.rules) 2823176 - ETPRO TROJAN DNS Query to Cerber Domain (5tb8hy . bid) (trojan.rules) 2823177 - ETPRO TROJAN DNS Query to Cerber Domain (cto5ee . bid) (trojan.rules) 2823178 - ETPRO TROJAN DNS Query to Cerber Domain (fvzhoo . bid) (trojan.rules) 2823179 - ETPRO TROJAN DNS Query to Cerber Domain (bj64gv . bid) (trojan.rules) 2823180 - ETPRO TROJAN DNS Query to Cerber Domain (wasf56 . bid) (trojan.rules) 2823181 - ETPRO TROJAN DNS Query to Cerber Domain (fundpoem . mobi) (trojan.rules) 2823182 - ETPRO TROJAN DNS Query to Cerber Domain (sotn58 . bid) (trojan.rules) 2823183 - ETPRO TROJAN DNS Query to Cerber Domain (enanhb . bid) (trojan.rules) 2823184 - ETPRO TROJAN DNS Query to Cerber Domain (dierepair . top) (trojan.rules) 2823185 - ETPRO TROJAN DNS Query to Cerber Domain (26ahte . bid) (trojan.rules) 2823188 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823189 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823190 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823191 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823205 - ETPRO TROJAN DNS Query to Cerber Domain (z6a7f1 . bid) (trojan.rules) 2823206 - ETPRO TROJAN DNS Query to Cerber Domain (seemby . loan) (trojan.rules) 2823207 - ETPRO TROJAN DNS Query to Cerber Domain (zn90h4 . bid) (trojan.rules) 2823208 - ETPRO TROJAN DNS Query to Cerber Domain (csv7o6 . bid) (trojan.rules) 2823209 - ETPRO TROJAN DNS Query to Cerber Domain (yjy5dr . bid) (trojan.rules) 2823210 - ETPRO TROJAN DNS Query to Cerber Domain (j0n83w . bid) (trojan.rules) 2823211 - ETPRO TROJAN DNS Query to Cerber Domain (hlexdu . bid) (trojan.rules) 2823212 - ETPRO TROJAN DNS Query to Cerber Domain (n20b1c . top) (trojan.rules) 2823213 - ETPRO TROJAN DNS Query to Cerber Domain (7barzc . bid) (trojan.rules) 2823214 - ETPRO TROJAN DNS Query to Cerber Domain (aclox4 . bid) (trojan.rules) 2823220 - ETPRO TROJAN DNS Query to Cerber Domain (w8yolm . bid) (trojan.rules) 2823221 - ETPRO TROJAN DNS Query to Cerber Domain (91006j . bid) (trojan.rules) 2823222 - ETPRO TROJAN DNS Query to Cerber Domain (nh47ri . bid) (trojan.rules) 2823223 - ETPRO TROJAN DNS Query to Cerber Domain (d3j2xd . bid) (trojan.rules) 2823224 - ETPRO TROJAN DNS Query to Cerber Domain (djintc . bid) (trojan.rules) 2823225 - ETPRO TROJAN DNS Query to Cerber Domain (uhi7to . bid) (trojan.rules) 2823226 - ETPRO TROJAN DNS Query to Cerber Domain (payours . men) (trojan.rules) 2823228 - ETPRO TROJAN DNS Query to Cerber Domain (wf9li1 . bid) (trojan.rules) 2823229 - ETPRO TROJAN DNS Query to Cerber Domain (f0jlbj . bid) (trojan.rules) 2823249 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2823276 - ETPRO TROJAN DNS Query to Cerber Domain (51a47u . bid) (trojan.rules) 2823277 - ETPRO TROJAN DNS Query to Cerber Domain (lpnef4 . bid) (trojan.rules) 2823278 - ETPRO TROJAN DNS Query to Cerber Domain (l6nhw7 . bid) (trojan.rules) 2823279 - ETPRO TROJAN DNS Query to Cerber Domain (sx90yk . bid) (trojan.rules) 2823280 - ETPRO TROJAN DNS Query to Cerber Domain (cm5ohx . bid) (trojan.rules) 2823281 - ETPRO TROJAN DNS Query to Cerber Domain (v9y6z8 . bid) (trojan.rules) 2823282 - ETPRO TROJAN DNS Query to Cerber Domain (ohpw50 . top) (trojan.rules) 2823283 - ETPRO TROJAN DNS Query to Cerber Domain (catfills . mobi) (trojan.rules) 2823284 - ETPRO TROJAN DNS Query to Cerber Domain (j5spvw . bid) (trojan.rules) 2823285 - ETPRO TROJAN DNS Query to Cerber Domain (byeraser . lol) (trojan.rules) 2823287 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823289 - ETPRO TROJAN DNS Query to Cerber Domain (0ot7em . bid) (trojan.rules) 2823290 - ETPRO TROJAN DNS Query to Cerber Domain (frr0od . bid) (trojan.rules) 2823291 - ETPRO TROJAN DNS Query to Cerber Domain (mpduf5 . bid) (trojan.rules) 2823292 - ETPRO TROJAN DNS Query to Cerber Domain (jmz94o . bid) (trojan.rules) 2823293 - ETPRO TROJAN DNS Query to Cerber Domain (ewfp5y . bid) (trojan.rules) 2823294 - ETPRO TROJAN DNS Query to Cerber Domain (1pr9as . top) (trojan.rules) 2823295 - ETPRO TROJAN DNS Query to Cerber Domain (fp6fj6 . top) (trojan.rules) 2823296 - ETPRO TROJAN DNS Query to Cerber Domain (le2brr . bid) (trojan.rules) 2823297 - ETPRO TROJAN DNS Query to Cerber Domain (ab4dix . bid) (trojan.rules) 2823298 - ETPRO TROJAN DNS Query to Cerber Domain (4c71wg . bid) (trojan.rules) 2823314 - ETPRO TROJAN DNS Query to Cerber Domain (nnb83b . bid) (trojan.rules) 2823315 - ETPRO TROJAN DNS Query to Cerber Domain (2eu9zl . bid) (trojan.rules) 2823316 - ETPRO TROJAN DNS Query to Cerber Domain (forththat . pw) (trojan.rules) 2823317 - ETPRO TROJAN DNS Query to Cerber Domain (hclz73 . top) (trojan.rules) 2823318 - ETPRO TROJAN DNS Query to Cerber Domain (23fvxw . bid) (trojan.rules) 2823319 - ETPRO TROJAN DNS Query to Cerber Domain (3nke6l . bid) (trojan.rules) 2823320 - ETPRO TROJAN DNS Query to Cerber Domain (xy2rlg . bid) (trojan.rules) 2823321 - ETPRO TROJAN DNS Query to Cerber Domain (f1l8li . bid) (trojan.rules) 2823322 - ETPRO TROJAN DNS Query to Cerber Domain (e2yzfi . bid) (trojan.rules) 2823323 - ETPRO TROJAN DNS Query to Cerber Domain (83j6lj . top) (trojan.rules) 2823341 - ETPRO TROJAN Ransomware/Princess Onion Domain Lookup (trojan.rules) 2823342 - ETPRO TROJAN Ransomware/Princess Onion Domain Lookup (trojan.rules) 2823343 - ETPRO TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823344 - ETPRO TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823345 - ETPRO TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823346 - ETPRO TROJAN JigsawLocker .onion Proxy Domain (trojan.rules) 2823347 - ETPRO TROJAN MSIL.Neutron .onion Proxy Domain (trojan.rules) 2823348 - ETPRO TROJAN Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2823349 - ETPRO TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823350 - ETPRO TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823351 - ETPRO TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823368 - ETPRO TROJAN DNS Query to Cerber Domain (kwrd4f . bid) (trojan.rules) 2823369 - ETPRO TROJAN DNS Query to Cerber Domain (ihuk7s . top) (trojan.rules) 2823370 - ETPRO TROJAN DNS Query to Cerber Domain (4bx196 . top) (trojan.rules) 2823371 - ETPRO TROJAN DNS Query to Cerber Domain (lt0h7j . top) (trojan.rules) 2823372 - ETPRO TROJAN DNS Query to Cerber Domain (y9kxz2 . bid) (trojan.rules) 2823373 - ETPRO TROJAN DNS Query to Cerber Domain (p93w1x . bid) (trojan.rules) 2823374 - ETPRO TROJAN DNS Query to Cerber Domain (gxccir . bid) (trojan.rules) 2823375 - ETPRO TROJAN DNS Query to Cerber Domain (34o9h1 . bid) (trojan.rules) 2823376 - ETPRO TROJAN DNS Query to Cerber Domain (hci9di . bid) (trojan.rules) 2823377 - ETPRO TROJAN DNS Query to Cerber Domain (vrgdrs . top) (trojan.rules) 2823379 - ETPRO TROJAN DNS Query to Cerber Domain (tmfl6g . bid) (trojan.rules) 2823380 - ETPRO TROJAN DNS Query to Cerber Domain (y7603i . bid) (trojan.rules) 2823381 - ETPRO TROJAN DNS Query to Cerber Domain (1m47ka . bid) (trojan.rules) 2823382 - ETPRO TROJAN DNS Query to Cerber Domain (c4cwr4 . bid) (trojan.rules) 2823383 - ETPRO TROJAN DNS Query to Cerber Domain (jo73jn . bid) (trojan.rules) 2823384 - ETPRO TROJAN DNS Query to Cerber Domain (chnbyl . bid) (trojan.rules) 2823385 - ETPRO TROJAN DNS Query to Cerber Domain (735giv . top) (trojan.rules) 2823386 - ETPRO TROJAN DNS Query to Cerber Domain (6cfu46 . bid) (trojan.rules) 2823387 - ETPRO TROJAN DNS Query to Cerber Domain (odllm3 . bid) (trojan.rules) 2823388 - ETPRO TROJAN DNS Query to Cerber Domain (vth4o4 . bid) (trojan.rules) 2823404 - ETPRO TROJAN Win32/Ranscrape Ransomware Onion Domain Lookup (trojan.rules) 2823424 - ETPRO TROJAN DNS Query to Cerber Domain (m5o4p2 . top) (trojan.rules) 2823425 - ETPRO TROJAN DNS Query to Cerber Domain (t6ueop . bid) (trojan.rules) 2823426 - ETPRO TROJAN DNS Query to Cerber Domain (w19ftt . bid) (trojan.rules) 2823427 - ETPRO TROJAN DNS Query to Cerber Domain (1p5lyh . top) (trojan.rules) 2823428 - ETPRO TROJAN DNS Query to Cerber Domain (u92m7j . bid) (trojan.rules) 2823429 - ETPRO TROJAN DNS Query to Cerber Domain (5e4u7d . bid) (trojan.rules) 2823430 - ETPRO TROJAN DNS Query to Cerber Domain (n0om0m . top) (trojan.rules) 2823431 - ETPRO TROJAN DNS Query to Cerber Domain (3sc3f8 . bid) (trojan.rules) 2823432 - ETPRO TROJAN DNS Query to Cerber Domain (adr3ju . bid) (trojan.rules) 2823433 - ETPRO TROJAN DNS Query to Cerber Domain (kfymbh . top) (trojan.rules) 2823443 - ETPRO TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823462 - ETPRO TROJAN DNS Query to Cerber Domain (gxty7j . top) (trojan.rules) 2823463 - ETPRO TROJAN DNS Query to Cerber Domain (9c431m . bid) (trojan.rules) 2823464 - ETPRO TROJAN DNS Query to Cerber Domain (u9fcji . bid) (trojan.rules) 2823465 - ETPRO TROJAN DNS Query to Cerber Domain (5i0ukv . bid) (trojan.rules) 2823466 - ETPRO TROJAN DNS Query to Cerber Domain (7a07br . bid) (trojan.rules) 2823467 - ETPRO TROJAN DNS Query to Cerber Domain (3buvlc . bid) (trojan.rules) 2823468 - ETPRO TROJAN DNS Query to Cerber Domain (zz3w5l . bid) (trojan.rules) 2823469 - ETPRO TROJAN DNS Query to Cerber Domain (19wkwf . top) (trojan.rules) 2823470 - ETPRO TROJAN DNS Query to Cerber Domain (v4nus1 . top) (trojan.rules) 2823471 - ETPRO TROJAN DNS Query to Cerber Domain (x8p2m7 . bid) (trojan.rules) 2823476 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.IB .onion Proxy Domain (mobile_malware.rules) 2823501 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823502 - ETPRO TROJAN DNS Query to Cerber Domain (9mu6vk . top) (trojan.rules) 2823503 - ETPRO TROJAN DNS Query to Cerber Domain (psrd32 . bid) (trojan.rules) 2823504 - ETPRO TROJAN DNS Query to Cerber Domain (jwi2ek . bid) (trojan.rules) 2823505 - ETPRO TROJAN DNS Query to Cerber Domain (ffsm1a . bid) (trojan.rules) 2823506 - ETPRO TROJAN DNS Query to Cerber Domain (1blwcn . top) (trojan.rules) 2823507 - ETPRO TROJAN DNS Query to Cerber Domain (zu3fzc . bid) (trojan.rules) 2823508 - ETPRO TROJAN DNS Query to Cerber Domain (r38w54 . top) (trojan.rules) 2823509 - ETPRO TROJAN DNS Query to Cerber Domain (0v7hry . bid) (trojan.rules) 2823510 - ETPRO TROJAN DNS Query to Cerber Domain (tsrwj3 . top) (trojan.rules) 2823511 - ETPRO TROJAN DNS Query to Cerber Domain (zi842m . bid) (trojan.rules) 2823522 - ETPRO TROJAN DNS Query to Cerber Domain (19jmfr . top) (trojan.rules) 2823523 - ETPRO TROJAN DNS Query to Cerber Domain (7jrv53 . bid) (trojan.rules) 2823524 - ETPRO TROJAN DNS Query to Cerber Domain (axu3u8 . bid) (trojan.rules) 2823525 - ETPRO TROJAN DNS Query to Cerber Domain (e6cf2t . bid) (trojan.rules) 2823526 - ETPRO TROJAN DNS Query to Cerber Domain (6tjvli . bid) (trojan.rules) 2823527 - ETPRO TROJAN DNS Query to Cerber Domain (b31wkh . bid) (trojan.rules) 2823528 - ETPRO TROJAN DNS Query to Cerber Domain (li5nz3 . bid) (trojan.rules) 2823529 - ETPRO TROJAN DNS Query to Cerber Domain (oxmffh . bid) (trojan.rules) 2823530 - ETPRO TROJAN DNS Query to Cerber Domain (41c920 . top) (trojan.rules) 2823531 - ETPRO TROJAN DNS Query to Cerber Domain (531sol . bid) (trojan.rules) 2823536 - ETPRO TROJAN Possible XAgent APT28 DNS Lookup (trojan.rules) 2823553 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823554 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823555 - ETPRO TROJAN Observed Malicious DNS Query (FlokiBot CnC) (trojan.rules) 2823557 - ETPRO TROJAN DNS Query to Cerber Domain (rudjg0 . bid) (trojan.rules) 2823558 - ETPRO TROJAN DNS Query to Cerber Domain (w67y8u . bid) (trojan.rules) 2823559 - ETPRO TROJAN DNS Query to Cerber Domain (b14kkk . bid) (trojan.rules) 2823560 - ETPRO TROJAN DNS Query to Cerber Domain (1zdllt . bid) (trojan.rules) 2823561 - ETPRO TROJAN DNS Query to Cerber Domain (vwgxhm . bid) (trojan.rules) 2823562 - ETPRO TROJAN DNS Query to Cerber Domain (hy6dxo . bid) (trojan.rules) 2823563 - ETPRO TROJAN DNS Query to Cerber Domain (v0xn1i . bid) (trojan.rules) 2823564 - ETPRO TROJAN DNS Query to Cerber Domain (z8rkat . bid) (trojan.rules) 2823565 - ETPRO TROJAN DNS Query to Cerber Domain (o83838 . bid) (trojan.rules) 2823566 - ETPRO TROJAN DNS Query to Cerber Domain (ev99l6 . bid) (trojan.rules) 2823586 - ETPRO TROJAN Zbot!ZA .onion Proxy Domain (trojan.rules) 2823590 - ETPRO TROJAN DNS Query to Cerber Domain (o5b17o . top) (trojan.rules) 2823591 - ETPRO TROJAN DNS Query to Cerber Domain (wk0295 . top) (trojan.rules) 2823592 - ETPRO TROJAN DNS Query to Cerber Domain (yv3uwa . bid) (trojan.rules) 2823593 - ETPRO TROJAN DNS Query to Cerber Domain (zjfbxy . top) (trojan.rules) 2823594 - ETPRO TROJAN DNS Query to Cerber Domain (g7rst5 . bid) (trojan.rules) 2823595 - ETPRO TROJAN DNS Query to Cerber Domain (20phzx . bid) (trojan.rules) 2823596 - ETPRO TROJAN DNS Query to Cerber Domain (kkkshn . bid) (trojan.rules) 2823597 - ETPRO TROJAN DNS Query to Cerber Domain (13uvry . top) (trojan.rules) 2823598 - ETPRO TROJAN DNS Query to Cerber Domain (zh5mu9 . bid) (trojan.rules) 2823599 - ETPRO TROJAN DNS Query to Cerber Domain (nbz4dn . top) (trojan.rules) 2823613 - ETPRO TROJAN DNS Query to Cerber Domain (88oysp . bid) (trojan.rules) 2823614 - ETPRO TROJAN DNS Query to Cerber Domain (5hmjh7 . bid) (trojan.rules) 2823615 - ETPRO TROJAN DNS Query to Cerber Domain (re2b6k . bid) (trojan.rules) 2823616 - ETPRO TROJAN DNS Query to Cerber Domain (5a2a7e . top) (trojan.rules) 2823617 - ETPRO TROJAN DNS Query to Cerber Domain (9yim37 . top) (trojan.rules) 2823618 - ETPRO TROJAN DNS Query to Cerber Domain (cxbp5p . bid) (trojan.rules) 2823619 - ETPRO TROJAN DNS Query to Cerber Domain (1k1dxt . top) (trojan.rules) 2823620 - ETPRO TROJAN DNS Query to Cerber Domain (p9su2u . top) (trojan.rules) 2823621 - ETPRO TROJAN DNS Query to Cerber Domain (jtdcph . bid) (trojan.rules) 2823622 - ETPRO TROJAN DNS Query to Cerber Domain (umvv28 . top) (trojan.rules) 2823626 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823627 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823628 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823629 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823630 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823631 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823632 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823633 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823634 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823635 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823636 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823637 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823643 - ETPRO TROJAN APT28 Uploader Variant DNS Lookup (trojan.rules) 2823645 - ETPRO TROJAN DNS Query to Cerber Domain (ftch30 . bid) (trojan.rules) 2823646 - ETPRO TROJAN DNS Query to Cerber Domain (jnhdk3 . bid) (trojan.rules) 2823647 - ETPRO TROJAN DNS Query to Cerber Domain (llm3m0 . bid) (trojan.rules) 2823648 - ETPRO TROJAN DNS Query to Cerber Domain (w22p3v . top) (trojan.rules) 2823649 - ETPRO TROJAN DNS Query to Cerber Domain (ca15sj . top) (trojan.rules) 2823650 - ETPRO TROJAN DNS Query to Cerber Domain (dybsth . bid) (trojan.rules) 2823651 - ETPRO TROJAN DNS Query to Cerber Domain (7m7ujm . bid) (trojan.rules) 2823652 - ETPRO TROJAN DNS Query to Cerber Domain (u52m7j . bid) (trojan.rules) 2823653 - ETPRO TROJAN DNS Query to Cerber Domain (9sfk22 . bid) (trojan.rules) 2823654 - ETPRO TROJAN DNS Query to Cerber Domain (mszbbu . bid) (trojan.rules) 2823660 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823679 - ETPRO TROJAN DNS Query to Cerber Domain (8g1k17 . bid) (trojan.rules) 2823680 - ETPRO TROJAN DNS Query to Cerber Domain (rssh3l . bid) (trojan.rules) 2823681 - ETPRO TROJAN DNS Query to Cerber Domain (j4cser . bid) (trojan.rules) 2823682 - ETPRO TROJAN DNS Query to Cerber Domain (g2svcp . bid) (trojan.rules) 2823683 - ETPRO TROJAN DNS Query to Cerber Domain (l4jpwv . bid) (trojan.rules) 2823684 - ETPRO TROJAN DNS Query to Cerber Domain (3t3hyf . top) (trojan.rules) 2823685 - ETPRO TROJAN DNS Query to Cerber Domain (4nf7ij . top) (trojan.rules) 2823686 - ETPRO TROJAN DNS Query to Cerber Domain (paahyp . bid) (trojan.rules) 2823687 - ETPRO TROJAN DNS Query to Cerber Domain (rsi6gn . top) (trojan.rules) 2823688 - ETPRO TROJAN DNS Query to Cerber Domain (xf9wd1 . bid) (trojan.rules) 2823689 - ETPRO TROJAN DNS Query to Cerber Domain (zreknv . bid) (trojan.rules) 2823706 - ETPRO TROJAN Donoff .onion Proxy Domain (trojan.rules) 2823707 - ETPRO TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823708 - ETPRO TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823709 - ETPRO TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823710 - ETPRO TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823711 - ETPRO TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823718 - ETPRO TROJAN Possible Zcrypt Ransomware Variant .onion Proxy Domain (trojan.rules) 2823719 - ETPRO TROJAN VBA/TrojanDownloader.Agent.CCD .onion Proxy Domain (trojan.rules) 2823720 - ETPRO MOBILE_MALWARE Android/Spy.Kasandra.A .onion Proxy Domain (mobile_malware.rules) 2823721 - ETPRO TROJAN Donoff .onion Proxy Domain (trojan.rules) 2823726 - ETPRO TROJAN DNS Query to Cerber Domain (r3b2sh . top) (trojan.rules) 2823727 - ETPRO TROJAN DNS Query to Cerber Domain (63rx85 . top) (trojan.rules) 2823728 - ETPRO TROJAN DNS Query to Cerber Domain (bvbg1l . top) (trojan.rules) 2823729 - ETPRO TROJAN DNS Query to Cerber Domain (jnv1df . top) (trojan.rules) 2823730 - ETPRO TROJAN DNS Query to Cerber Domain (ucrw57 . top) (trojan.rules) 2823731 - ETPRO TROJAN DNS Query to Cerber Domain (x83zw1 . top) (trojan.rules) 2823732 - ETPRO TROJAN DNS Query to Cerber Domain (bdlvdy . top) (trojan.rules) 2823733 - ETPRO TROJAN DNS Query to Cerber Domain (fytfiy . top) (trojan.rules) 2823734 - ETPRO TROJAN DNS Query to Cerber Domain (t8rizh . top) (trojan.rules) 2823735 - ETPRO TROJAN DNS Query to Cerber Domain (otruw6 . top) (trojan.rules) 2823736 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823737 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823748 - ETPRO CURRENT_EVENTS Likely Phishing DNS Lookup (Fake MS Service) (current_events.rules) 2823749 - ETPRO CURRENT_EVENTS Likely Phishing DNS Lookup (Fake MS Service) (current_events.rules) 2823750 - ETPRO CURRENT_EVENTS Likely Phishing DNS Lookup (Fake MS Service) (current_events.rules) 2823751 - ETPRO TROJAN Win32.Scar.olyu .onion Proxy Domain (trojan.rules) 2823758 - ETPRO TROJAN DNS Query to Cerber Domain (tse45f . top) (trojan.rules) 2823759 - ETPRO TROJAN DNS Query to Cerber Domain (voxmff . top) (trojan.rules) 2823760 - ETPRO TROJAN DNS Query to Cerber Domain (3vjkdo . top) (trojan.rules) 2823761 - ETPRO TROJAN DNS Query to Cerber Domain (2fu7bc . top) (trojan.rules) 2823762 - ETPRO TROJAN DNS Query to Cerber Domain (4h16v3 . top) (trojan.rules) 2823763 - ETPRO TROJAN DNS Query to Cerber Domain (5m2n7x . top) (trojan.rules) 2823764 - ETPRO TROJAN DNS Query to Cerber Domain (c8jxpp . top) (trojan.rules) 2823765 - ETPRO TROJAN DNS Query to Cerber Domain (gutwj0 . top) (trojan.rules) 2823766 - ETPRO TROJAN DNS Query to Cerber Domain (odmtu3 . top) (trojan.rules) 2823767 - ETPRO TROJAN DNS Query to Cerber Domain (83zw1f . bid) (trojan.rules) 2823769 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823770 - ETPRO TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2823786 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2823787 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2823790 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823791 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823792 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823793 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823794 - ETPRO TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823795 - ETPRO TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823796 - ETPRO TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823797 - ETPRO TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823798 - ETPRO TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823799 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2823800 - ETPRO TROJAN DNS Query to Cerber Domain (3pfli8 . top) (trojan.rules) 2823801 - ETPRO TROJAN DNS Query to Cerber Domain (582h0n . top) (trojan.rules) 2823802 - ETPRO TROJAN DNS Query to Cerber Domain (ekll3z . top) (trojan.rules) 2823803 - ETPRO TROJAN DNS Query to Cerber Domain (g5b4b1 . bid) (trojan.rules) 2823804 - ETPRO TROJAN DNS Query to Cerber Domain (ujc6h3 . top) (trojan.rules) 2823805 - ETPRO TROJAN DNS Query to Cerber Domain (wmvsh0 . top) (trojan.rules) 2823806 - ETPRO TROJAN DNS Query to Cerber Domain (v8j99w . top) (trojan.rules) 2823807 - ETPRO TROJAN DNS Query to Cerber Domain (8699s9 . bid) (trojan.rules) 2823808 - ETPRO TROJAN DNS Query to Cerber Domain (bvy5wt . top) (trojan.rules) 2823809 - ETPRO TROJAN DNS Query to Cerber Domain (cc6dh3 . top) (trojan.rules) 2823844 - ETPRO TROJAN DNS Query to Cerber Domain (m20ehf . top) (trojan.rules) 2823845 - ETPRO TROJAN DNS Query to Cerber Domain (lbxvhk . top) (trojan.rules) 2823846 - ETPRO TROJAN DNS Query to Cerber Domain (g0lpnj . bid) (trojan.rules) 2823847 - ETPRO TROJAN DNS Query to Cerber Domain (3peyo3 . bid) (trojan.rules) 2823848 - ETPRO TROJAN DNS Query to Cerber Domain (17rmvr . top) (trojan.rules) 2823849 - ETPRO TROJAN DNS Query to Cerber Domain (85kvie . top) (trojan.rules) 2823850 - ETPRO TROJAN DNS Query to Cerber Domain (hmjwi2 . bid) (trojan.rules) 2823851 - ETPRO TROJAN DNS Query to Cerber Domain (x9ap4h . top) (trojan.rules) 2823852 - ETPRO TROJAN DNS Query to Cerber Domain (zj1ffv . top) (trojan.rules) 2823853 - ETPRO TROJAN DNS Query to Cerber Domain (bhynoo . top) (trojan.rules) 2823865 - ETPRO TROJAN DNS Query to Cerber Domain (htbzl2 . top) (trojan.rules) 2823866 - ETPRO TROJAN DNS Query to Cerber Domain (rovr6i . top) (trojan.rules) 2823867 - ETPRO TROJAN DNS Query to Cerber Domain (5s96fr . top) (trojan.rules) 2823868 - ETPRO TROJAN DNS Query to Cerber Domain (tidldc . top) (trojan.rules) 2823869 - ETPRO TROJAN DNS Query to Cerber Domain (0cgaez . top) (trojan.rules) 2823870 - ETPRO TROJAN DNS Query to Cerber Domain (eu2xdg . top) (trojan.rules) 2823871 - ETPRO TROJAN DNS Query to Cerber Domain (dj68hn . top) (trojan.rules) 2823872 - ETPRO TROJAN DNS Query to Cerber Domain (45yu0p . bid) (trojan.rules) 2823873 - ETPRO TROJAN DNS Query to Cerber Domain (djiag3 . top) (trojan.rules) 2823874 - ETPRO TROJAN DNS Query to Cerber Domain (d7h6yx . top) (trojan.rules) 2823883 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2823884 - ETPRO TROJAN DNS Query to Cerber Domain (pfw1bw . bid) (trojan.rules) 2823885 - ETPRO TROJAN DNS Query to Cerber Domain (dgjpgy . top) (trojan.rules) 2823886 - ETPRO TROJAN DNS Query to Cerber Domain (yur4j5 . top) (trojan.rules) 2823887 - ETPRO TROJAN DNS Query to Cerber Domain (ncw0rp . top) (trojan.rules) 2823888 - ETPRO TROJAN DNS Query to Cerber Domain (xe1ws1 . top) (trojan.rules) 2823889 - ETPRO TROJAN DNS Query to Cerber Domain (llt6up . top) (trojan.rules) 2823890 - ETPRO TROJAN DNS Query to Cerber Domain (dc2djf . top) (trojan.rules) 2823891 - ETPRO TROJAN DNS Query to Cerber Domain (zee0xr . top) (trojan.rules) 2823892 - ETPRO TROJAN DNS Query to Cerber Domain (p161bl . top) (trojan.rules) 2823893 - ETPRO TROJAN DNS Query to Cerber Domain (rjf9yn . top) (trojan.rules) 2823897 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823898 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823899 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823920 - ETPRO TROJAN DNS Query to Cerber Domain (4d0934 . bid) (trojan.rules) 2823921 - ETPRO TROJAN DNS Query to Cerber Domain (w2fzwt . top) (trojan.rules) 2823922 - ETPRO TROJAN DNS Query to Cerber Domain (glg1i0 . top) (trojan.rules) 2823923 - ETPRO TROJAN DNS Query to Cerber Domain (uld7hk . top) (trojan.rules) 2823924 - ETPRO TROJAN DNS Query to Cerber Domain (fwzxnb . bid) (trojan.rules) 2823925 - ETPRO TROJAN DNS Query to Cerber Domain (19h8gc . top) (trojan.rules) 2823926 - ETPRO TROJAN DNS Query to Cerber Domain (x29u3i . top) (trojan.rules) 2823927 - ETPRO TROJAN DNS Query to Cerber Domain (smd95z . top) (trojan.rules) 2823928 - ETPRO TROJAN DNS Query to Cerber Domain (ovzy6p . top) (trojan.rules) 2823929 - ETPRO TROJAN DNS Query to Cerber Domain (8dlgyg . bid) (trojan.rules) 2823938 - ETPRO TROJAN VBA/TrojanDownloader.Agent.CEW .onion Proxy Domain (trojan.rules) 2823941 - ETPRO POLICY DNS Query to .onion proxy Domain (paysteroptionway.com) (policy.rules) 2823942 - ETPRO POLICY DNS Query to .onion proxy Domain (dorfact.at) (policy.rules) 2823943 - ETPRO POLICY DNS Query to .onion proxy Domain (flyjo.pl) (policy.rules) 2823954 - ETPRO TROJAN DNS Query to Cerber Domain (8l4jpw . top) (trojan.rules) 2823955 - ETPRO TROJAN DNS Query to Cerber Domain (drg1gf . top) (trojan.rules) 2823956 - ETPRO TROJAN DNS Query to Cerber Domain (z20x0r . top) (trojan.rules) 2823957 - ETPRO TROJAN DNS Query to Cerber Domain (rmgs2r . top) (trojan.rules) 2823958 - ETPRO TROJAN DNS Query to Cerber Domain (ttx0ig . top) (trojan.rules) 2823959 - ETPRO TROJAN DNS Query to Cerber Domain (gwz8gh . top) (trojan.rules) 2823960 - ETPRO TROJAN DNS Query to Cerber Domain (p3tt2t . top) (trojan.rules) 2823961 - ETPRO TROJAN DNS Query to Cerber Domain (vtwyjd . top) (trojan.rules) 2823962 - ETPRO TROJAN DNS Query to Cerber Domain (3pxhgt . top) (trojan.rules) 2823963 - ETPRO TROJAN DNS Query to Cerber Domain (rzt69n . top) (trojan.rules) 2823980 - ETPRO TROJAN DNS Query to Cerber Domain (z5xfkc . top) (trojan.rules) 2823981 - ETPRO TROJAN DNS Query to Cerber Domain (nn2ms2 . top) (trojan.rules) 2823982 - ETPRO TROJAN DNS Query to Cerber Domain (ul8hph . top) (trojan.rules) 2823983 - ETPRO TROJAN DNS Query to Cerber Domain (tyn5ya . top) (trojan.rules) 2823984 - ETPRO TROJAN DNS Query to Cerber Domain (1kvftk . top) (trojan.rules) 2823985 - ETPRO TROJAN DNS Query to Cerber Domain (arpbxw . top) (trojan.rules) 2823986 - ETPRO TROJAN DNS Query to Cerber Domain (z0mkoc . top) (trojan.rules) 2823987 - ETPRO TROJAN DNS Query to Cerber Domain (85xcav . top) (trojan.rules) 2823988 - ETPRO TROJAN DNS Query to Cerber Domain (15poas . top) (trojan.rules) 2823989 - ETPRO TROJAN DNS Query to Cerber Domain (o08ra6 . top) (trojan.rules) 2823995 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823997 - ETPRO TROJAN DNS Query to Cerber Domain (2wfe60 . top) (trojan.rules) 2823998 - ETPRO TROJAN DNS Query to Cerber Domain (af38vz . top) (trojan.rules) 2823999 - ETPRO TROJAN DNS Query to Cerber Domain (r31sot . top) (trojan.rules) 2824000 - ETPRO TROJAN DNS Query to Cerber Domain (o6fa2g . top) (trojan.rules) 2824001 - ETPRO TROJAN DNS Query to Cerber Domain (1bqroa . top) (trojan.rules) 2824002 - ETPRO TROJAN DNS Query to Cerber Domain (piv6tv . top) (trojan.rules) 2824003 - ETPRO TROJAN DNS Query to Cerber Domain (tih6y9 . top) (trojan.rules) 2824004 - ETPRO TROJAN DNS Query to Cerber Domain (f5x6ws . top) (trojan.rules) 2824005 - ETPRO TROJAN DNS Query to Cerber Domain (pcwcu6 . bid) (trojan.rules) 2824006 - ETPRO TROJAN DNS Query to Cerber Domain (od3rag . top) (trojan.rules) 2824008 - ETPRO TROJAN DNS Query to Cerber Domain (yjo0z9 . top) (trojan.rules) 2824009 - ETPRO TROJAN DNS Query to Cerber Domain (gt6nsg . bid) (trojan.rules) 2824010 - ETPRO TROJAN DNS Query to Cerber Domain (ud9z0v . top) (trojan.rules) 2824011 - ETPRO TROJAN DNS Query to Cerber Domain (h6dxvo . top) (trojan.rules) 2824012 - ETPRO TROJAN DNS Query to Cerber Domain (u8yz5b . top) (trojan.rules) 2824013 - ETPRO TROJAN DNS Query to Cerber Domain (j5s57p . bid) (trojan.rules) 2824014 - ETPRO TROJAN DNS Query to Cerber Domain (a9glrg . top) (trojan.rules) 2824015 - ETPRO TROJAN DNS Query to Cerber Domain (utebcd . top) (trojan.rules) 2824016 - ETPRO TROJAN DNS Query to Cerber Domain (et7izd . top) (trojan.rules) 2824017 - ETPRO TROJAN DNS Query to Cerber Domain (7pnxn9 . top) (trojan.rules) 2824022 - ETPRO TROJAN Hidden Tear .onion Proxy Domain (trojan.rules) 2824033 - ETPRO TROJAN DNS Query to Cerber Domain (obnctf . bid) (trojan.rules) 2824034 - ETPRO TROJAN DNS Query to Cerber Domain (kj3f52 . bid) (trojan.rules) 2824035 - ETPRO TROJAN DNS Query to Cerber Domain (zgw8bu . top) (trojan.rules) 2824036 - ETPRO TROJAN DNS Query to Cerber Domain (rt01jw . top) (trojan.rules) 2824037 - ETPRO TROJAN DNS Query to Cerber Domain (4ghwzy . top) (trojan.rules) 2824038 - ETPRO TROJAN DNS Query to Cerber Domain (u8e2dz . top) (trojan.rules) 2824039 - ETPRO TROJAN DNS Query to Cerber Domain (3m3ngm . top) (trojan.rules) 2824040 - ETPRO TROJAN DNS Query to Cerber Domain (eujvrw . bid) (trojan.rules) 2824041 - ETPRO TROJAN DNS Query to Cerber Domain (bw9e2z . top) (trojan.rules) 2824042 - ETPRO TROJAN DNS Query to Cerber Domain (yl1wg6 . top) (trojan.rules) 2824043 - ETPRO TROJAN Win32.Bunitu DNS Lookup (trojan.rules) 2824051 - ETPRO TROJAN DNS Query to Cerber Domain (mzuirs . top) (trojan.rules) 2824052 - ETPRO TROJAN DNS Query to Cerber Domain (r8c85p . top) (trojan.rules) 2824053 - ETPRO TROJAN DNS Query to Cerber Domain (hezwde . top) (trojan.rules) 2824054 - ETPRO TROJAN DNS Query to Cerber Domain (h44l3d . bid) (trojan.rules) 2824055 - ETPRO TROJAN DNS Query to Cerber Domain (34efzl . top) (trojan.rules) 2824056 - ETPRO TROJAN DNS Query to Cerber Domain (eo6n4d . top) (trojan.rules) 2824057 - ETPRO TROJAN DNS Query to Cerber Domain (trbrkn . top) (trojan.rules) 2824058 - ETPRO TROJAN DNS Query to Cerber Domain (lruwth . top) (trojan.rules) 2824059 - ETPRO TROJAN DNS Query to Cerber Domain (vbfyit . top) (trojan.rules) 2824060 - ETPRO TROJAN DNS Query to Cerber Domain (hbhpzu . top) (trojan.rules) 2824061 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824062 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824063 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824064 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824065 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824066 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824067 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824082 - ETPRO TROJAN APT28 DNS Lookup (trojan.rules) 2824083 - ETPRO TROJAN APT28 DNS Lookup (trojan.rules) 2824084 - ETPRO TROJAN APT28 DNS Lookup (trojan.rules) 2824085 - ETPRO TROJAN APT28 DNS Lookup (trojan.rules) 2824086 - ETPRO TROJAN APT28 DNS Lookup (trojan.rules) 2824089 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824098 - ETPRO TROJAN DNS Query to Cerber Domain (ci221p . top) (trojan.rules) 2824099 - ETPRO TROJAN DNS Query to Cerber Domain (6k1otk . top) (trojan.rules) 2824100 - ETPRO TROJAN DNS Query to Cerber Domain (19dmua . top) (trojan.rules) 2824101 - ETPRO TROJAN DNS Query to Cerber Domain (jgafk0 . top) (trojan.rules) 2824102 - ETPRO TROJAN DNS Query to Cerber Domain (i0jh68 . top) (trojan.rules) 2824103 - ETPRO TROJAN DNS Query to Cerber Domain (zkxb17 . top) (trojan.rules) 2824104 - ETPRO TROJAN DNS Query to Cerber Domain (wwa4tu . top) (trojan.rules) 2824105 - ETPRO TROJAN DNS Query to Cerber Domain (9isvnh . top) (trojan.rules) 2824106 - ETPRO TROJAN DNS Query to Cerber Domain (0ayn1s . top) (trojan.rules) 2824107 - ETPRO TROJAN DNS Query to Cerber Domain (jye7lt . top) (trojan.rules) 2824114 - ETPRO TROJAN DNS Query to Cerber Domain (10nzk9 . top) (trojan.rules) 2824115 - ETPRO TROJAN DNS Query to Cerber Domain (0ses78 . top) (trojan.rules) 2824116 - ETPRO TROJAN DNS Query to Cerber Domain (ayjy5d . top) (trojan.rules) 2824117 - ETPRO TROJAN DNS Query to Cerber Domain (s611js . top) (trojan.rules) 2824118 - ETPRO TROJAN DNS Query to Cerber Domain (ejc92c . top) (trojan.rules) 2824119 - ETPRO TROJAN DNS Query to Cerber Domain (zgyua4 . top) (trojan.rules) 2824120 - ETPRO TROJAN DNS Query to Cerber Domain (1b6ugs . top) (trojan.rules) 2824121 - ETPRO TROJAN DNS Query to Cerber Domain (1xbdc2 . top) (trojan.rules) 2824122 - ETPRO TROJAN DNS Query to Cerber Domain (0m9rxw . top) (trojan.rules) 2824123 - ETPRO TROJAN DNS Query to Cerber Domain (tebibg . top) (trojan.rules) 2824135 - ETPRO TROJAN DNS Query to Cerber Domain (va3ibn . top) (trojan.rules) 2824136 - ETPRO TROJAN DNS Query to Cerber Domain (ean5e7 . top) (trojan.rules) 2824137 - ETPRO TROJAN DNS Query to Cerber Domain (1mznhc . top) (trojan.rules) 2824138 - ETPRO TROJAN DNS Query to Cerber Domain (rys9pj . top) (trojan.rules) 2824139 - ETPRO TROJAN DNS Query to Cerber Domain (h1ropx . top) (trojan.rules) 2824140 - ETPRO TROJAN DNS Query to Cerber Domain (a4m03m . top) (trojan.rules) 2824141 - ETPRO TROJAN DNS Query to Cerber Domain (vjso7r . top) (trojan.rules) 2824142 - ETPRO TROJAN DNS Query to Cerber Domain (wgx4go . top) (trojan.rules) 2824143 - ETPRO TROJAN DNS Query to Cerber Domain (3oebta . top) (trojan.rules) 2824144 - ETPRO TROJAN DNS Query to Cerber Domain (6yza5v . top) (trojan.rules) 2824145 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2824146 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2824162 - ETPRO TROJAN DNS Query to Cerber Domain (14zwws . top) (trojan.rules) 2824163 - ETPRO TROJAN DNS Query to Cerber Domain (1jpogn . top) (trojan.rules) 2824164 - ETPRO TROJAN DNS Query to Cerber Domain (1mwipu . top) (trojan.rules) 2824165 - ETPRO TROJAN DNS Query to Cerber Domain (1e6ln1 . top) (trojan.rules) 2824166 - ETPRO TROJAN DNS Query to Cerber Domain (1pr21c . top) (trojan.rules) 2824167 - ETPRO TROJAN DNS Query to Cerber Domain (1gtx3p . top) (trojan.rules) 2824168 - ETPRO TROJAN DNS Query to Cerber Domain (199ovv . top) (trojan.rules) 2824169 - ETPRO TROJAN DNS Query to Cerber Domain (1bpfr1 . top) (trojan.rules) 2824171 - ETPRO TROJAN DNS Query to Cerber Domain (17vj7b . top) (trojan.rules) 2824172 - ETPRO TROJAN DNS Query to Cerber Domain (1cynje . top) (trojan.rules) 2824173 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.IB .onion Proxy Domain (mobile_malware.rules) 2824188 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824190 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824193 - ETPRO TROJAN Donoff .onion Proxy Domain (trojan.rules) 2824199 - ETPRO TROJAN DNS Query to Cerber Domain (1mstqg . top) (trojan.rules) 2824200 - ETPRO TROJAN DNS Query to Cerber Domain (1gaje2 . top) (trojan.rules) 2824201 - ETPRO TROJAN DNS Query to Cerber Domain (13inb1 . top) (trojan.rules) 2824202 - ETPRO TROJAN DNS Query to Cerber Domain (vcev5c . top) (trojan.rules) 2824203 - ETPRO TROJAN DNS Query to Cerber Domain (p7k7t4 . top) (trojan.rules) 2824204 - ETPRO TROJAN DNS Query to Cerber Domain (tep6xb . top) (trojan.rules) 2824205 - ETPRO TROJAN DNS Query to Cerber Domain (pkx86a . top) (trojan.rules) 2824206 - ETPRO TROJAN DNS Query to Cerber Domain (omc09c . top) (trojan.rules) 2824207 - ETPRO TROJAN DNS Query to Cerber Domain (vc5s8b . top) (trojan.rules) 2824208 - ETPRO TROJAN DNS Query to Cerber Domain (gjbmis . top) (trojan.rules) 2824221 - ETPRO TROJAN DNS Query to Cerber Domain (1hzgre . top) (trojan.rules) 2824222 - ETPRO TROJAN DNS Query to Cerber Domain (1hkmxu . top) (trojan.rules) 2824223 - ETPRO TROJAN DNS Query to Cerber Domain (1cuxcy . top) (trojan.rules) 2824224 - ETPRO TROJAN DNS Query to Cerber Domain (j3aad9 . top) (trojan.rules) 2824225 - ETPRO TROJAN DNS Query to Cerber Domain (ewg6uf . bid) (trojan.rules) 2824226 - ETPRO TROJAN DNS Query to Cerber Domain (pa5z2s . top) (trojan.rules) 2824227 - ETPRO TROJAN DNS Query to Cerber Domain (1pgtzf . top) (trojan.rules) 2824228 - ETPRO TROJAN DNS Query to Cerber Domain (pxluvi . top) (trojan.rules) 2824229 - ETPRO TROJAN DNS Query to Cerber Domain (jl1hkd . top) (trojan.rules) 2824230 - ETPRO TROJAN DNS Query to Cerber Domain (2msuuj . top) (trojan.rules) 2824232 - ETPRO TROJAN Unknown PowerShell Downloader .onion Proxy Domain (trojan.rules) 2824259 - ETPRO TROJAN DNS Query to Cerber Domain (uunmkj . top) (trojan.rules) 2824260 - ETPRO TROJAN DNS Query to Cerber Domain (reu88i . top) (trojan.rules) 2824261 - ETPRO TROJAN DNS Query to Cerber Domain (prbuoi . top) (trojan.rules) 2824262 - ETPRO TROJAN DNS Query to Cerber Domain (gyciiz . top) (trojan.rules) 2824263 - ETPRO TROJAN DNS Query to Cerber Domain (72z4vw . top) (trojan.rules) 2824264 - ETPRO TROJAN DNS Query to Cerber Domain (1m3exl . top) (trojan.rules) 2824265 - ETPRO TROJAN DNS Query to Cerber Domain (gzxtez . top) (trojan.rules) 2824266 - ETPRO TROJAN DNS Query to Cerber Domain (13jukv . top) (trojan.rules) 2824267 - ETPRO TROJAN DNS Query to Cerber Domain (ozwwt1 . top) (trojan.rules) 2824268 - ETPRO TROJAN DNS Query to Cerber Domain (17kuzd . top) (trojan.rules) 2824270 - ETPRO TROJAN Banking PowerShell .onion Proxy Domain (trojan.rules) 2824271 - ETPRO TROJAN Banking PowerShell .onion Proxy Domain (trojan.rules) 2824272 - ETPRO TROJAN Banking PowerShell .onion Proxy Domain (trojan.rules) 2824289 - ETPRO TROJAN VertexNet .onion Proxy Domain (trojan.rules) 2824290 - ETPRO TROJAN DNS Query to Cerber Domain (162egg . top) (trojan.rules) 2824291 - ETPRO TROJAN DNS Query to Cerber Domain (4bzlfh . top) (trojan.rules) 2824292 - ETPRO TROJAN DNS Query to Cerber Domain (lxvmhm . top) (trojan.rules) 2824293 - ETPRO TROJAN DNS Query to Cerber Domain (1nsnuh . top) (trojan.rules) 2824294 - ETPRO TROJAN DNS Query to Cerber Domain (14xmig . top) (trojan.rules) 2824295 - ETPRO TROJAN DNS Query to Cerber Domain (r1sjrp . top) (trojan.rules) 2824296 - ETPRO TROJAN DNS Query to Cerber Domain (16iqt6 . top) (trojan.rules) 2824297 - ETPRO TROJAN DNS Query to Cerber Domain (w5hilw . top) (trojan.rules) 2824298 - ETPRO TROJAN DNS Query to Cerber Domain (momg04 . top) (trojan.rules) 2824299 - ETPRO TROJAN DNS Query to Cerber Domain (79j8fm . top) (trojan.rules) 2824328 - ETPRO TROJAN DNS Query to Cerber Domain (3p2gx6 . top) (trojan.rules) 2824329 - ETPRO TROJAN DNS Query to Cerber Domain (bds4sn . top) (trojan.rules) 2824330 - ETPRO TROJAN DNS Query to Cerber Domain (ac7zvz . top) (trojan.rules) 2824331 - ETPRO TROJAN DNS Query to Cerber Domain (5a5vmh . top) (trojan.rules) 2824332 - ETPRO TROJAN DNS Query to Cerber Domain (hzrekn . top) (trojan.rules) 2824333 - ETPRO TROJAN DNS Query to Cerber Domain (sz209n . bid) (trojan.rules) 2824334 - ETPRO TROJAN DNS Query to Cerber Domain (iyv3uw . top) (trojan.rules) 2824335 - ETPRO TROJAN DNS Query to Cerber Domain (1nc6uc . top) (trojan.rules) 2824336 - ETPRO TROJAN DNS Query to Cerber Domain (6x202r . top) (trojan.rules) 2824337 - ETPRO TROJAN DNS Query to Cerber Domain (2gayao . bid) (trojan.rules) 2824352 - ETPRO TROJAN Possible Remcos/Remvio DNS Lookup (trojan.rules) 2824359 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824360 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824361 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824362 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824363 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824364 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824365 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824371 - ETPRO TROJAN DNS Query to Cerber Domain (1ja4no . top) (trojan.rules) 2824372 - ETPRO TROJAN DNS Query to Cerber Domain (16jpgp . top) (trojan.rules) 2824373 - ETPRO TROJAN DNS Query to Cerber Domain (1lseoi . top) (trojan.rules) 2824374 - ETPRO TROJAN DNS Query to Cerber Domain (1bwh8a . top) (trojan.rules) 2824375 - ETPRO TROJAN DNS Query to Cerber Domain (12nypw . top) (trojan.rules) 2824376 - ETPRO TROJAN DNS Query to Cerber Domain (1fpeer . top) (trojan.rules) 2824377 - ETPRO TROJAN DNS Query to Cerber Domain (1cngub . top) (trojan.rules) 2824388 - ETPRO TROJAN DNS Query to Cerber Domain (1fete1 . top) (trojan.rules) 2824389 - ETPRO TROJAN DNS Query to Cerber Domain (1nounl . top) (trojan.rules) 2824390 - ETPRO TROJAN DNS Query to Cerber Domain (wiaikl . top) (trojan.rules) 2824391 - ETPRO TROJAN DNS Query to Cerber Domain (ut1k1z . top) (trojan.rules) 2824392 - ETPRO TROJAN DNS Query to Cerber Domain (h4lu4i . bid) (trojan.rules) 2824393 - ETPRO TROJAN DNS Query to Cerber Domain (da34zi . bid) (trojan.rules) 2824394 - ETPRO TROJAN DNS Query to Cerber Domain (5p76tw . top) (trojan.rules) 2824406 - ETPRO TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2824409 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824410 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824411 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824412 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824413 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824414 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824415 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824416 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824417 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824418 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824419 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824420 - ETPRO TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824421 - ETPRO TROJAN Win32.Bunitu DNS Lookup (trojan.rules) 2824422 - ETPRO TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules) 2824423 - ETPRO TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules) 2824424 - ETPRO TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules) 2824425 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.IB .onion Proxy Domain (mobile_malware.rules) 2824450 - ETPRO TROJAN NanoBot .onion Proxy Domain (trojan.rules) 2824451 - ETPRO TROJAN DNS Query to Cerber Domain (19ob95 . top) (trojan.rules) 2824452 - ETPRO TROJAN DNS Query to Cerber Domain (16gjpm . top) (trojan.rules) 2824453 - ETPRO TROJAN DNS Query to Cerber Domain (12gzrv . top) (trojan.rules) 2824454 - ETPRO TROJAN DNS Query to Cerber Domain (17ldrv . top) (trojan.rules) 2824455 - ETPRO TROJAN DNS Query to Cerber Domain (15rnwa . top) (trojan.rules) 2824456 - ETPRO TROJAN DNS Query to Cerber Domain (1pbu64 . top) (trojan.rules) 2824457 - ETPRO TROJAN DNS Query to Cerber Domain (191jcq . top) (trojan.rules) 2824458 - ETPRO TROJAN DNS Query to Cerber Domain (1kdfj8 . top) (trojan.rules) 2824479 - ETPRO TROJAN Win32/Filecoder.Philadelphia.E .onion Proxy Domain (trojan.rules) 2824480 - ETPRO TROJAN Win32/Filecoder.Philadelphia.E .onion Proxy Domain (trojan.rules) 2824485 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824487 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824488 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824493 - ETPRO TROJAN DNS Query to Cerber Domain (156vkx . top) (trojan.rules) 2824496 - ETPRO TROJAN DNS Query to Cerber Domain (1cqoww . top) (trojan.rules) 2824497 - ETPRO TROJAN DNS Query to Cerber Domain (15l2ub . top) (trojan.rules) 2824501 - ETPRO TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2824503 - ETPRO MOBILE_MALWARE Android/Simplocker.R DNS Lookup (mobile_malware.rules) 2824505 - ETPRO TROJAN Ransomware Domain Detected (Padcrypt) (trojan.rules) 2824516 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Svpeng DNS Lookup (mobile_malware.rules) 2824517 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Svpeng DNS Lookup (mobile_malware.rules) 2824518 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Svpeng DNS Lookup (mobile_malware.rules) 2824519 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Svpeng DNS Lookup (mobile_malware.rules) 2824534 - ETPRO TROJAN Ransomware Domain Detected (Padcrypt) (trojan.rules) 2824552 - ETPRO TROJAN DNS Query to Cerber Domain (1grrxe . top) (trojan.rules) 2824553 - ETPRO TROJAN DNS Query to Cerber Domain (1dlcbk . top) (trojan.rules) 2824554 - ETPRO TROJAN DNS Query to Cerber Domain (1kja1j . top) (trojan.rules) 2824555 - ETPRO TROJAN DNS Query to Cerber Domain (1egwye . top) (trojan.rules) 2824556 - ETPRO TROJAN DNS Query to Cerber Domain (1chy1m . top) (trojan.rules) 2824575 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824576 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824579 - ETPRO TROJAN Sage Ransomware Onion Domain (trojan.rules) 2824581 - ETPRO TROJAN Cry Ransomware Onion Domain (trojan.rules) 2824585 - ETPRO TROJAN DNS Query to Cerber Domain (16fohp . top) (trojan.rules) 2824586 - ETPRO TROJAN DNS Query to Cerber Domain (1em2j4 . top) (trojan.rules) 2824587 - ETPRO TROJAN DNS Query to Cerber Domain (1bniyw . top) (trojan.rules) 2824603 - ETPRO TROJAN Satan Ransomware .onion Signup Domain (trojan.rules) 2824616 - ETPRO TROJAN ZeuS Variant .onion Proxy Domain (trojan.rules) 2824621 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824625 - ETPRO TROJAN Win32.Androm.mgtq DNS Lookup (trojan.rules) 2824627 - ETPRO TROJAN Winnti-related Win32/Barlaiy DNS Lookup (trojan.rules) 2824628 - ETPRO TROJAN Winnti-related Win32/Barlaiy DNS Lookup (trojan.rules) 2824629 - ETPRO TROJAN Likely Winnti-related Win32/Barlaiy DNS Lookup (trojan.rules) 2824631 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824632 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824634 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.san DNS Lookup (mobile_malware.rules) 2824635 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.san DNS Lookup (mobile_malware.rules) 2824644 - ETPRO TROJAN DNS Query to Cerber Domain (1cpy1q . top) (trojan.rules) 2824645 - ETPRO TROJAN DNS Query to Cerber Domain (16ay2s . top) (trojan.rules) 2824646 - ETPRO TROJAN DNS Query to Cerber Domain (14gmtu . top) (trojan.rules) 2824647 - ETPRO TROJAN DNS Query to Cerber Domain (15nhsf . top) (trojan.rules) 2824685 - ETPRO TROJAN DNS Query to Cerber Domain (1jw2lx . top) (trojan.rules) 2824686 - ETPRO TROJAN DNS Query to Cerber Domain (1plugt . top) (trojan.rules) 2824698 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824699 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824700 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824701 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824702 - ETPRO TROJAN Unknown Trojan .onion Proxy Domain (trojan.rules) 2824705 - ETPRO TROJAN Retefe Banker .onion Domain (trojan.rules) 2824706 - ETPRO TROJAN Retefe Banker .onion Domain (trojan.rules) 2824731 - ETPRO MOBILE_MALWARE Android.Trojan.SMSSend.NE DNS Lookup (mobile_malware.rules) 2824732 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2824733 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2824734 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824735 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824736 - ETPRO TROJAN Retefe Banker .onion Domain (trojan.rules) 2824741 - ETPRO MOBILE_MALWARE Android/Locker.Q DNS Lookup (mobile_malware.rules) 2824742 - ETPRO MOBILE_MALWARE Android/Locker.Q DNS Lookup (mobile_malware.rules) 2824751 - ETPRO TROJAN DNS Query to Cerber Domain (13gmvm . top) (trojan.rules) 2824752 - ETPRO TROJAN DNS Query to Cerber Domain (bd7tlu . top) (trojan.rules) 2824753 - ETPRO TROJAN DNS Query to Cerber Domain (gcwggs . top) (trojan.rules) 2824754 - ETPRO TROJAN DNS Query to Cerber Domain (bxsn3z . top) (trojan.rules) 2824755 - ETPRO TROJAN DNS Query to Cerber Domain (h82on2 . top) (trojan.rules) 2824756 - ETPRO TROJAN DNS Query to Cerber Domain (kecz2c . top) (trojan.rules) 2824757 - ETPRO TROJAN DNS Query to Cerber Domain (zk95b8 . bid) (trojan.rules) 2824758 - ETPRO TROJAN DNS Query to Cerber Domain (ibar8s . top) (trojan.rules) 2824759 - ETPRO TROJAN DNS Query to Cerber Domain (g0lpn5 . bid) (trojan.rules) 2824760 - ETPRO TROJAN DNS Query to Cerber Domain (twyjdx . bid) (trojan.rules) 2824767 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824771 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824772 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824773 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824774 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824775 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2824782 - ETPRO TROJAN DNS Query to Cerber Domain (1cq7gd . top) (trojan.rules) 2824783 - ETPRO TROJAN DNS Query to Cerber Domain (1lt2pn . top) (trojan.rules) 2824784 - ETPRO TROJAN DNS Query to Cerber Domain (15jznv . top) (trojan.rules) 2824785 - ETPRO TROJAN DNS Query to Cerber Domain (1cauz3 . top) (trojan.rules) 2824786 - ETPRO TROJAN DNS Query to Cerber Domain (jb4uh0 . top) (trojan.rules) 2824787 - ETPRO TROJAN DNS Query to Cerber Domain (4ucg2l . bid) (trojan.rules) 2824788 - ETPRO TROJAN DNS Query to Cerber Domain (rzvhne . top) (trojan.rules) 2824789 - ETPRO TROJAN DNS Query to Cerber Domain (1eeb86 . top) (trojan.rules) 2824798 - ETPRO TROJAN Win32.Bunitu DNS Lookup (trojan.rules) 2824819 - ETPRO TROJAN DNS Query to Cerber Domain (145rzb . top) (trojan.rules) 2824820 - ETPRO TROJAN DNS Query to Cerber Domain (1c4zie . top) (trojan.rules) 2824821 - ETPRO TROJAN DNS Query to Cerber Domain (1feasu . top) (trojan.rules) 2824822 - ETPRO TROJAN DNS Query to Cerber Domain (u25sbm . bid) (trojan.rules) 2824823 - ETPRO TROJAN DNS Query to Cerber Domain (7ud98m . bid) (trojan.rules) 2824824 - ETPRO TROJAN APT.Turla DNS Lokup (trojan.rules) 2824825 - ETPRO TROJAN APT.Turla DNS Lokup (trojan.rules) 2824826 - ETPRO TROJAN APT.Turla DNS Lokup (trojan.rules) 2824827 - ETPRO TROJAN APT.Turla DNS Lokup (trojan.rules) 2824842 - ETPRO TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2824847 - ETPRO TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2824849 - ETPRO TROJAN Serpent Ransomware Onion Domain (trojan.rules) 2824850 - ETPRO TROJAN Serpent Ransomware Domain (trojan.rules) 2824851 - ETPRO TROJAN Serpent Ransomware Domain (trojan.rules) 2824872 - ETPRO MOBILE_MALWARE Android/Styricka.A DNS Lookup (mobile_malware.rules) 2824873 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2824874 - ETPRO CURRENT_EVENTS APT28 Phishing DNS Lookup (current_events.rules) 2824875 - ETPRO CURRENT_EVENTS APT28 Phishing DNS Lookup (current_events.rules) 2824876 - ETPRO CURRENT_EVENTS APT28 Phishing DNS Lookup (current_events.rules) 2824883 - ETPRO MOBILE_MALWARE Android/Locker.Q DNS Lookup (mobile_malware.rules) 2824884 - ETPRO MOBILE_MALWARE Android/Locker.Q DNS Lookup (mobile_malware.rules) 2824885 - ETPRO MOBILE_MALWARE Android/Locker.Q DNS Lookup (mobile_malware.rules) 2824886 - ETPRO TROJAN DNS Query to Cerber Domain (1fqwek . top) (trojan.rules) 2824887 - ETPRO TROJAN DNS Query to Cerber Domain (1bj4k9 . top) (trojan.rules) 2824888 - ETPRO TROJAN DNS Query to Cerber Domain (1dz7gk . top) (trojan.rules) 2824889 - ETPRO TROJAN DNS Query to Cerber Domain (1l4zyd . top) (trojan.rules) 2824890 - ETPRO TROJAN DNS Query to Cerber Domain (1d8m97 . top) (trojan.rules) 2824891 - ETPRO TROJAN DNS Query to Cerber Domain (1h23cc . top) (trojan.rules) 2824892 - ETPRO TROJAN DNS Query to Cerber Domain (1bvadx . top) (trojan.rules) 2824896 - ETPRO TROJAN Ransomware CnC DNS Lookup (btbord.org) (trojan.rules) 2824914 - ETPRO TROJAN Possible Remcos/Remvio DNS Lookup (trojan.rules) 2824921 - ETPRO TROJAN Banker.Win32.Alreay DNS Lookup (trojan.rules) 2824943 - ETPRO TROJAN Win32.Bunitu DNS Lookup (trojan.rules) 2824952 - ETPRO TROJAN DNS Query to Cerber Domain (1nmrtq . top) (trojan.rules) 2824953 - ETPRO TROJAN DNS Query to Cerber Domain (1gnlsi . top) (trojan.rules) 2824954 - ETPRO TROJAN DNS Query to Cerber Domain (1cglxz . top) (trojan.rules) 2824955 - ETPRO TROJAN DNS Query to Cerber Domain (1ktjse . top) (trojan.rules) 2824956 - ETPRO TROJAN DNS Query to Cerber Domain (12umzf . top) (trojan.rules) 2824957 - ETPRO TROJAN DNS Query to Cerber Domain (1psts4 . top) (trojan.rules) 2824963 - ETPRO CURRENT_EVENTS Unknown Phishing DNS Lookup (current_events.rules) 2824964 - ETPRO TROJAN APT28 OSX XAgent DNS Lookup (trojan.rules) 2824965 - ETPRO TROJAN APT28 OSX XAgent DNS Lookup (trojan.rules) 2824966 - ETPRO TROJAN APT28 OSX XAgent DNS Lookup (trojan.rules) 2824967 - ETPRO TROJAN APT28 OSX XAgent DNS Lookup (trojan.rules) 2824997 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2825013 - ETPRO TROJAN Gabby.APT/Rambo DNS Lookup (trojan.rules) 2825014 - ETPRO TROJAN Gabby.APT/Rambo DNS Lookup (trojan.rules) 2825018 - ETPRO TROJAN Sage Ransomware Domain (er29sl . com) (trojan.rules) 2825019 - ETPRO TROJAN Torrentlocker Ransomware Domain (fixnix . pl) (trojan.rules) 2825020 - ETPRO TROJAN Sage Ransomware Domain (pbt2ac . com) (trojan.rules) 2825021 - ETPRO TROJAN Sage Ransomware Domain (op7su2 . com) (trojan.rules) 2825022 - ETPRO TROJAN DNS Query to Cerber Domain (1enbyr . top) (trojan.rules) 2825023 - ETPRO TROJAN DNS Query to Cerber Domain (18kkhl . top) (trojan.rules) 2825024 - ETPRO TROJAN DNS Query to Cerber Domain (17g6gc . top) (trojan.rules) 2825025 - ETPRO TROJAN DNS Query to Cerber Domain (1cb19l . top) (trojan.rules) 2825065 - ETPRO TROJAN Spora .onion Proxy Domain (trojan.rules) 2825078 - ETPRO TROJAN DNS Query to Cerber Domain (12c8ff . top) (trojan.rules) 2825079 - ETPRO TROJAN DNS Query to Cerber Domain (1dyzdh . top) (trojan.rules) 2825080 - ETPRO TROJAN DNS Query to Cerber Domain (13upky . top) (trojan.rules) 2825081 - ETPRO TROJAN DNS Query to Cerber Domain (1gqqsc . top) (trojan.rules) 2825082 - ETPRO TROJAN DNS Query to Cerber Domain (1cggqc . top) (trojan.rules) 2825083 - ETPRO TROJAN DNS Query to Cerber Domain (12ulcz . top) (trojan.rules) 2825100 - ETPRO TROJAN Crypton .onion Proxy Domain (trojan.rules) 2825120 - ETPRO POLICY DNS Query to .onion proxy Domain (onion . casa) (policy.rules) 2825127 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2825141 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2825156 - ETPRO TROJAN DNS Query to Cerber Domain (14kfoz . top) (trojan.rules) 2825157 - ETPRO TROJAN DNS Query to Cerber Domain (13g2v9 . top) (trojan.rules) 2825158 - ETPRO TROJAN DNS Query to Cerber Domain (1daq6h . top) (trojan.rules) 2825159 - ETPRO TROJAN DNS Query to Cerber Domain (1jh5kv . top) (trojan.rules) 2825160 - ETPRO TROJAN DNS Query to Cerber Domain (1kq4l8 . top) (trojan.rules) 2825161 - ETPRO TROJAN DNS Query to Cerber Domain (1ebvqb . top) (trojan.rules) 2825162 - ETPRO TROJAN DNS Query to Cerber Domain (1bywu2 . top) (trojan.rules) 2825198 - ETPRO TROJAN Win32.Bunitu DNS Lookup (trojan.rules) 2825229 - ETPRO TROJAN MalDoc Downloader .onion Proxy Domain (trojan.rules) 2825262 - ETPRO TROJAN DNS Query to Cerber Domain (1lcteo . top) (trojan.rules) 2825263 - ETPRO TROJAN DNS Query to Cerber Domain (195heb . top) (trojan.rules) 2825264 - ETPRO TROJAN DNS Query to Cerber Domain (1cvmb4 . top) (trojan.rules) 2825265 - ETPRO TROJAN DNS Query to Cerber Domain (1ps36s . top) (trojan.rules) 2825266 - ETPRO TROJAN DNS Query to Cerber Domain (13wm9b . top) (trojan.rules) 2825267 - ETPRO TROJAN DNS Query to Cerber Domain (12vpkc . top) (trojan.rules) 2825268 - ETPRO TROJAN DNS Query to Cerber Domain (12a63k . top) (trojan.rules) 2825269 - ETPRO TROJAN DNS Query to Cerber Domain (15oqwp . top) (trojan.rules) 2825270 - ETPRO TROJAN DNS Query to Cerber Domain (173w9w . top) (trojan.rules) 2825271 - ETPRO TROJAN DNS Query to Cerber Domain (1cw65b . top) (trojan.rules) 2825280 - ETPRO TROJAN DNS Query to Sage Domain (k5hjej9 . com) (trojan.rules) 2825281 - ETPRO TROJAN DNS Query to Sage Domain (io23zc . com) (trojan.rules) 2825282 - ETPRO TROJAN DNS Query to Sage Domain (p0alj2 . com) (trojan.rules) 2825283 - ETPRO TROJAN DNS Query to Sage Domain (2kzm0f . com) (trojan.rules) 2825284 - ETPRO TROJAN DNS Query to Sage Domain (3io74zx . com) (trojan.rules) 2825285 - ETPRO TROJAN DNS Query to Sage Domain (er29sl . in) (trojan.rules) 2825287 - ETPRO TROJAN DNS Query to Sage Domain (rzunt3u2 . com) (trojan.rules) 2825302 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825303 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825304 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825306 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825311 - ETPRO TROJAN Unknown Coinminer .onion Proxy Domain (trojan.rules) 2825313 - ETPRO TROJAN TrumpLocker/VenusLocker .onion Proxy Domain (trojan.rules) 2825322 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2825323 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2825324 - ETPRO TROJAN Satan Ransomware .onion Proxy Domain (trojan.rules) 2825326 - ETPRO TROJAN DNS Query to TorrentLocker Domain (frontmain . pl) (trojan.rules) 2825327 - ETPRO TROJAN DNS Query to TorrentLocker Domain (joygo . pl) (trojan.rules) 2825328 - ETPRO TROJAN DNS Query to TorrentLocker Domain (questpul . pl) (trojan.rules) 2825329 - ETPRO TROJAN DNS Query to TorrentLocker Domain (homewind . pl) (trojan.rules) 2825447 - ETPRO TROJAN DNS Query to Cerber Domain (14udep . top) (trojan.rules) 2825448 - ETPRO TROJAN DNS Query to Cerber Domain (1bzolk . top) (trojan.rules) 2825449 - ETPRO TROJAN DNS Query to Cerber Domain (1axzcw . top) (trojan.rules) 2825450 - ETPRO TROJAN DNS Query to Cerber Domain (1jhnvt . top) (trojan.rules) 2825451 - ETPRO TROJAN DNS Query to Cerber Domain (1dsdm4 . top) (trojan.rules) 2825452 - ETPRO TROJAN DNS Query to Cerber Domain (13xwn9 . top) (trojan.rules) 2825465 - ETPRO TROJAN Unknown MalDoc DNS Lookup (trojan.rules) 2825484 - ETPRO INFO DYNAMIC_DNS Query to a Suspicious *.punkdns.pw Domain (info.rules) 2825494 - ETPRO TROJAN Hidden Tear .onion Proxy Domain (trojan.rules) 2825500 - ETPRO TROJAN DNS Query to Sage Domain (jktew0 . com) (trojan.rules) 2825501 - ETPRO TROJAN DNS Query to Sage Domain (jpo2z1 . net) (trojan.rules) 2825502 - ETPRO TROJAN DNS Query to Cerber Domain (16bwhs . top) (trojan.rules) 2825503 - ETPRO TROJAN DNS Query to Cerber Domain (1ajohk . top) (trojan.rules) 2825504 - ETPRO TROJAN DNS Query to Cerber Domain (1apkjn . top) (trojan.rules) 2825536 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825537 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825538 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825539 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825540 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825541 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825550 - ETPRO TROJAN DustySky Downeks/Quasar/other DNS Lookup (space .support-reg.space) (trojan.rules) 2825551 - ETPRO TROJAN DustySky Downeks/Quasar/other DNS Lookup (news .net-freaks.com) (trojan.rules) 2825560 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules) 2825569 - ETPRO TROJAN Possible PlugX DNS Lookup (trojan.rules) 2825592 - ETPRO TROJAN DNS Query to Sage Domain (we0sgd . com) (trojan.rules) 2825593 - ETPRO TROJAN DNS Query to Sage Domain (lfsjkad . net) (trojan.rules) 2825594 - ETPRO TROJAN DNS Query to Sage Domain (yio3lvx . com) (trojan.rules) 2825595 - ETPRO TROJAN DNS Query to Cerber Domain (1pglcs . top) (trojan.rules) 2825596 - ETPRO TROJAN DNS Query to Cerber Domain (1js3tl . top) (trojan.rules) 2825597 - ETPRO TROJAN DNS Query to Cerber Domain (12t3rn . top) (trojan.rules) 2825598 - ETPRO TROJAN DNS Query to Cerber Domain (1cewld . top) (trojan.rules) 2825599 - ETPRO TROJAN DNS Query to TorrentLocker Domain (hoptrop . pl) (trojan.rules) 2825600 - ETPRO TROJAN DNS Query to TorrentLocker Domain (mailteam . pl) (trojan.rules) 2825601 - ETPRO TROJAN DNS Query to TorrentLocker Domain (frontymen . pl) (trojan.rules) 2825615 - ETPRO TROJAN DNS Query to TorrentLocker Domain (flackbon . tw) (trojan.rules) 2825628 - ETPRO TROJAN DNS Query to TorrentLocker Domain (ifixidea . com) (trojan.rules) 2825637 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2825638 - ETPRO TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2825639 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2825640 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2825649 - ETPRO POLICY DNS Query to .onion proxy Domain (onion . fi) (policy.rules) 2825650 - ETPRO TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) 2825667 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2825668 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2825676 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar DNS Lookup (mobile_malware.rules) 2825708 - ETPRO TROJAN DNS Query to Cerber Domain (18nepv . top) (trojan.rules) 2825709 - ETPRO TROJAN DNS Query to Cerber Domain (1cdqfv . top) (trojan.rules) 2825710 - ETPRO TROJAN DNS Query to Cerber Domain (1a2xx3 . top) (trojan.rules) 2825711 - ETPRO TROJAN DNS Query to Cerber Domain (1gzjuc . top) (trojan.rules) 2825712 - ETPRO TROJAN DNS Query to Cerber Domain (1eeyaj . top) (trojan.rules) 2825713 - ETPRO TROJAN DNS Query to Cerber Domain (1accfa . top) (trojan.rules) 2825714 - ETPRO TROJAN DNS Query to Cerber Domain (13kn4l . top) (trojan.rules) 2825715 - ETPRO TROJAN DNS Query to Cerber Domain (17yo2b . top) (trojan.rules) 2825716 - ETPRO TROJAN DNS Query to Cerber Domain (1qjl23 . top) (trojan.rules) 2825717 - ETPRO TROJAN DNS Query to Cerber Domain (14dr1s . top) (trojan.rules) 2825737 - ETPRO TROJAN DNS Query to Cerber Domain (1jnhdc . top) (trojan.rules) 2825738 - ETPRO TROJAN DNS Query to Cerber Domain (1bas8q . top) (trojan.rules) 2825739 - ETPRO TROJAN DNS Query to Cerber Domain (1jwuaa . top) (trojan.rules) 2825740 - ETPRO TROJAN DNS Query to Cerber Domain (1hpvzl . top) (trojan.rules) 2825741 - ETPRO TROJAN DNS Query to Cerber Domain (1a8u1r . top) (trojan.rules) 2825742 - ETPRO TROJAN DNS Query to Cerber Domain (1eagrj . top) (trojan.rules) 2825743 - ETPRO TROJAN DNS Query to Cerber Domain (14stvt . top) (trojan.rules) 2825744 - ETPRO TROJAN DNS Query to Cerber Domain (18f5bw . top) (trojan.rules) 2825745 - ETPRO TROJAN DNS Query to Cerber Domain (1fzz7a . top) (trojan.rules) 2825746 - ETPRO TROJAN DNS Query to Cerber Domain (1mat7v . top) (trojan.rules) 2825747 - ETPRO TROJAN DNS Query to Cerber Domain (1w5iy8 . top) (trojan.rules) 2825748 - ETPRO TROJAN DNS Query to Cerber Domain (1acfka . top) (trojan.rules) 2825749 - ETPRO TROJAN DNS Query to Sage Domain (y8lkjg5 . net) (trojan.rules) 2825778 - ETPRO TROJAN DNS Query to Cerber Domain (1mvku2 . top) (trojan.rules) 2825779 - ETPRO TROJAN DNS Query to Cerber Domain (1qk2un . top) (trojan.rules) 2825780 - ETPRO TROJAN DNS Query to Cerber Domain (1gswwp . top) (trojan.rules) 2825781 - ETPRO TROJAN DNS Query to Cerber Domain (13eymq . top) (trojan.rules) 2825782 - ETPRO TROJAN DNS Query to Cerber Domain (1aamtz . top) (trojan.rules) 2825783 - ETPRO TROJAN DNS Query to Cerber Domain (1mswjm . top) (trojan.rules) 2825784 - ETPRO TROJAN DNS Query to Cerber Domain (1fy93v . top) (trojan.rules) 2825785 - ETPRO TROJAN DNS Query to Cerber Domain (14klmz . top) (trojan.rules) 2825786 - ETPRO TROJAN DNS Query to Cerber Domain (1xynaz . top) (trojan.rules) 2825787 - ETPRO TROJAN DNS Query to Cerber Domain (1ppto6 . top) (trojan.rules) 2825788 - ETPRO TROJAN APT28 Unknown DNS Lookup (trojan.rules) 2825799 - ETPRO TROJAN Targeted/Possible APT ScanBox DNS Lookup (trojan.rules) 2825800 - ETPRO TROJAN DNS Query to Cerber Domain (1aajb7 . top) (trojan.rules) 2825801 - ETPRO TROJAN DNS Query to Cerber Domain (1gunao . top) (trojan.rules) 2825802 - ETPRO TROJAN DNS Query to Cerber Domain (1nm62r . top) (trojan.rules) 2825803 - ETPRO TROJAN DNS Query to Cerber Domain (1gu5um . top) (trojan.rules) 2825804 - ETPRO TROJAN DNS Query to Cerber Domain (1grvue . top) (trojan.rules) 2825805 - ETPRO TROJAN DNS Query to Cerber Domain (142djp . top) (trojan.rules) 2825806 - ETPRO TROJAN DNS Query to Cerber Domain (1bcxcs . top) (trojan.rules) 2825807 - ETPRO TROJAN DNS Query to Cerber Domain (1czh7o . top) (trojan.rules) 2825830 - ETPRO TROJAN DNS Query to Cerber Domain (1a7wnt . top) (trojan.rules) 2825836 - ETPRO MOBILE_MALWARE Android/Koler.AS DNS Lookup (mobile_malware.rules) 2825837 - ETPRO MOBILE_MALWARE Android/Koler.AS DNS Lookup 2 (mobile_malware.rules) 2825838 - ETPRO MOBILE_MALWARE Android/Koler.AS DNS Lookup 3 (mobile_malware.rules) 2825839 - ETPRO MOBILE_MALWARE Android/Koler.AS DNS Lookup 4 (mobile_malware.rules) 2825840 - ETPRO MOBILE_MALWARE Android/Koler.AS DNS Lookup 5 (mobile_malware.rules) 2825841 - ETPRO MOBILE_MALWARE Android/Koler.AS DNS Lookup 6 (mobile_malware.rules) 2825842 - ETPRO MOBILE_MALWARE Android/Koler.AS DNS Lookup 7 (mobile_malware.rules) 2825955 - ETPRO TROJAN DNS Query to Cerber Domain (1npg9s . top) (trojan.rules) 2825956 - ETPRO TROJAN DNS Query to Cerber Domain (1nhkou . top) (trojan.rules) 2825961 - ETPRO TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2826044 - ETPRO TROJAN Oilrig VBS DNS Lookup (trojan.rules) 2826055 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh DNS Lookup (mobile_malware.rules) 2826056 - ETPRO TROJAN DNS Query to Cerber Domain (1j2ien . top) (trojan.rules) 2826057 - ETPRO TROJAN DNS Query to Cerber Domain (12smak . top) (trojan.rules) 2826059 - ETPRO TROJAN DNS Query to Cerber Domain (15bjqq . top) (trojan.rules) 2826060 - ETPRO TROJAN DNS Query to Cerber Domain (1ms2rx . top) (trojan.rules) 2826062 - ETPRO TROJAN DNS Query to Cerber Domain (12zucf . top) (trojan.rules) 2826063 - ETPRO TROJAN DNS Query to Cerber Domain (1ntyds . top) (trojan.rules) 2826064 - ETPRO TROJAN DNS Query to Cerber Domain (1c7osg . top) (trojan.rules) 2826065 - ETPRO TROJAN DNS Query to Cerber Domain (1cnkik . top) (trojan.rules) 2826066 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2826076 - ETPRO TROJAN DNS Query to Cerber Domain (1m3xsy . top) (trojan.rules) 2826077 - ETPRO TROJAN DNS Query to Cerber Domain (12bxp9 . top) (trojan.rules) 2826078 - ETPRO TROJAN DNS Query to Cerber Domain (1jpb8w . top) (trojan.rules) 2826079 - ETPRO TROJAN DNS Query to Cerber Domain (19hj4f . top) (trojan.rules) 2826120 - ETPRO TROJAN DNS Query to Sage Domain (qlkrwn . com) (trojan.rules) 2826121 - ETPRO TROJAN DNS Query to Cerber Domain (1c1ajf . top) (trojan.rules) 2826122 - ETPRO TROJAN DNS Query to Cerber Domain (1nkkem . top) (trojan.rules) 2826124 - ETPRO TROJAN DNS Query to Cerber Domain (17u2yg . top) (trojan.rules) 2826125 - ETPRO TROJAN DNS Query to Cerber Domain (17m14u . top) (trojan.rules) 2826126 - ETPRO TROJAN DNS Query to Cerber Domain (1mee2x . top) (trojan.rules) 2826127 - ETPRO TROJAN DNS Query to Cerber Domain (1g6evx . top) (trojan.rules) 2826128 - ETPRO TROJAN DNS Query to Cerber Domain (13bi2c . top) (trojan.rules) 2826129 - ETPRO TROJAN DNS Query to Cerber Domain (1j43kf . top) (trojan.rules) 2826130 - ETPRO TROJAN DNS Query to Cerber Domain (1evjph . top) (trojan.rules) 2826131 - ETPRO TROJAN DNS Query to Cerber Domain (1fnjrj . top) (trojan.rules) 2826132 - ETPRO TROJAN DNS Query to Cerber Domain (14szpx . top) (trojan.rules) 2826169 - ETPRO TROJAN DNS Query to Sage Domain (xcvkjet . com) (trojan.rules) 2826170 - ETPRO TROJAN DNS Query to Cerber Domain (1nprob . top) (trojan.rules) 2826171 - ETPRO TROJAN DNS Query to Cerber Domain (1fygsg . top) (trojan.rules) 2826172 - ETPRO TROJAN DNS Query to Cerber Domain (1kyjw7 . top) (trojan.rules) 2826173 - ETPRO TROJAN DNS Query to Cerber Domain (1mwvgh . top) (trojan.rules) 2826186 - ETPRO TROJAN ABUSE.CH TorrentLocker Payment Domain (micronit . tw) (trojan.rules) 2826187 - ETPRO TROJAN ABUSE.CH TorrentLocker Payment Domain (winregion . tw) (trojan.rules) 2826188 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (area.wthelpdesk .com) (trojan.rules) 2826189 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (dick.ccfchrist .com) (trojan.rules) 2826190 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (fukuoka.cloud-maste .com) (trojan.rules) 2826191 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (inspgon.re26 .com) (trojan.rules) 2826192 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (jepsen.r3u8 .com) (trojan.rules) 2826193 - ETPRO TROJAN ABUSE.CH TorrentLocker Payment Domain (flackbon . tw) (trojan.rules) 2826194 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (jimin.jimindaddy .com) (trojan.rules) 2826195 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (kawasaki.unhamj .com) (trojan.rules) 2826196 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (nttdata.otzo .com) (trojan.rules) 2826197 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (sakai.unhamj .com) (trojan.rules) 2826198 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (scorpion.poulsenv .com) (trojan.rules) 2826199 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (trout.belowto .com) (trojan.rules) 2826200 - ETPRO TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (zebra.wthelpdesk .com) (trojan.rules) 2826216 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826219 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826220 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826221 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826222 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826223 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826224 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826225 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826226 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826227 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826228 - ETPRO TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826258 - ETPRO TROJAN DNS Query to Sage Domain (xcvkjet . net) (trojan.rules) 2826259 - ETPRO TROJAN Likely APT28 XAgent or Uploader DNS Lookup (trojan.rules) 2826260 - ETPRO TROJAN DNS Query to Cerber Domain (1khwro . top) (trojan.rules) 2826261 - ETPRO TROJAN DNS Query to Cerber Domain (1pbfky . top) (trojan.rules) 2826262 - ETPRO TROJAN DNS Query to Cerber Domain (17gvad . top) (trojan.rules) 2826263 - ETPRO TROJAN DNS Query to Cerber Domain (19xvyd . top) (trojan.rules) 2826264 - ETPRO TROJAN DNS Query to Cerber Domain (15e8hv . top) (trojan.rules) 2826265 - ETPRO TROJAN DNS Query to Cerber Domain (1gvyo8 . top) (trojan.rules) 2826266 - ETPRO TROJAN DNS Query to Cerber Domain (1jzmjr . top) (trojan.rules) 2826267 - ETPRO TROJAN DNS Query to Cerber Domain (13bcem . top) (trojan.rules) 2826268 - ETPRO TROJAN DNS Query to Cerber Domain (1fzjn3 . top) (trojan.rules) 2826269 - ETPRO TROJAN DNS Query to Cerber Domain (12hxjv . top) (trojan.rules) 2826270 - ETPRO TROJAN DNS Query to Cerber Domain (1wmvk2 . top) (trojan.rules) 2826271 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2826272 - ETPRO TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2826273 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2826274 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2826275 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2826276 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2826282 - ETPRO TROJAN IsmDoor DNS C2 Domain Name (trojan.rules) 2826283 - ETPRO TROJAN IsmDoor DNS C2 Domain Name (trojan.rules) 2826284 - ETPRO TROJAN IsmDoor DNS C2 Initial Data Sent (trojan.rules) 2826288 - ETPRO TROJAN IsmDoor DNS C2 Domain Name (trojan.rules) 2826289 - ETPRO TROJAN IsmDoor DNS C2 Domain Name (trojan.rules) 2826375 - ETPRO TROJAN DNS Query to Sage Domain (eho23d . net) (trojan.rules) 2826376 - ETPRO TROJAN DNS Query to Cerber Domain (1mqvsc . top) (trojan.rules) 2826377 - ETPRO TROJAN DNS Query to Cerber Domain (133chr . top) (trojan.rules) 2826378 - ETPRO TROJAN DNS Query to Cerber Domain (1hkjl3 . top) (trojan.rules) 2826379 - ETPRO TROJAN DNS Query to Cerber Domain (1jyhqc . top) (trojan.rules) 2826380 - ETPRO TROJAN DNS Query to Cerber Domain (1fgsmc . top) (trojan.rules) 2826382 - ETPRO TROJAN DNS Query to Cerber Domain (12m58x . top) (trojan.rules) 2826383 - ETPRO TROJAN DNS Query to Cerber Domain (127axt . top) (trojan.rules) 2826384 - ETPRO TROJAN DNS Query to Cerber Domain (16nxpn . top) (trojan.rules) 2826412 - ETPRO TROJAN DNS Query to Cerber Domain (15mwt4 . top) (trojan.rules) 2826413 - ETPRO TROJAN DNS Query to Cerber Domain (1lqrja . top) (trojan.rules) 2826414 - ETPRO TROJAN DNS Query to Cerber Domain (1kw51p . top) (trojan.rules) 2826416 - ETPRO TROJAN DNS Query to Cerber Domain (1eetmp . top) (trojan.rules) 2826417 - ETPRO TROJAN DNS Query to Cerber Domain (13ydzv . top) (trojan.rules) 2826418 - ETPRO TROJAN DNS Query to Cerber Domain (1mfakx . top) (trojan.rules) 2826419 - ETPRO TROJAN DNS Query to Cerber Domain (17kc8y . top) (trojan.rules) 2826468 - ETPRO TROJAN PyCL/Fatboy CnC .onion domain observed (3khfaxau73df3p3t) (trojan.rules) 2826493 - ETPRO TROJAN DNS Query to Sage Domain (je9mlz . com) (trojan.rules) 2826494 - ETPRO TROJAN DNS Query to Cerber Domain (14ewqv . top) (trojan.rules) 2826495 - ETPRO TROJAN DNS Query to Cerber Domain (1fu8p3 . top) (trojan.rules) 2826496 - ETPRO TROJAN DNS Query to Cerber Domain (1pxbfh . top) (trojan.rules) 2826497 - ETPRO TROJAN DNS Query to Cerber Domain (19xdpm . top) (trojan.rules) 2826498 - ETPRO TROJAN Steam PWS DNS Lookup (trojan.rules) 2826524 - ETPRO TROJAN Observed DNS Request for Mole Ransomware Payment Domain (trojan.rules) 2826546 - ETPRO INFO Observed DNS Query for DDNS domain (camerakeeper .tv) (info.rules) 2826577 - ETPRO TROJAN DNS Query to Cerber Domain (1fgywm . top) (trojan.rules) 2826578 - ETPRO TROJAN DNS Query to Cerber Domain (1kraqn . top) (trojan.rules) 2826579 - ETPRO TROJAN DNS Query to Cerber Domain (fgfid6 . win) (trojan.rules) 2826580 - ETPRO TROJAN DNS Query to Cerber Domain (1dq6nd . top) (trojan.rules) 2826581 - ETPRO TROJAN DNS Query to Cerber Domain (13qgdd . top) (trojan.rules) 2826582 - ETPRO TROJAN DNS Query to Cerber Domain (1bu9xu . top) (trojan.rules) 2826583 - ETPRO TROJAN DNS Query to Cerber Domain (to6maq . win) (trojan.rules) 2826584 - ETPRO TROJAN DNS Query to Cerber Domain (1lfyy4 . top) (trojan.rules) 2826585 - ETPRO TROJAN DNS Query to Cerber Domain (metpast . site) (trojan.rules) 2826586 - ETPRO TROJAN DNS Query to Cerber Domain (lfotp5 . win) (trojan.rules) 2826593 - ETPRO INFO TCP DNS Query Domain .bit (Namecoin) (info.rules) 2826640 - ETPRO TROJAN HiddenTear Ransomware KKK Variant DNS Lookup (trojan.rules) 2826641 - ETPRO TROJAN HiddenTear Ransomware KKK Variant DNS Lookup (trojan.rules) 2826704 - ETPRO TROJAN OSX/Spy.MacSpy DNS Query (trojan.rules) 2826751 - ETPRO TROJAN DNS Query to Sage Domain (17b3o . net) (trojan.rules) 2826752 - ETPRO TROJAN DNS Query to Sage Domain (2igu316 . com) (trojan.rules) 2826753 - ETPRO TROJAN DNS Query to Cerber Domain (1dvqvh . top) (trojan.rules) 2826754 - ETPRO TROJAN DNS Query to Cerber Domain (1fel3k . top) (trojan.rules) 2826755 - ETPRO TROJAN DNS Query to Cerber Domain (1aq4sz . top) (trojan.rules) 2826756 - ETPRO TROJAN DNS Query to Cerber Domain (19s7gy . top) (trojan.rules) 2826757 - ETPRO TROJAN DNS Query to Cerber Domain (9u3iy1 . top) (trojan.rules) 2826758 - ETPRO TROJAN DNS Query to Cerber Domain (12gsjz . top) (trojan.rules) 2826759 - ETPRO TROJAN DNS Query to Cerber Domain (1pymg3 . top) (trojan.rules) 2826760 - ETPRO TROJAN DNS Query to Cerber Domain (13khiv . top) (trojan.rules) 2826761 - ETPRO TROJAN DNS Query to Cerber Domain (1b8tmn . top) (trojan.rules) 2826762 - ETPRO TROJAN DNS Query to Cerber Domain (135nt3 . top) (trojan.rules) 2826789 - ETPRO TROJAN DNS Query to Cerber Domain (1p5fwl . top) (trojan.rules) 2826790 - ETPRO TROJAN DNS Query to Cerber Domain (086ux2 . top) (trojan.rules) 2826791 - ETPRO TROJAN DNS Query to Cerber Domain (12nwsv . top) (trojan.rules) 2826792 - ETPRO TROJAN DNS Query to Cerber Domain (1gqrpq . top) (trojan.rules) 2826793 - ETPRO TROJAN DNS Query to Cerber Domain (15u3kg . top) (trojan.rules) 2826794 - ETPRO TROJAN DNS Query to Cerber Domain (11bwgu . top) (trojan.rules) 2826795 - ETPRO TROJAN DNS Query to Cerber Domain (bcjl1h . top) (trojan.rules) 2826796 - ETPRO TROJAN DNS Query to Cerber Domain (uwckha . top) (trojan.rules) 2826797 - ETPRO TROJAN DNS Query to Cerber Domain (1gredn . top) (trojan.rules) 2826798 - ETPRO TROJAN DNS Query to Cerber Domain (1aqq5k . top) (trojan.rules) 2826811 - ETPRO TROJAN Erebus Ransomware Onion Domain (trojan.rules) 2826812 - ETPRO TROJAN Erebus Ransomware Onion Domain (trojan.rules) 2826837 - ETPRO TROJAN KaroCrypt Ransomware Onion Domain (trojan.rules) 2826848 - ETPRO TROJAN DNS Query to Cerber Domain (15qq4s . top) (trojan.rules) 2826849 - ETPRO TROJAN DNS Query to Cerber Domain (asd3r3 . win) (trojan.rules) 2826850 - ETPRO TROJAN DNS Query to Cerber Domain (16l1zt . top) (trojan.rules) 2826852 - ETPRO TROJAN DNS Query to Cerber Domain (1gy9bo . top) (trojan.rules) 2826853 - ETPRO TROJAN DNS Query to Cerber Domain (17rm9b . top) (trojan.rules) 2826854 - ETPRO TROJAN DNS Query to Cerber Domain (1apgrn . top) (trojan.rules) 2826855 - ETPRO TROJAN DNS Query to Cerber Domain (1k6bas . top) (trojan.rules) 2826856 - ETPRO TROJAN DNS Query to Cerber Domain (o8hpwj . top) (trojan.rules) 2826857 - ETPRO TROJAN DNS Query to Cerber Domain (1azkux . top) (trojan.rules) 2826858 - ETPRO TROJAN DNS Query to Cerber Domain (12uzfa . top) (trojan.rules) 2826859 - ETPRO TROJAN DNS Query to Cerber Domain (179tnk . top) (trojan.rules) 2826999 - ETPRO TROJAN Win32/Neshta.A DNS Lookup (trojan.rules) 2827011 - ETPRO TROJAN DNS Query to Cerber Domain (1ewuh5 . top) (trojan.rules) 2827012 - ETPRO TROJAN DNS Query to Cerber Domain (1ltyev . top) (trojan.rules) 2827013 - ETPRO TROJAN DNS Query to Cerber Domain (18dwag . top) (trojan.rules) 2827014 - ETPRO TROJAN DNS Query to Cerber Domain (1jyrty . top) (trojan.rules) 2827015 - ETPRO TROJAN DNS Query to Cerber Domain (1t2jhk . top) (trojan.rules) 2827016 - ETPRO TROJAN DNS Query to Cerber Domain (18ggbf . top) (trojan.rules) 2827017 - ETPRO TROJAN DNS Query to Cerber Domain (16umxg . top) (trojan.rules) 2827018 - ETPRO TROJAN DNS Query to Cerber Domain (17ipn9 . top) (trojan.rules) 2827019 - ETPRO TROJAN DNS Query to Cerber Domain (1cgbcv . top) (trojan.rules) 2827020 - ETPRO TROJAN DNS Query to Cerber Domain (1gyvrz . top) (trojan.rules) 2827021 - ETPRO TROJAN DNS Query to Cerber Domain (1e47tj . top) (trojan.rules) 2827022 - ETPRO TROJAN DNS Query to Cerber Domain (1e1y8p . top) (trojan.rules) 2827023 - ETPRO TROJAN DNS Query to Cerber Domain (1blery . top) (trojan.rules) 2827024 - ETPRO TROJAN DNS Query to Cerber Domain (1kjhhf . top) (trojan.rules) 2827025 - ETPRO TROJAN DNS Query to Cerber Domain (15ezkm . top) (trojan.rules) 2827113 - ETPRO TROJAN Observed DNS Query to Ovidiy Stealer CnC Domain (trojan.rules) 2827121 - ETPRO TROJAN Unknown Downloader DNS Query (trojan.rules) 2827124 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2827141 - ETPRO TROJAN Powershell Ransomware Onion Domain (trojan.rules) 2827142 - ETPRO TROJAN Powershell Ransomware Onion Domain (trojan.rules) 2827151 - ETPRO TROJAN Erebus Ransomware Onion Domain (gbe0 . top) (trojan.rules) 2827161 - ETPRO TROJAN Win32/FileCoder.Philadelphia DNS Query (trojan.rules) 2827162 - ETPRO POLICY DNS Query to .onion proxy Domain (grams . site) (policy.rules) 2827163 - ETPRO POLICY DNS Query to .onion proxy Domain (onion . dog) (policy.rules) 2827164 - ETPRO TROJAN DNS Query to TorrentLocker Domain (jhfuhkg . pl) (trojan.rules) 2827165 - ETPRO TROJAN Erebus Ransomware Onion Domain (trojan.rules) 2827166 - ETPRO TROJAN Erebus Ransomware Onion Domain (trojan.rules) 2827190 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2827191 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2827204 - ETPRO TROJAN Observed DNS Query to Known Win32/Ardamax Keylogger CnC Domain (trojan.rules) 2827206 - ETPRO TROJAN Win32/Godzilla.Downloader CnC DNS Query (perefacki . eu) (trojan.rules) 2827207 - ETPRO TROJAN Win32/Godzilla.Downloader CnC DNS Query (morefitggr . eu) (trojan.rules) 2827208 - ETPRO TROJAN Win32/Godzilla.Downloader CnC DNS Query (salemalertoy . eu) (trojan.rules) 2827209 - ETPRO TROJAN Win32/Godzilla.Downloader CnC DNS Query (kuseyambar . eu) (trojan.rules) 2827210 - ETPRO TROJAN Win32/Godzilla.Downloader CnC DNS Query (bokergrop . eu) (trojan.rules) 2827226 - ETPRO TROJAN Win32/Reconyc.iddk CnC DNS Query (trojan.rules) 2827268 - ETPRO TROJAN Donoff .onion Proxy Domain DNS Lookup (trojan.rules) 2827274 - ETPRO TROJAN DNS Query to Cerber Domain (1n5mod . top) (trojan.rules) 2827275 - ETPRO TROJAN DNS Query to Cerber Domain (1mpsnr . top) (trojan.rules) 2827276 - ETPRO TROJAN DNS Query to Cerber Domain (1eiuce . top) (trojan.rules) 2827277 - ETPRO TROJAN DNS Query to Cerber Domain (1j9jad . top) (trojan.rules) 2827298 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules) 2827299 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules) 2827300 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules) 2827301 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules) 2827302 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules) 2827304 - ETPRO MOBILE_MALWARE Android.Trojan.Downloader.JP DNS Lookup (mobile_malware.rules) 2827305 - ETPRO TROJAN DNS Query to Cerber Domain (18ey8e . top) (trojan.rules) 2827306 - ETPRO TROJAN DNS Query to Cerber Domain (1ns1hx . top) (trojan.rules) 2827307 - ETPRO TROJAN DNS Query to Cerber Domain (18rkju . top) (trojan.rules) 2827308 - ETPRO TROJAN DNS Query to Cerber Domain (gkfit9 . top) (trojan.rules) 2827309 - ETPRO TROJAN DNS Query to Cerber Domain (1csesc . top) (trojan.rules) 2827310 - ETPRO TROJAN DNS Query to Cerber Domain (1a2jzy . top) (trojan.rules) 2827311 - ETPRO TROJAN DNS Query to Cerber Domain (18lmhb . top) (trojan.rules) 2827312 - ETPRO TROJAN DNS Query to Cerber Domain (1mfmkz . top) (trojan.rules) 2827320 - ETPRO TROJAN DNS Query to Cerber Domain (12f53x . top) (trojan.rules) 2827321 - ETPRO TROJAN DNS Query to Cerber Domain (1mnsg6 . top) (trojan.rules) 2827322 - ETPRO TROJAN DNS Query to Cerber Domain (1ebjjq . top) (trojan.rules) 2827323 - ETPRO TROJAN DNS Query to Cerber Domain (1225wj . top) (trojan.rules) 2827324 - ETPRO TROJAN DNS Query to Cerber Domain (1pcvko . top) (trojan.rules) 2827325 - ETPRO TROJAN DNS Query to Cerber Domain (m5gid4 . top) (trojan.rules) 2827326 - ETPRO TROJAN DNS Query to Cerber Domain (143kzi . top) (trojan.rules) 2827327 - ETPRO TROJAN DNS Query to Cerber Domain (17cwdi . top) (trojan.rules) 2827329 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup (mobile_malware.rules) 2827330 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 2 (mobile_malware.rules) 2827331 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 3 (mobile_malware.rules) 2827332 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 4 (mobile_malware.rules) 2827333 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 5 (mobile_malware.rules) 2827334 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 6 (mobile_malware.rules) 2827335 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 7 (mobile_malware.rules) 2827336 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 8 (mobile_malware.rules) 2827337 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 9 (mobile_malware.rules) 2827338 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 10 (mobile_malware.rules) 2827339 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 11 (mobile_malware.rules) 2827340 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 12 (mobile_malware.rules) 2827341 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 13 (mobile_malware.rules) 2827342 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 14 (mobile_malware.rules) 2827343 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 15 (mobile_malware.rules) 2827344 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 16 (mobile_malware.rules) 2827345 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 17 (mobile_malware.rules) 2827346 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 18 (mobile_malware.rules) 2827347 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 19 (mobile_malware.rules) 2827351 - ETPRO MOBILE_MALWARE Android/Triada.EG DNS Lookup (mobile_malware.rules) 2827352 - ETPRO TROJAN DNS Query to Cerber Domain (1jrkyn . top) (trojan.rules) 2827353 - ETPRO TROJAN DNS Query to Cerber Domain (1fnhyq . top) (trojan.rules) 2827354 - ETPRO TROJAN DNS Query to Cerber Domain (1jfjhb . top) (trojan.rules) 2827355 - ETPRO TROJAN DNS Query to Cerber Domain (14o2wp . top) (trojan.rules) 2827356 - ETPRO TROJAN DNS Query to Cerber Domain (1jmu65 . top) (trojan.rules) 2827357 - ETPRO TROJAN DNS Query to Cerber Domain (12ct4c . top) (trojan.rules) 2827366 - ETPRO TROJAN DNS Query to Cerber Domain (1gjpzp . top) (trojan.rules) 2827367 - ETPRO TROJAN DNS Query to Cerber Domain (1e6ly3 . top) (trojan.rules) 2827368 - ETPRO TROJAN DNS Query to Cerber Domain (19grai . top) (trojan.rules) 2827369 - ETPRO TROJAN DNS Query to Cerber Domain (1cosak . top) (trojan.rules) 2827370 - ETPRO TROJAN DNS Query to Cerber Domain (19ckzf . top) (trojan.rules) 2827390 - ETPRO TROJAN GlobeImposter Ransomware Onion Domain (trojan.rules) 2827401 - ETPRO TROJAN DNS Query to Cerber Domain (1fttxm . top) (trojan.rules) 2827402 - ETPRO TROJAN DNS Query to Cerber Domain (1fcfjn . top) (trojan.rules) 2827403 - ETPRO TROJAN DNS Query to Cerber Domain (1bcnad . top) (trojan.rules) 2827404 - ETPRO TROJAN DNS Query to Cerber Domain (18zrup . top) (trojan.rules) 2827405 - ETPRO TROJAN DNS Query to Cerber Domain (13iuvw . top) (trojan.rules) 2827406 - ETPRO TROJAN DNS Query to Cerber Domain (19kdeh . top) (trojan.rules) 2827407 - ETPRO TROJAN DNS Query to Cerber Domain (16hwwh . top) (trojan.rules) 2827408 - ETPRO TROJAN DNS Query to Cerber Domain (17gcun . top) (trojan.rules) 2827409 - ETPRO TROJAN DNS Query to Cerber Domain (158ugp . top) (trojan.rules) 2827410 - ETPRO TROJAN DNS Query to Cerber Domain (1mkwry . top) (trojan.rules) 2827411 - ETPRO TROJAN DNS Query to Cerber Domain (16g9ub . top) (trojan.rules) 2827420 - ETPRO TROJAN Ransomware/Zyklon Onion Domain Lookup (trojan.rules) 2827426 - ETPRO TROJAN W32/Unknown DNS Query for CnC Checkin via TOR (trojan.rules) 2827454 - ETPRO TROJAN DNS Query For Known Upatre Downloader Domain (maitikio . com) (trojan.rules) 2827455 - ETPRO TROJAN DNS Query For Known Upatre Downloader Domain (cry-havok . org) (trojan.rules) 2827492 - ETPRO TROJAN Win32/Fynloski.AA DNS query for CnC (trojan.rules) 2827547 - ETPRO TROJAN Win32/Nuclear CnC DNS Query (trojan.rules) 2827564 - ETPRO TROJAN Ransomware Locky .onion Payment Domain (g46mbrrzpfszonuk) (trojan.rules) 2827583 - ETPRO TROJAN Compromised Chrome Extension DNS Lookup (trojan.rules) 2827584 - ETPRO TROJAN Compromised Chrome Extension DNS Lookup (trojan.rules) 2827585 - ETPRO TROJAN Compromised Chrome Extension DNS Lookup (trojan.rules) 2827587 - ETPRO TROJAN Compromised Chrome Extension DNS Lookup (trojan.rules) 2827588 - ETPRO TROJAN Compromised Chrome Extension DNS Lookup (trojan.rules) 2827596 - ETPRO TROJAN DNS Query for known Win32/Agent.SPU CnC (trojan.rules) 2827636 - ETPRO TROJAN DNS Query to TorrentLocker Domain (njnitj . micronit . tw) (trojan.rules) 2827638 - ETPRO TROJAN DNS Query to Cerber Domain (m7f27y . bid) (trojan.rules) 2827644 - ETPRO TROJAN DNS Query to Cerber Domain (1dp6un . top) (trojan.rules) 2827645 - ETPRO TROJAN DNS Query to Cerber Domain (l7g2sv . bid) (trojan.rules) 2827646 - ETPRO TROJAN DNS Query to Cerber Domain (1hw36d . top) (trojan.rules) 2827648 - ETPRO TROJAN DNS Query to Cerber Domain (tg4d0x . top) (trojan.rules) 2827649 - ETPRO TROJAN DNS Query to Cerber Domain (xreb38 . top) (trojan.rules) 2827650 - ETPRO TROJAN DNS Query to Cerber Domain (47riy1 . top) (trojan.rules) 2827651 - ETPRO TROJAN DNS Query to Cerber Domain (2hr4fs . top) (trojan.rules) 2827652 - ETPRO TROJAN DNS Query to Cerber Domain (9k6lwu . top) (trojan.rules) 2827660 - ETPRO TROJAN Nm4 Ransomware Onion Domain (trojan.rules) 2827679 - ETPRO TROJAN DNS Query to Cerber Domain (onl98g . top) (trojan.rules) 2827680 - ETPRO TROJAN DNS Query to Cerber Domain (c3rczu . top) (trojan.rules) 2827681 - ETPRO TROJAN DNS Query to Cerber Domain (pr52ni . top) (trojan.rules) 2827688 - ETPRO MALWARE Adware DNS Request (malware.rules) 2827694 - ETPRO TROJAN Win32/TrojanDownloader.Agent.DOO malicious DNS query observed (trojan.rules) 2827696 - ETPRO TROJAN MSIL/Injector.SPK CnC DNS query observed (trojan.rules) 2827723 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827724 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827725 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827726 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827727 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827728 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827729 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827730 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827731 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827732 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827733 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827734 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827735 - ETPRO CURRENT_EVENTS Malicious Redirector (SocEng) DNS Request (current_events.rules) 2827741 - ETPRO TROJAN Bitpaymer Ransomware Domain Detected (trojan.rules) 2827779 - ETPRO TROJAN DNS Query to Cerber Domain (1e1jbc . top) (trojan.rules) 2827780 - ETPRO TROJAN DNS Query to Cerber Domain (17xukb . top) (trojan.rules) 2827858 - ETPRO TROJAN VB:Trojan.Valyria Downloader DNS Query (kekeoffer . com) (trojan.rules) 2827859 - ETPRO TROJAN DNS Query to Cerber Domain (1kh9ct . top) (trojan.rules) 2827860 - ETPRO TROJAN DNS Query to Cerber Domain (1hbdbx . top) (trojan.rules) 2827861 - ETPRO TROJAN DNS Query to Cerber Domain (13gpqd . top) (trojan.rules) 2827862 - ETPRO TROJAN DNS Query to Cerber Domain (1fs9pz . top) (trojan.rules) 2827863 - ETPRO TROJAN DNS Query to Cerber Domain (14jqyo . top) (trojan.rules) 2827864 - ETPRO TROJAN DNS Query to Cerber Domain (13rdvu . top) (trojan.rules) 2827924 - ETPRO TROJAN DNS Query to Cerber Domain (1nzpby . top) (trojan.rules) 2827925 - ETPRO TROJAN DNS Query to Cerber Domain (1aj1bb . top) (trojan.rules) 2827926 - ETPRO TROJAN DNS Query to Sage Domain (l3by4d . com) (trojan.rules) 2828000 - ETPRO MOBILE_MALWARE Android/Spy.Agent.AEY DNS Lookup (mobile_malware.rules) 2828002 - ETPRO MOBILE_MALWARE Android/Spy.Agent.AEY DNS Lookup 2 (mobile_malware.rules) 2828009 - ETPRO TROJAN DNS Query to Cerber Domain (17q8f6 . top) (trojan.rules) 2828010 - ETPRO TROJAN DNS Query to Cerber Domain (1d88b8 . top) (trojan.rules) 2828050 - ETPRO TROJAN Corebot DNS Lookup (Dropper) (trojan.rules) 2828079 - ETPRO MOBILE_MALWARE Android-Trojan/Marcher.5ad46 DNS Lookup (mobile_malware.rules) 2828090 - ETPRO POLICY External IP Lookup Domain (ip.anysrc .net in DNS lookup) (policy.rules) 2828091 - ETPRO POLICY External IP Lookup Domain (whatsmyip .website in DNS lookup) (policy.rules) 2828154 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.KG DNS Lookup (mobile_malware.rules) 2828155 - ETPRO MOBILE_MALWARE Android/FakeApp.DR DNS Lookup (mobile_malware.rules) 2828156 - ETPRO MOBILE_MALWARE Android/FakeApp.DR DNS Lookup 2 (mobile_malware.rules) 2828159 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2828161 - ETPRO TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2828163 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2828182 - ETPRO TROJAN DNS Query FreeMilk Payload CnC Server (trojan.rules) 2828301 - ETPRO MOBILE_MALWARE Android/Spy.Agent.ACD DNS Lookup (mobile_malware.rules) 2828310 - ETPRO MOBILE_MALWARE Android/DoubleLocker.A DNS Lookup (mobile_malware.rules) 2828341 - ETPRO TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2828342 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2828504 - ETPRO TROJAN APT28 DDEAUTO DNS Lookup (trojan.rules) 2828505 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2828544 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2829334 - ETPRO TROJAN Ransomware/Zyklon Onion Domain (nguyavr7weofo5t4 in DNS Lookup) (trojan.rules) 2830030 - ETPRO TROJAN Sdbmine Monero Miner XMR-Proxy DNS Lookup (trojan.rules) 2830141 - ETPRO TROJAN Malicious PS Dropper Domain (dns .relogh .com in DNS Lookup) (trojan.rules) [---] Removed rules: [---] 2838207 - ETPRO MALWARE MSIL/AlphaStealer PWS Exfil via HTTP M2 (malware.rules) [+++] Added non-rule lines: [+++] -> Added to sid-msg.map (40): 2027940 || ET MOBILE_MALWARE Evil Eye Android Malware Beacon || url,www.volexity.com/blog/2019/09/02/digital-crackdown-large-scale-surveillance-and-exploitation-of-uyghurs/ 2027941 || ET POLICY DNS Query to a Reverse Proxy Service Observed 2027942 || ET POLICY DNS Query to a Reverse Proxy Service Observed 2027943 || ET POLICY DNS Query to a Reverse Proxy Service Observed 2523490 || ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 746 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523492 || ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 747 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2523494 || ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 748 || url,doc.emergingthreats.net/bin/view/Main/TorRules 2838207 || ETPRO TROJAN MSIL/AlphaStealer PWS Exfil via HTTP M2 || md5,f74198f26a760df9bd966746b4bae1c0 2838254 || ETPRO CURRENT_EVENTS Successful Yahoo Phish 2019-09-03 2838255 || ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-09-03 2838256 || ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-09-03 2838257 || ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-09-03 2838258 || ETPRO CURRENT_EVENTS Successful Yahoo Capital One Phish 2019-09-03 2838259 || ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-09-03 2838260 || ETPRO CURRENT_EVENTS Successful Raiffeisen Bank Phish 2019-09-03 2838261 || ETPRO CURRENT_EVENTS Successful Banco de Oro Phish 2019-09-03 2838262 || ETPRO CURRENT_EVENTS Successful CenturyLink Phish 2019-09-03 2838263 || ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 2838264 || ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 2838265 || ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 2838266 || ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 2838267 || ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 2838268 || ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-09-03 2838269 || ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-09-03 2838270 || ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 2838271 || ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 2838272 || ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-09-03 2838273 || ETPRO TROJAN Win32/Remcos RAT Checkin 143 2838274 || ETPRO TROJAN Win32/Remcos RAT Checkin 144 2838275 || ETPRO TROJAN Win32/Remcos RAT Checkin 145 2838276 || ETPRO TROJAN Win32/Remcos RAT Checkin 146 2838277 || ETPRO TROJAN Win32/Remcos RAT Checkin 147 2838278 || ETPRO TROJAN Win32/Remcos RAT Checkin 148 2838279 || ETPRO TROJAN Win32/Remcos RAT Checkin 149 2838280 || ETPRO TROJAN Win32/Remcos RAT Checkin 150 2838281 || ETPRO TROJAN Win32/Remcos RAT Checkin 142 2838282 || ETPRO TROJAN Gh0stCringe CnC Activity M1 || url,www.binarydefense.com/gh0stcringeformerly-cirenegrat || md5,bddda24ea5eb8c90d4515f455e15ccd2 || md5,b5911db105d709f4213908cc5dc0f071 2838283 || ETPRO TROJAN Gh0stCringe CnC Activity M2 || url,www.binarydefense.com/gh0stcringeformerly-cirenegrat || md5,3396627f72b8614418e83009309fe33e || md5,db487aa6afc85b440885bd80452e9bb7 2838284 || ETPRO TROJAN Gh0stCringe CnC Activity M3 || url,www.binarydefense.com/gh0stcringeformerly-cirenegrat || md5,37c456c8af7dcb255aa4cd886d4d2e20 2838285 || ETPRO TROJAN Gh0stCringe CnC Activity M4 || url,www.binarydefense.com/gh0stcringeformerly-cirenegrat || md5,abe6c27e8b8b7d7362ea31b7ef8c088d [---] Removed non-rule lines: [---] -> Removed from sid-msg.map (1): 2838207 || ETPRO MALWARE MSIL/AlphaStealer PWS Exfil via HTTP M2 || md5,f74198f26a760df9bd966746b4bae1c0