This SRU number: 2014-01-06-002
Previous SRU number: 2013-12-30-001
Applies to:
This SEU number: 1025
Previous SEU: 1022
Applies to:
This is the complete list of rules modified in SRU 2014-01-06-002 and SEU 1025.
The format of the file is:
GID - SID - Rule Group - Rule Message - Policy State
The Policy State refers to each default Sourcefire policy, Connectivity, Balanced and Security.
The default passive policy state is the same as the Balanced policy state with the exception of alert being used instead of drop.
Note: Unless stated explicitly, the rules are for the series of products listed above.
| GID | SID | Rule Group | Rule Message | Policy State | ||
|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | ||||
| 1 | 6291 | MALWARE-CNC | justjoke v2.6 variant outbound connection | off | off | drop |
| 1 | 7624 | MALWARE-BACKDOOR | remote control 1.7 runtime detection - data connection | off | off | alert |
| 1 | 12165 | MALWARE-CNC | lithium 1.02 variant outbound connection | off | off | off |
| 1 | 12166 | MALWARE-CNC | lithium 1.02 variant outbound connection | off | off | alert |
| 1 | 12661 | MALWARE-CNC | troll.a variant outbound connection | off | off | off |
| 1 | 13508 | MALWARE-CNC | xploit 1.4.5 variant outbound connection | off | off | off |
| 1 | 13509 | MALWARE-CNC | xploit 1.4.5 pc variant outbound connection | off | off | off |
| 1 | 13815 | MALWARE-CNC | zombget.03 variant outbound connection | off | off | off |
| 1 | 13856 | MALWARE-CNC | Win.Trojan.wintrim.z variant outbound connection | off | off | off |
| 1 | 13864 | POLICY-OTHER | Microsoft Windows Dr. Watson error reporting attempt | off | off | off |
| 1 | 13876 | MALWARE-CNC | zlob.acc variant outbound connection | off | off | off |
| 1 | 13877 | MALWARE-CNC | Win.Trojan.delf.uv variant outbound connection | off | off | off |
| 1 | 14086 | MALWARE-CNC | Adware.Win32.Agent.BM variant outbound connection 1 | off | off | off |
| 1 | 14087 | MALWARE-CNC | Adware.Win32.Agent.BM variant outbound connection 2 | off | off | off |
| 1 | 15295 | MALWARE-CNC | Win.Trojan.Bankpatch configuration download | off | off | drop |
| 1 | 15296 | MALWARE-CNC | Win.Trojan.Bankpatch malicious file download | off | off | drop |
| 1 | 15297 | MALWARE-CNC | Win.Trojan.Bankpatch report home | off | off | drop |
| 1 | 16097 | MALWARE-CNC | Win.Trojan.agent.vvm variant outbound connection | off | off | off |
| 1 | 16099 | MALWARE-CNC | Win.Trojan.agent.wdv variant outbound connection | off | off | off |
| 1 | 16108 | MALWARE-CNC | Win.Trojan.exchanger.gen2 variant outbound connection | off | off | off |
| 1 | 16270 | DELETED | MALWARE-CNC Trojan.TDSS.1.Gen keepalive detection | |||
| 1 | 16271 | MALWARE-CNC | Trojan.TDSS.1.Gen keepalive detection | off | off | off |
| 1 | 16457 | MALWARE-CNC | Trojan.Downloader.Win32.Cutwail.AI variant outbound connection | off | off | off |
| 1 | 18311 | SERVER-WEBAPP | Novell iManager getMultiPartParameters arbitrary file upload attempt | off | off | off |
| 1 | 18946 | MALWARE-CNC | Win.Trojan.IRCBot.FC variant outbound connection | off | off | off |
| 1 | 18947 | MALWARE-CNC | Win.Trojan.IRCBot.FC variant outbound connection | off | off | off |
| 1 | 18976 | MALWARE-CNC | Rogue-Software.AVCare variant outbound connection | off | off | off |
| 1 | 18977 | MALWARE-CNC | Trojan-Proxy.Win32.Agent.boe variant outbound connection | off | off | off |
| 1 | 18978 | MALWARE-CNC | Win.Trojan.Pasta.aoq variant outbound connection | off | off | drop |
| 1 | 18979 | MALWARE-CNC | Worm.Win32.AutoRun.fmo variant outbound connection | off | off | drop |
| 1 | 18980 | MALWARE-CNC | WinSpywareProtect variant outbound connection | off | off | off |
| 1 | 18981 | MALWARE-CNC | WinSpywareProtect variant outbound connection | off | off | off |
| 1 | 18982 | MALWARE-CNC | WinSpywareProtect variant outbound connection | off | off | off |
| 1 | 19016 | MALWARE-CNC | MacBack Win.Trojan.variant outbound connection | off | drop | drop |
| 1 | 19017 | MALWARE-CNC | MacBack Win.Trojan.variant outbound connection | off | drop | drop |
| 1 | 19018 | MALWARE-CNC | MacBack Win.Trojan.variant outbound connection | off | drop | drop |
| 1 | 19019 | MALWARE-CNC | MacBack Win.Trojan.variant outbound connection | off | drop | drop |
| 1 | 19021 | MALWARE-CNC | Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection | off | off | off |
| 1 | 19022 | MALWARE-CNC | Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection | off | off | off |
| 1 | 19023 | MALWARE-CNC | IRC.Zapchast.zwrc variant outbound connection | off | off | off |
| 1 | 19024 | MALWARE-CNC | Win.Trojan.StartPage variant outbound connection | off | off | off |
| 1 | 19025 | MALWARE-CNC | Trojan-Banker.Win32.Bancos.etf variant outbound connection | off | off | off |
| 1 | 19027 | MALWARE-CNC | BrowserModifier.Win32.Kerlofost variant outbound connection | off | off | off |
| 1 | 19028 | MALWARE-CNC | Trojan-Mailfinder.Win32.Mailbot.dz variant outbound connection | off | off | off |
| 1 | 19029 | MALWARE-CNC | Win.Trojan.PcClient.AI variant outbound connection | off | off | off |
| 1 | 19031 | MALWARE-CNC | iPRIVACY variant outbound connection | off | off | off |
| 1 | 19032 | MALWARE-CNC | TrojanDownloader.Win32.Cornfemo.A variant outbound connection | off | off | off |
| 1 | 19033 | MALWARE-CNC | TrojanDownloader.Win32.Cornfemo.A variant outbound connection | off | off | off |
| 1 | 19034 | MALWARE-CNC | Win.Trojan.Kbot.qd variant outbound connection | off | off | off |
| 1 | 19035 | MALWARE-CNC | Win.Trojan.Vilsel.baqb variant outbound connection | off | off | off |
| 1 | 19053 | MALWARE-CNC | Worm.Win32.Nusump.A variant outbound connection | off | drop | drop |
| 1 | 19123 | MALWARE-CNC | Dropper Win.Trojan.Cefyns.A variant outbound connection | off | off | off |
| 1 | 19164 | MALWARE-CNC | Win.Trojan.SpyEye variant outbound connection | off | drop | drop |
| 1 | 19310 | MALWARE-CNC | Downloader Trojan.Gen3 variant outbound connection | off | off | off |
| 1 | 19312 | MALWARE-CNC | Win.Trojan.Agent.aah variant outbound connection | off | off | off |
| 1 | 19328 | MALWARE-CNC | PointGuide variant outbound connection | off | drop | drop |
| 1 | 19329 | MALWARE-CNC | Faceback.exe variant outbound connection | off | off | off |
| 1 | 19330 | MALWARE-CNC | Adclicker Win.Trojan.Zlob.dnz variant outbound connection | off | off | off |
| 1 | 19331 | MALWARE-CNC | Adclicker Win.Trojan.Zlob.dnz variant outbound connection | off | off | off |
| 1 | 19332 | MALWARE-CNC | Win.Trojan.Clampi variant outbound connection | off | off | off |
| 1 | 19339 | MALWARE-CNC | Win.Trojan.Dropper Win.Trojan.Agent.alda variant outbound connection | off | drop | drop |
| 1 | 19340 | MALWARE-CNC | Win.Trojan.Fakeav TREAntivirus variant outbound connection | off | off | drop |
| 1 | 19341 | MALWARE-CNC | Worm MSIL.AiO.a variant outbound connection | off | off | drop |
| 1 | 19345 | MALWARE-CNC | REAnti variant outbound connection | off | off | drop |
| 1 | 19346 | MALWARE-CNC | Additional Guard variant outbound connection | off | off | drop |
| 1 | 19347 | MALWARE-CNC | Win.Trojan.Poison.banr variant outbound connection | off | drop | drop |
| 1 | 19348 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.FraudLoad.emq variant outbound connection | off | drop | drop |
| 1 | 19349 | MALWARE-CNC | Fakeav Vaccineclear variant outbound connection | off | off | off |
| 1 | 19351 | MALWARE-CNC | Win.Trojan.Clicker Win.Trojan.Hatigh.C variant outbound connection | off | drop | drop |
| 1 | 19352 | MALWARE-CNC | Win.Trojan.Small.D variant outbound connection | off | off | drop |
| 1 | 19353 | MALWARE-CNC | Win.Trojan.Banker.bkhu variant outbound connection | off | drop | drop |
| 1 | 19354 | MALWARE-BACKDOOR | Win.Trojan.Agent.bhxn variant outbound connection | off | off | drop |
| 1 | 19356 | MALWARE-CNC | Win.Trojan.Fibbit.ax variant outbound connection | off | off | off |
| 1 | 19357 | MALWARE-CNC | Worm Win.Trojan.Sohanad.ila variant outbound connection | off | drop | drop |
| 1 | 19358 | MALWARE-CNC | Win.Trojan.XYTvn.A variant outbound connection | off | drop | drop |
| 1 | 19359 | MALWARE-CNC | Win.Trojan.Dcbavict.A variant outbound connection | off | off | off |
| 1 | 19360 | MALWARE-CNC | Win.Trojan.Dcbavict.A variant outbound connection | off | off | off |
| 1 | 19361 | MALWARE-CNC | Win.Trojan.Dcbavict.A variant outbound connection | off | off | off |
| 1 | 19363 | MALWARE-CNC | Win.Trojan.Dorkbot.B variant outbound connection | off | off | off |
| 1 | 19366 | MALWARE-CNC | Win.Trojan.HXWAN.A variant outbound connection | off | off | drop |
| 1 | 19367 | MALWARE-CNC | Worm Win.Trojan.Vaubeg.A variant outbound connection | off | off | drop |
| 1 | 19368 | MALWARE-CNC | Win.Trojan.Carberp.D variant outbound connection | off | off | drop |
| 1 | 19369 | MALWARE-CNC | Win.Trojan.Carberp.D variant outbound connection | off | off | drop |
| 1 | 19370 | MALWARE-CNC | Win.Trojan.Carberp.D variant outbound connection | off | off | drop |
| 1 | 19371 | MALWARE-CNC | Win.Trojan.Banker.IC variant outbound connection | off | off | off |
| 1 | 19394 | MALWARE-CNC | Win.Trojan.Tidserv variant outbound connection | off | off | off |
| 1 | 19396 | MALWARE-CNC | Win.Trojan.Beastdoor.b variant outbound connection | off | off | off |
| 1 | 19397 | MALWARE-CNC | Win.Trojan.UltimateDefender.xv variant outbound connection | off | off | off |
| 1 | 19398 | MALWARE-CNC | Win.Trojan.BAT.Shutdown.ef variant outbound connection | off | off | off |
| 1 | 19399 | MALWARE-CNC | Email Worm Win32.Zhelatin.ch variant outbound connection | off | off | off |
| 1 | 19400 | MALWARE-CNC | Worm Win.Trojan.Sddrop.D variant outbound connection | off | off | off |
| 1 | 19401 | MALWARE-CNC | Worm Win.Trojan.Sddrop.D variant outbound connection | off | off | off |
| 1 | 19402 | MALWARE-CNC | P2P Worm.Win32.Malas.r variant outbound connection | off | off | off |
| 1 | 19404 | MALWARE-CNC | Win.Trojan.Ozdok variant outbound connection | off | off | off |
| 1 | 19426 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.Crypter.i variant outbound connection | off | off | off |
| 1 | 19427 | MALWARE-CNC | Win.Trojan.Agent.amjz variant outbound connection | off | off | off |
| 1 | 19428 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.Adload.BG variant outbound connection | off | off | off |
| 1 | 19433 | MALWARE-CNC | W32.Fujacks.aw variant outbound connection | off | off | off |
| 1 | 19435 | MALWARE-CNC | Win.Trojan.Litmus.203 variant outbound connection | off | drop | drop |
| 1 | 19454 | MALWARE-CNC | Trojan.PWS.Win32.QQPass.IK variant outbound connection | off | off | off |
| 1 | 19455 | MALWARE-CNC | Worm.Win32.AutoRun.aw variant outbound connection | off | off | off |
| 1 | 19456 | MALWARE-CNC | Packed.Win32.Klone.bj variant outbound connection | off | off | off |
| 1 | 19457 | MALWARE-CNC | Trojan-Clicker.Win32.Vesloruki.ajb variant outbound connection | off | off | off |
| 1 | 19476 | MALWARE-CNC | Exploit.Win32.SqlShell.r variant outbound connection | off | off | off |
| 1 | 19478 | MALWARE-CNC | Worm.Win32.Taterf.B variant outbound connection | off | off | off |
| 1 | 19479 | MALWARE-CNC | Net-Worm.Win32.Piloyd.m variant outbound connection - request html | off | off | off |
| 1 | 19481 | MALWARE-CNC | Email-Worm.Win32.Agent.bx variant outbound connection | off | off | off |
| 1 | 19488 | MALWARE-CNC | Worm.Win32.Failnum.A variant outbound connection | off | off | off |
| 1 | 19491 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.Genome.vau variant outbound connection | off | off | off |
| 1 | 19492 | MALWARE-CNC | Windows System Defender variant outbound connection | off | off | off |
| 1 | 19494 | MALWARE-CNC | W32.Licum variant outbound connection | off | off | off |
| 1 | 19495 | MALWARE-CNC | Worm Win.Trojan.Pilleuz variant outbound connection | off | off | off |
| 1 | 19554 | MALWARE-CNC | Win.Trojan.Fakeav Antivirus Xp Pro variant outbound connection | off | off | drop |
| 1 | 19555 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.Small.akow variant outbound connection | off | off | drop |
| 1 | 19556 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.Homa.dk variant outbound connection | off | off | drop |
| 1 | 19557 | MALWARE-CNC | Win.Trojan.Shark.ag variant outbound connection | off | off | drop |
| 1 | 19568 | MALWARE-CNC | Trojan-Spy.Win32.PerfectKeylogger variant outbound connection | off | off | off |
| 1 | 19569 | MALWARE-CNC | Trojan-Downloader.Win32.Perkesh variant outbound connection | off | off | off |
| 1 | 19572 | MALWARE-CNC | Win.Trojan.FFSearch.A variant outbound connection | off | off | off |
| 1 | 19573 | MALWARE-CNC | Worm Win.Trojan.Chiviper.C variant outbound connection | off | off | off |
| 1 | 19574 | MALWARE-CNC | Worm Win.Trojan.Chiviper.C variant outbound connection | off | off | off |
| 1 | 19575 | MALWARE-CNC | Worm Win.Trojan.Emold.U variant outbound connection | off | off | off |
| 1 | 19577 | MALWARE-CNC | Win.Trojan.Dropper Win.Trojan.Dogrobot.E variant outbound connection | off | off | off |
| 1 | 19579 | MALWARE-CNC | Win.Trojan.Potao.A variant outbound connection | off | drop | drop |
| 1 | 19581 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection | off | off | off |
| 1 | 19582 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection | off | off | off |
| 1 | 19583 | MALWARE-CNC | Win.Trojan.Bumat.rts variant outbound connection | off | off | off |
| 1 | 19584 | MALWARE-CNC | Worm Win.Trojan.Dref.C variant outbound connection | off | off | off |
| 1 | 19585 | MALWARE-CNC | Worm Win.Trojan.Dref.C variant outbound connection - notification | off | off | off |
| 1 | 19586 | MALWARE-CNC | Win.Trojan.Clicker Win.Trojan.Agent.dlg variant outbound connection | off | off | off |
| 1 | 19587 | MALWARE-CNC | Win.Trojan.Sereki.B variant outbound connection | off | off | off |
| 1 | 19590 | MALWARE-CNC | Win.Trojan.Savnut.B variant outbound connection | off | drop | drop |
| 1 | 19591 | MALWARE-CNC | Win.Trojan.Powp.pyv variant outbound connection | off | off | off |
| 1 | 19608 | MALWARE-CNC | Win.Trojan.Wisscmd.A variant outbound connection | off | off | off |
| 1 | 19612 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Banload.bvk variant outbound connection | off | off | off |
| 1 | 19613 | MALWARE-CNC | Rogue Software Registry Cleaner Pro variant outbound connection | off | off | off |
| 1 | 19614 | MALWARE-CNC | Win.Trojan.IRCBot.kkr variant outbound connection | off | off | off |
| 1 | 19615 | MALWARE-CNC | Win.Trojan.IRCBot.kkr variant outbound connection | off | off | off |
| 1 | 19616 | MALWARE-CNC | Win.Trojan.Banker.Win32.Banbra.mcq variant outbound connection | off | off | off |
| 1 | 19652 | MALWARE-CNC | Teevsock C variant outbound connection | off | off | off |
| 1 | 19658 | MALWARE-CNC | Win.Trojan.MCnovogic.A variant outbound connection | off | drop | drop |
| 1 | 19659 | MALWARE-CNC | Win.Trojan.Soleseq.A variant outbound connection | off | off | off |
| 1 | 19660 | MALWARE-CNC | Win.Trojan.Riern.K variant outbound connection | off | off | off |
| 1 | 19695 | MALWARE-CNC | Win.Trojan.Downloader.Win32.VB.nec variant outbound connection | off | off | off |
| 1 | 19697 | MALWARE-CNC | Win.Trojan.Spy.Win32.VB.btm variant outbound connection | off | off | off |
| 1 | 19701 | MALWARE-CNC | Win.Trojan.Hassar.A variant outbound connection | off | off | off |
| 1 | 19702 | MALWARE-CNC | Win.Trojan.Zboter.E variant outbound connection | off | drop | drop |
| 1 | 19704 | MALWARE-CNC | Win.Trojan.Agent.grdm variant outbound connection | off | drop | drop |
| 1 | 19705 | MALWARE-CNC | Win.Trojan.Agent.grdm variant outbound connection | off | drop | drop |
| 1 | 19706 | MALWARE-CNC | Win.Trojan.Agent.cer variant outbound connection | off | drop | drop |
| 1 | 19712 | MALWARE-CNC | Win.Trojan.Downloader W32.Genome.gen variant outbound connection | off | drop | drop |
| 1 | 19722 | MALWARE-CNC | Win.Trojan.Poshtroper.A variant outbound connection | off | drop | drop |
| 1 | 19723 | MALWARE-CNC | Win.Trojan.Pherbot.A variant outbound connection | off | drop | drop |
| 1 | 19724 | MALWARE-CNC | Win.Trojan.Agent.dhy variant outbound connection | off | off | drop |
| 1 | 19725 | MALWARE-CNC | Win.Trojan.Poison.AY variant outbound connection | off | off | drop |
| 1 | 19726 | MALWARE-CNC | Win.Trojan.Poison.AY variant outbound connection | off | off | drop |
| 1 | 19727 | MALWARE-CNC | Win.Trojan.Bancos.DI variant outbound connection | off | off | drop |
| 1 | 19728 | MALWARE-CNC | Win.Trojan.Yayih.A variant outbound connection | off | off | off |
| 1 | 19729 | MALWARE-CNC | Win.Trojan.Yayih.A variant outbound connection | off | off | off |
| 1 | 19730 | MALWARE-CNC | Win.Trojan.KukuBot.A variant outbound connection | off | drop | drop |
| 1 | 19731 | MALWARE-CNC | Win.Trojan.Darkwebot.A variant outbound connection | off | drop | drop |
| 1 | 19732 | MALWARE-CNC | Win.Trojan.Idicaf.B variant outbound connection | off | drop | drop |
| 1 | 19733 | MALWARE-CNC | Win.Trojan.Jorik.BRU variant outbound connection | off | off | off |
| 1 | 19739 | MALWARE-CNC | Win.Trojan.Apptom variant outbound connection | off | off | off |
| 1 | 19740 | MALWARE-CNC | Worm.Win32.AutoRun.aczu variant outbound connection | off | off | off |
| 1 | 19742 | MALWARE-CNC | Win.Trojan.Agent.atff variant outbound connection | off | off | off |
| 1 | 19743 | MALWARE-CNC | Win.Trojan.Hupigon.eqlo variant outbound connection | off | off | off |
| 1 | 19745 | MALWARE-CNC | Win.Trojan.FraudLoad.dyl variant outbound connection | off | off | off |
| 1 | 19746 | MALWARE-CNC | Win.Trojan.Agent.biiw variant outbound connection | off | off | off |
| 1 | 19747 | MALWARE-BACKDOOR | Win.Trojan.GGDoor.22 variant outbound connection | off | drop | drop |
| 1 | 19748 | MALWARE-CNC | Trojan.Crypt.ULPM.Gen IRC variant outbound connection | off | off | off |
| 1 | 19760 | MALWARE-CNC | Win.Trojan.Arsinfoder.A variant outbound connection | off | off | off |
| 1 | 19761 | MALWARE-CNC | Win.Trojan.Ftpharvxqq.A variant outbound connection | off | drop | drop |
| 1 | 19762 | MALWARE-CNC | Win.Trojan.RDPdoor.AE variant outbound connection | off | off | off |
| 1 | 19763 | MALWARE-CNC | Win.Trojan.RDPdoor.AE variant outbound connection | off | off | off |
| 1 | 19764 | MALWARE-CNC | Win.Trojan.RDPdoor.AE variant outbound connection | off | off | off |
| 1 | 19765 | MALWARE-CNC | Win.Trojan.Banker.BXF variant outbound connection | off | drop | drop |
| 1 | 19766 | MALWARE-CNC | Worm Win.Trojan.Autorun.hi variant outbound connection | off | off | off |
| 1 | 19767 | MALWARE-CNC | Win.Trojan.Msposer.A variant outbound connection | off | drop | drop |
| 1 | 19770 | MALWARE-CNC | Win.Trojan.Yoddos.A variant outbound connection | off | drop | drop |
| 1 | 19771 | MALWARE-CNC | Win.Trojan.Yoddos.A variant outbound connection | off | drop | drop |
| 1 | 19772 | MALWARE-CNC | Virus.Win32.Parite.B variant outbound connection | off | off | off |
| 1 | 19773 | MALWARE-CNC | Virus.Win32.Parite.B variant outbound connection | off | off | off |
| 1 | 19774 | MALWARE-CNC | Gen-Trojan.Heur variant outbound connection | off | off | off |
| 1 | 19776 | MALWARE-CNC | Win.Trojan.Agent2.guy dropper variant outbound connection | off | off | off |
| 1 | 19783 | MALWARE-CNC | Win.Trojan.Banload.agcw variant outbound connection | off | off | off |
| 1 | 19784 | MALWARE-CNC | Worm.Win32.AutoRun.sde variant outbound connection | off | off | off |
| 1 | 19785 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Malushka.T variant outbound connection | off | off | off |
| 1 | 19787 | MALWARE-CNC | Exploit-PDF.t variant outbound connection | off | off | off |
| 1 | 19789 | MALWARE-CNC | P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection | off | off | off |
| 1 | 19790 | MALWARE-CNC | P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection | off | off | off |
| 1 | 19791 | MALWARE-CNC | Trojan-Dropper.Win32.Small.awa variant outbound connection | off | off | off |
| 1 | 19792 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.Caxnet.A variant outbound connection | off | off | off |
| 1 | 19793 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.SillyFDC-DS variant outbound connection | off | off | off |
| 1 | 19794 | MALWARE-CNC | W32.Fnumbot variant outbound connection | off | off | off |
| 1 | 19795 | MALWARE-CNC | Win.Trojan.FakeAV NoAdware variant outbound connection | off | off | off |
| 1 | 19796 | MALWARE-CNC | Win.Trojan.DL.CashnJoy.A variant outbound connection | off | off | off |
| 1 | 19797 | MALWARE-CNC | Safety Center variant outbound connection | off | off | off |
| 1 | 19798 | MALWARE-CNC | Win.Trojan.Agent2.kxu variant outbound connection | off | off | off |
| 1 | 19819 | MALWARE-CNC | Win.Trojan.Ertfor.A variant outbound connection | off | off | off |
| 1 | 19820 | MALWARE-CNC | Win.Trojan.Ertfor.A variant outbound connection | off | off | off |
| 1 | 19821 | MALWARE-CNC | Worm.Win32.Bagle.gen.C variant outbound connection | off | off | off |
| 1 | 19822 | MALWARE-CNC | Win.Trojan.Banload.HH variant outbound connection | off | off | off |
| 1 | 19824 | MALWARE-CNC | Gen-Trojan.Heur variant outbound connection | off | off | off |
| 1 | 19828 | MALWARE-CNC | Win.Trojan.SpyAgent.B variant outbound connection | off | off | off |
| 1 | 19829 | MALWARE-CNC | Win.Trojan.Rbot.gen variant outbound connection | off | off | off |
| 1 | 19830 | MALWARE-CNC | Win.Trojan.Poebot.BP variant outbound connection | off | off | off |
| 1 | 19831 | MALWARE-CNC | Trojan.Spy.Zbot.SO variant outbound connection | off | off | off |
| 1 | 19832 | MALWARE-CNC | Win.Trojan.Veslorn.gen.A variant outbound connection | off | off | off |
| 1 | 19833 | MALWARE-CNC | Win.Trojan.Banload.bda variant outbound connection | off | off | off |
| 1 | 19834 | MALWARE-CNC | Trojan.Spy.ZBot.RD variant outbound connection | off | off | off |
| 1 | 19850 | MALWARE-CNC | Worm.Win32.AutoRun.qgg variant outbound connection | off | off | off |
| 1 | 19851 | MALWARE-CNC | Worm.Win32.AutoRun.qgg variant outbound connection | off | off | off |
| 1 | 19852 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Delf.tbv variant outbound connection | off | off | off |
| 1 | 19854 | MALWARE-CNC | W32.Sality.AM variant outbound connection | off | off | off |
| 1 | 19855 | MALWARE-CNC | W32.Sality.AM variant outbound connection | off | off | off |
| 1 | 19856 | MALWARE-CNC | Packed.Win32.Krap.i variant outbound connection | off | off | off |
| 1 | 19857 | MALWARE-CNC | Win.Trojan.Hupigon.hhbd variant outbound connection - Windows | off | off | off |
| 1 | 19858 | MALWARE-CNC | Win.Trojan.Hupigon.hhbd variant outbound connection - non-Windows | off | off | off |
| 1 | 19864 | MALWARE-CNC | Win.Trojan.Nvbpass.A variant outbound connection | off | off | drop |
| 1 | 19865 | MALWARE-CNC | Win.Trojan.Arhost.D variant outbound connection | off | off | off |
| 1 | 19895 | MALWARE-CNC | Win.Trojan.Delf.jwh variant outbound connection | off | off | off |
| 1 | 19898 | MALWARE-CNC | Cinmus Variant variant outbound connection | off | off | off |
| 1 | 19905 | MALWARE-CNC | Win.Trojan.Small.jog variant outbound connection | off | off | off |
| 1 | 19912 | MALWARE-CNC | Trojan.DelfInject.gen!X variant outbound connection | off | drop | drop |
| 1 | 19914 | MALWARE-CNC | Win.Trojan.Quivoe.A variant outbound connection | off | off | off |
| 1 | 19915 | MALWARE-CNC | Win.Trojan.Gnutler.apd variant outbound connection | off | off | off |
| 1 | 19916 | MALWARE-CNC | Win.Trojan.Bancos.ACB variant outbound connection | off | off | off |
| 1 | 19917 | MALWARE-CNC | Win.Trojan.Sogu.A variant outbound connection | off | off | off |
| 1 | 19918 | MALWARE-CNC | Worm Win.Trojan.Ganelp.B variant outbound connection | off | off | off |
| 1 | 19919 | MALWARE-CNC | Win.Trojan.Murcy.A variant outbound connection | off | off | off |
| 1 | 19921 | MALWARE-CNC | Win.Trojan.Puprlehzae.A variant outbound connection | off | off | off |
| 1 | 19922 | MALWARE-CNC | Win.Trojan.Shiz.ivr variant outbound connection | off | off | off |
| 1 | 19923 | MALWARE-CNC | Win.Trojan.Venik.B variant outbound connection | off | off | off |
| 1 | 19924 | MALWARE-CNC | Win.Trojan.Spidern.A variant outbound connection | off | off | off |
| 1 | 19931 | MALWARE-CNC | Trojan.Lineage.Gen.Pac.3 variant outbound connection | off | off | off |
| 1 | 19935 | MALWARE-CNC | Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection | off | off | off |
| 1 | 19936 | MALWARE-CNC | Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection | off | off | off |
| 1 | 19940 | MALWARE-CNC | Trojan-Dropper.IRC.TKB variant outbound connection - dir4you | off | off | off |
| 1 | 19941 | MALWARE-CNC | TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection | off | off | off |
| 1 | 19942 | MALWARE-CNC | TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection | off | off | off |
| 1 | 19944 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Banload.ykl variant outbound connection | off | off | off |
| 1 | 19945 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection | off | off | off |
| 1 | 19946 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection | off | off | off |
| 1 | 19947 | MALWARE-CNC | Win.Trojan.Agent.amwd variant outbound connection | off | off | off |
| 1 | 19948 | MALWARE-CNC | Win.Trojan.Agent.asjk variant outbound connection | off | off | off |
| 1 | 19949 | MALWARE-CNC | Win.Trojan.Agent.asjk variant outbound connection | off | off | off |
| 1 | 19951 | MALWARE-CNC | DarkstRat 2008 variant outbound connection | off | off | off |
| 1 | 19953 | MALWARE-CNC | Biodox variant outbound connection | off | off | off |
| 1 | 19954 | MALWARE-CNC | Hack Style RAT variant outbound connection | off | off | off |
| 1 | 19955 | MALWARE-CNC | PaiN RAT 0.1 variant outbound connection | off | off | off |
| 1 | 19957 | MALWARE-CNC | Arabian-Attacker 1.1.0 variant outbound connection | off | off | drop |
| 1 | 19958 | MALWARE-CNC | Win.Trojan.Agent.aulk variant outbound connection | off | off | off |
| 1 | 19959 | MALWARE-CNC | Win.Trojan.Agent.aulk variant outbound connection | off | off | off |
| 1 | 19960 | MALWARE-CNC | Win.Trojan.Agent.aulk variant outbound connection | off | off | off |
| 1 | 19961 | MALWARE-CNC | Fouad 1.0 variant outbound connection | off | off | off |
| 1 | 19962 | MALWARE-CNC | Email-Worm.CryptBox-A variant outbound connection | off | off | off |
| 1 | 19963 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Banload.aajs variant outbound connection | off | off | off |
| 1 | 19964 | MALWARE-CNC | Virus Win.Trojan.Sality.aa variant outbound connection | off | off | off |
| 1 | 19965 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Agent.avzz variant outbound connection | off | off | off |
| 1 | 19967 | MALWARE-CNC | Trojan-PSW.Win32.Papras.dm variant outbound connection | off | off | off |
| 1 | 19968 | MALWARE-CNC | Trojan.PSW.Win32.QQPass.amx variant outbound connection | off | off | off |
| 1 | 19969 | MALWARE-CNC | Trojan.Crypt.CY variant outbound connection | off | off | off |
| 1 | 19970 | MALWARE-CNC | W32.Smalltroj.MHYR variant outbound connection | off | off | off |
| 1 | 19973 | MALWARE-CNC | Worm.Win.Trojan.Nebuler.D variant outbound connection | off | off | off |
| 1 | 19974 | MALWARE-CNC | Win.Trojan.Small.bwj variant outbound connection | off | off | off |
| 1 | 19975 | MALWARE-CNC | Win.Trojan.Crypt.vb variant outbound connection | off | off | off |
| 1 | 19976 | MALWARE-CNC | Worm.Win32.Koobface.hy variant outbound connection | off | off | off |
| 1 | 19977 | MALWARE-CNC | Trojan.LooksLike.Zaplot variant outbound connection | off | off | off |
| 1 | 19982 | MALWARE-CNC | Win.Trojan.Agent.wwe variant outbound connection | off | off | off |
| 1 | 19983 | MALWARE-CNC | Win.Trojan.Kolabc.fic variant outbound connection | off | off | off |
| 1 | 19988 | MALWARE-CNC | Asprox variant outbound connection | off | off | off |
| 1 | 19995 | MALWARE-CNC | Waledac variant outbound connection | off | drop | drop |
| 1 | 19996 | MALWARE-CNC | Worm Brontok.C variant outbound connection | off | off | off |
| 1 | 19997 | MALWARE-CNC | Win.Trojan.PSW.Win32.QQPass.gam variant outbound connection | off | off | off |
| 1 | 20001 | MALWARE-CNC | Allaple.e variant outbound connection | off | off | off |
| 1 | 20002 | MALWARE-CNC | Allaple.e variant outbound connection | off | off | off |
| 1 | 20014 | MALWARE-CNC | Kaju variant outbound connection - confirmation | off | off | off |
| 1 | 20015 | MALWARE-CNC | Win.Trojan.Zeus variant outbound connection | off | off | off |
| 1 | 20016 | MALWARE-CNC | Win.Trojan.Zeus variant outbound connection | off | off | off |
| 1 | 20017 | MALWARE-CNC | Worm Win.Trojan.Koobface.dq variant outbound connection | off | off | off |
| 1 | 20018 | MALWARE-CNC | W32.Autorun.worm.dq variant outbound connection | off | off | off |
| 1 | 20020 | MALWARE-CNC | Malware Doctor variant outbound connection | off | off | off |
| 1 | 20022 | MALWARE-CNC | Worm Win.Trojan.Padobot.z variant outbound connection | off | off | off |
| 1 | 20023 | MALWARE-CNC | Advanced Virus Remover variant outbound connection | off | off | off |
| 1 | 20024 | MALWARE-CNC | Win.Trojan.Dreamy.bc variant outbound connection | off | off | off |
| 1 | 20026 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Banker.abg.b variant outbound connection | off | off | off |
| 1 | 20028 | MALWARE-CNC | Windows Antivirus Pro variant outbound connection | off | off | off |
| 1 | 20040 | MALWARE-CNC | Win.Trojan.KSpyPro.A variant outbound connection | off | off | off |
| 1 | 20043 | MALWARE-CNC | Adware Kraddare.AZ variant outbound connection | off | off | off |
| 1 | 20074 | MALWARE-CNC | Win.Trojan.IRCBot.iseee variant outbound connection | off | off | off |
| 1 | 20075 | MALWARE-CNC | Win.Trojan.Ruskill.abl variant outbound connection | off | off | off |
| 1 | 20076 | MALWARE-CNC | Win.Trojan.Agobot.ast variant outbound connection | off | off | off |
| 1 | 20077 | MALWARE-CNC | Win.Trojan.Agobot.ast variant outbound connection | off | off | off |
| 1 | 20078 | MALWARE-CNC | Win.Trojan.Russkill.C variant outbound connection | off | off | off |
| 1 | 20079 | MALWARE-CNC | Win.Trojan.Russkill.C variant outbound connection | off | off | off |
| 1 | 20080 | MALWARE-CNC | Win.Trojan.Derusbi.A variant outbound connection | off | off | off |
| 1 | 20081 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Yakes.cbi variant outbound connection | off | drop | drop |
| 1 | 20082 | MALWARE-CNC | Win.Trojan.Inject.raw variant outbound connection | off | off | off |
| 1 | 20083 | MALWARE-CNC | Win.Trojan.Fucobha.A variant outbound connection | off | off | off |
| 1 | 20085 | MALWARE-CNC | Win.Trojan.Veebuu.BX variant outbound connection | off | off | off |
| 1 | 20086 | MALWARE-CNC | Win.Trojan.Banload.ABY variant outbound connection | off | off | off |
| 1 | 20087 | MALWARE-CNC | Win.Trojan.Banker.FGU variant outbound connection | off | off | off |
| 1 | 20088 | MALWARE-CNC | Win.Trojan.Emudbot.A variant outbound connection | off | off | off |
| 1 | 20096 | MALWARE-CNC | Win.Trojan.Agent.dcir variant outbound connection | off | off | off |
| 1 | 20098 | MALWARE-CNC | Win.Trojan.KeyLogger.wav variant outbound connection | off | off | off |
| 1 | 20099 | MALWARE-CNC | Win.Trojan.Xtrat.A variant outbound connection | off | off | off |
| 1 | 20107 | MALWARE-CNC | Win.Trojan.Downloader.Win32.Small.Cns variant outbound connection | off | off | off |
| 1 | 20108 | MALWARE-CNC | Win.Trojan.Banker.Pher variant outbound connection | off | off | off |
| 1 | 20109 | MALWARE-CNC | Win.Trojan.Zombie.sm variant outbound connection | off | off | off |
| 1 | 20202 | MALWARE-CNC | Apple OSX.Revir-1 variant outbound connection | off | drop | drop |
| 1 | 20204 | MALWARE-CNC | Win.Trojan.Taidoor variant outbound connection | off | drop | drop |
| 1 | 20217 | MALWARE-CNC | Win.Trojan.Ramagedos.A variant outbound connection | off | off | off |
| 1 | 20218 | MALWARE-CNC | Win.Trojan.Ramagedos.A variant outbound connection | off | off | off |
| 1 | 20219 | MALWARE-CNC | Win.Trojan.ToriaSpy.A variant outbound connection | off | off | off |
| 1 | 20221 | MALWARE-CNC | Trojan.Injector variant outbound connection | off | drop | drop |
| 1 | 20222 | MALWARE-CNC | Win.Trojan.Payazol.B variant outbound connection | off | off | off |
| 1 | 20232 | MALWARE-CNC | Win.Trojan.Cycbot variant outbound connection | off | drop | drop |
| 1 | 20233 | MALWARE-CNC | Win.Trojan.Virut variant outbound connection | off | off | drop |
| 1 | 20289 | MALWARE-CNC | Win.Trojan.Doschald.A variant outbound connection | off | off | off |
| 1 | 20291 | MALWARE-CNC | Win.Trojan.Mybios.A variant outbound connection | off | off | off |
| 1 | 20292 | MALWARE-CNC | Win.Trojan.FresctSpy.A variant outbound connection | off | off | off |
| 1 | 20428 | MALWARE-CNC | Win.Trojan.Zewit.A variant outbound connection | off | off | off |
| 1 | 20432 | MALWARE-CNC | Win.Trojan.Hiloti variant outbound connection | off | off | off |
| 1 | 20447 | MALWARE-CNC | Win.Trojan.Agent.JAAK variant outbound connection | off | off | drop |
| 1 | 20448 | MALWARE-CNC | Win.Trojan.Meciv.A variant outbound connection | off | off | off |
| 1 | 20449 | MALWARE-CNC | Worm Win.Trojan.Busifom.A variant outbound connection | off | off | off |
| 1 | 20527 | MALWARE-CNC | Sirefef initial C&C connection variant outbound connection | off | drop | drop |
| 1 | 20569 | MALWARE-CNC | Win.Trojan.Small.kb variant outbound connection | off | off | off |
| 1 | 20570 | MALWARE-CNC | Win.Trojan.Small.kb variant outbound connection | off | off | off |
| 1 | 20571 | MALWARE-CNC | Win.Trojan.Small.kb variant outbound connection | off | off | off |
| 1 | 20639 | MALWARE-CNC | Malware Win.Trojan.Higest.N variant outbound connection | off | off | off |
| 1 | 20754 | MALWARE-CNC | Win.Trojan.Virut-3 variant outbound connection | off | drop | drop |
| 1 | 20755 | MALWARE-CNC | Win.Trojan.Krap variant outbound connection | off | drop | drop |
| 1 | 20759 | MALWARE-CNC | Win.Trojan.Gbot.oce variant outbound connection | off | drop | drop |
| 1 | 20762 | MALWARE-CNC | MacOS.Flashback.A variant outbound connection | off | drop | drop |
| 1 | 20763 | MALWARE-CNC | Win.Trojan.Spyeye-206 variant outbound connection | off | drop | drop |
| 1 | 20830 | MALWARE-CNC | Win.Trojan.Banbra.amdu variant outbound connection | off | off | off |
| 1 | 20877 | MALWARE-CNC | RunTime Worm.Win32.Warezov.gs variant outbound connection | off | off | drop |
| 1 | 20927 | MALWARE-CNC | Trojan.Spyeye-207 variant outbound connection | off | drop | drop |
| 1 | 21055 | MALWARE-CNC | Win.Trojan.Utka.A variant outbound connection | off | off | off |
| 1 | 21178 | MALWARE-CNC | Win.Trojan.Downloader Win.Trojan.Chekafe.A variant outbound connection | off | off | off |
| 1 | 21179 | MALWARE-CNC | Win.Trojan.Coofus.RFM variant outbound connection | off | off | off |
| 1 | 21180 | MALWARE-CNC | Worm.Win32.Magania.clfv variant outbound connection | off | off | off |
| 1 | 21181 | MALWARE-CNC | Win.Trojan.Agent.czgu variant outbound connection | off | off | off |
| 1 | 21182 | MALWARE-CNC | Win.Trojan.MeSub.ac variant outbound connection | off | off | off |
| 1 | 21183 | MALWARE-CNC | Win.Trojan.Agent.alfu variant outbound connection | off | off | off |
| 1 | 21187 | MALWARE-CNC | Win.Trojan.Xlahlah.A variant outbound connection | off | off | off |
| 1 | 21192 | MALWARE-CNC | Win.Trojan.Syswrt.dvd variant outbound connection | off | off | off |
| 1 | 21193 | MALWARE-CNC | Win.Trojan.Dalbot.A variant outbound connection | off | off | off |
| 1 | 21194 | MALWARE-CNC | Win.Trojan.Wealwedst.A variant outbound connection | off | off | off |
| 1 | 21195 | MALWARE-CNC | Win.Trojan.Protux.B variant outbound connection | off | off | off |
| 1 | 21196 | MALWARE-CNC | Win.Trojan.Caphaw.A variant outbound connection | off | off | off |
| 1 | 21197 | MALWARE-CNC | Win.Trojan.Caphaw.A variant outbound connection | off | off | off |
| 1 | 21198 | MALWARE-CNC | Win.Trojan.Qinubot.A variant outbound connection | off | off | off |
| 1 | 21199 | MALWARE-CNC | Win.Trojan.Qinubot.A variant outbound connection | off | off | off |
| 1 | 21200 | MALWARE-CNC | Win.Trojan.Yakes.cmu variant outbound connection | off | off | off |
| 1 | 21201 | MALWARE-CNC | Win.Trojan.Yakes.cmu variant outbound connection | off | off | off |
| 1 | 21202 | MALWARE-CNC | Win.Trojan.Scapzilla.A variant outbound connection | off | off | off |
| 1 | 21203 | MALWARE-CNC | Virus Win.Trojan.Induc.B variant outbound connection | off | off | off |
| 1 | 21204 | MALWARE-CNC | Virus Win.Trojan.Induc.B variant outbound connection | off | off | off |
| 1 | 21205 | MALWARE-CNC | Virus Win.Trojan.Induc.B variant outbound connection | off | off | off |
| 1 | 21207 | MALWARE-CNC | Win.Trojan.Dekara.A variant outbound connection | off | off | off |
| 1 | 21208 | MALWARE-CNC | Win.Trojan.RShot.brw variant outbound connection | off | drop | drop |
| 1 | 21209 | MALWARE-CNC | Win.Trojan.Enviserv.A variant outbound connection | off | off | off |
| 1 | 21210 | MALWARE-CNC | Win.Trojan.Rallovs.A variant outbound connection | off | off | off |
| 1 | 21211 | MALWARE-CNC | Win.Trojan.Banker.slrj variant outbound connection | off | off | off |
| 1 | 21212 | MALWARE-CNC | Win.Trojan.Hupigon.nkor variant outbound connection | off | off | off |
| 1 | 21213 | MALWARE-CNC | Worm.Win32.Cridex.B variant outbound connection | off | off | off |
| 1 | 21215 | MALWARE-CNC | Win.Trojan.Banker.Am variant outbound connection | off | off | off |
| 1 | 21216 | MALWARE-CNC | Win.Trojan.Banker.Am variant outbound connection | off | off | off |
| 1 | 21217 | MALWARE-CNC | Win.Trojan.Banker.Am variant outbound connection | off | off | off |
| 1 | 21218 | MALWARE-CNC | Win.Trojan.Sodager.C variant outbound connection | off | off | drop |
| 1 | 21219 | MALWARE-CNC | Win.Trojan.Sysckbc variant outbound connection | off | off | off |
| 1 | 21221 | MALWARE-CNC | Win.Trojan.Susnatache.A variant outbound connection | off | off | off |
| 1 | 21222 | MALWARE-CNC | Win.Trojan.Kcahneila.A variant outbound connection | off | off | off |
| 1 | 21223 | MALWARE-CNC | Win.Trojan.Gyplit.A variant outbound connection | off | off | off |
| 1 | 21224 | MALWARE-CNC | Trojan.MacOS.DevilRobber.A variant outbound connection | off | off | off |
| 1 | 21226 | MALWARE-CNC | Win.Trojan.Louisdreyfu.A variant outbound connection | off | off | off |
| 1 | 21227 | MALWARE-CNC | Trojan-Downloader.Win32.Bulknet.A variant outbound connection | off | off | off |
| 1 | 21228 | MALWARE-CNC | Win.Trojan.Cerberat.A variant outbound connection | off | off | off |
| 1 | 21229 | MALWARE-CNC | Win.Trojan.Synljdos.A variant outbound connection | off | off | off |
| 1 | 21230 | MALWARE-CNC | Win.Trojan.Betad.A variant outbound connection | off | off | off |
| 1 | 21231 | MALWARE-CNC | Win.Trojan.Bedobot.B variant outbound connection | off | off | off |
| 1 | 21240 | MALWARE-CNC | Win.Trojan.MsUpdater variant outbound connection | off | drop | drop |
| 1 | 21241 | MALWARE-CNC | Win.Trojan.MsUpdater initial variant outbound connection | off | drop | drop |
| 1 | 21242 | MALWARE-CNC | Win.Trojan.MsUpdater variant outbound connection | off | drop | drop |
| 1 | 21251 | MALWARE-CNC | Win.Trojan.Payazol.B variant outbound connection | off | off | off |
| 1 | 21252 | MALWARE-CNC | Win.Trojan.Sirefef.P variant outbound connection | off | off | off |
| 1 | 21318 | MALWARE-CNC | Win.Trojan.FakeAV TDSS/PurpleHaze variant outbound connection - base64 encoded | off | drop | drop |
| 1 | 21400 | MALWARE-CNC | Win.Trojan.Kenzor.B variant outbound connection | off | off | off |
| 1 | 21401 | MALWARE-CNC | Win.Trojan.Kenzor.B variant outbound connection | off | off | off |
| 1 | 21402 | MALWARE-CNC | Win.Trojan.Ponfoy.A variant outbound connection | off | off | off |
| 1 | 21403 | MALWARE-CNC | Worm.Win32.Vobfus.DL variant outbound connection | off | off | off |
| 1 | 21404 | MALWARE-CNC | Worm.Win32.Vobfus.DL variant outbound connection cont | off | off | off |
| 1 | 21416 | MALWARE-CNC | Win.Trojan.Bankpatch authentication string detected | off | off | drop |
| 1 | 21418 | MALWARE-CNC | Trojan.FareIt variant outbound connection | off | drop | drop |
| 1 | 21428 | MALWARE-CNC | W32.Trojan.Generic-24 variant outbound connection | off | drop | drop |
| 1 | 21434 | MALWARE-CNC | Win.Trojan.Mentor variant outbound connection | off | off | off |
| 1 | 21444 | MALWARE-CNC | Win.Trojan.Webmoner.zu connect to server | off | off | drop |
| 1 | 21454 | MALWARE-CNC | Win.Trojan.Banbra.vec variant outbound connection | off | off | off |
| 1 | 21461 | MALWARE-CNC | Win.Trojan.DarkComet variant outbound connection - post infection | off | off | off |
| 1 | 21474 | MALWARE-CNC | Win.Trojan.Lancafdo.A variant outbound connection | off | off | off |
| 1 | 21477 | MALWARE-CNC | Trojan.Noobot variant outbound connection | off | off | drop |
| 1 | 21495 | MALWARE-CNC | Trojan.Vilsel variant outbound connection | off | off | off |
| 1 | 21497 | MALWARE-CNC | Trojan.Saeeka variant outbound connection | off | off | drop |
| 1 | 21511 | MALWARE-CNC | Trojan.Vaxpy variant outbound connection | off | off | drop |
| 1 | 21551 | MALWARE-CNC | Trojan.Kahn variant outbound connection | off | drop | drop |
| 1 | 21610 | MALWARE-CNC | Win.Trojan.Refroso.azyg variant outbound connection | off | off | off |
| 1 | 21635 | MALWARE-CNC | Win.Trojan.Phdet.gen.A variant outbound connection | off | off | off |
| 1 | 21769 | MALWARE-CNC | Win.Trojan.LogonInvader.a variant outbound connection | off | off | drop |
| 1 | 21848 | MALWARE-OTHER | TDS Sutra - page redirecting to a SutraTDS | off | off | drop |
| 1 | 21877 | MALWARE-CNC | Apple OSX.Sabpub variant outbound connection | off | drop | drop |
| 1 | 21947 | MALWARE-CNC | Win.Trojan.VicSpy.A variant outbound connection | off | off | off |
| 1 | 21968 | MALWARE-BACKDOOR | Win.Backdoor.Rebhip.A variant outbound connection type A | off | off | drop |
| 1 | 21969 | MALWARE-BACKDOOR | Win.Backdoor.Rebhip.A variant outbound connection type B | off | off | drop |
| 1 | 21971 | MALWARE-BACKDOOR | Win.Backdoor.Zlob.P variant inbound connection | off | off | off |
| 1 | 21972 | MALWARE-BACKDOOR | Win.Backdoor.ZZSlash variant outbound connection | off | off | off |
| 1 | 21976 | MALWARE-CNC | Trojan-Downloader.Win32.Lapurd.D variant outbound connection | off | off | off |
| 1 | 21977 | MALWARE-BACKDOOR | Win.Backdoor.Pinit variant outbound connection | off | off | off |
| 1 | 21979 | MALWARE-BACKDOOR | Win.Backdoor.Nervos variant inbound connection | off | off | drop |
| 1 | 21980 | MALWARE-CNC | Trojan.Winac variant outbound connection | off | off | off |
| 1 | 21981 | MALWARE-CNC | Trojan-Downloader.Win32.Selvice.vq variant outbound connection | off | off | off |
| 1 | 21982 | MALWARE-CNC | Win.Trojan.Insain.mh variant outbound connection | off | off | off |
| 1 | 22000 | MALWARE-CNC | Worm.VB.amna variant outbound connection A | off | off | drop |
| 1 | 22001 | MALWARE-CNC | Apple OSX Flashback malware variant outbound connection | off | off | drop |
| 1 | 22033 | MALWARE-CNC | Apple OSX Flashback malware variant outbound connection | off | drop | drop |
| 1 | 22034 | MALWARE-CNC | Apple OSX Flashback malware variant outbound connection | off | drop | drop |
| 1 | 22060 | MALWARE-CNC | Trojan.Fepgul variant outbound connection | off | drop | drop |
| 1 | 22095 | MALWARE-BACKDOOR | Win.Backdoor.Agent variant outbound connection | off | drop | drop |
| 1 | 22103 | MALWARE-CNC | Win.Trojan.Coswid.klk variant outbound connection | off | drop | drop |
| 1 | 22937 | MALWARE-CNC | Trojan.Proxyier variant outbound connection | off | off | off |
| 1 | 23214 | MALWARE-CNC | Win.Trojan.Waprox.A variant outbound connection | off | off | off |
| 1 | 23215 | MALWARE-CNC | Win.Trojan.Waprox.A variant outbound connection | off | off | off |
| 1 | 23255 | MALWARE-CNC | Trojan.Duojeen variant outbound connection | off | off | drop |
| 1 | 23262 | MALWARE-CNC | Trojan.Banker variant outbound connection | off | drop | drop |
| 1 | 23308 | MALWARE-CNC | Trojan.Downloader.Bucriv variant outbound connection | off | off | drop |
| 1 | 23317 | MALWARE-CNC | Trojan.Dropper initial variant outbound connection | off | off | drop |
| 1 | 23331 | MALWARE-CNC | Trojan.Mybot variant outbound connection | off | off | off |
| 1 | 23332 | MALWARE-CNC | Win.Trojan.Dishigy variant outbound connection | off | drop | drop |
| 1 | 23335 | MALWARE-CNC | Trojan.Swisyn variant outbound connection | off | drop | drop |
| 1 | 23340 | MALWARE-CNC | Win.Trojan.Nitol.B variant outbound connection | off | off | drop |
| 1 | 23344 | MALWARE-CNC | Win.Trojan.Harvso.A variant outbound connection | off | off | drop |
| 1 | 23345 | MALWARE-CNC | RunTime Win.Trojan.tchfro.A variant outbound connection | off | off | off |
| 1 | 23377 | MALWARE-CNC | Trojan.Sasfis variant outbound connection | off | off | drop |
| 1 | 23378 | MALWARE-CNC | Trojan.Sasfis variant outbound connection | off | off | drop |
| 1 | 23380 | MALWARE-CNC | Trojan.Ventana initial variant outbound connection | off | off | drop |
| 1 | 23382 | MALWARE-CNC | Trojan.SpyEye variant outbound connection | off | drop | drop |
| 1 | 23387 | MALWARE-CNC | Win.Trojan.Banker variant outbound connection | off | off | drop |
| 1 | 23388 | MALWARE-CNC | Win.Trojan.FakeMSN.I variant outbound connection | off | off | off |
| 1 | 23391 | MALWARE-CNC | Win.Trojan.Hioles.C variant outbound connection | off | drop | drop |
| 1 | 23446 | MALWARE-CNC | Trojan.Sojax.A variant outbound connection | off | off | drop |
| 1 | 23447 | MALWARE-CNC | Trojan.Sojax.A variant outbound connection | off | off | drop |
| 1 | 23451 | MALWARE-CNC | Win.Trojan.RedSip.A variant outbound connection | off | off | off |
| 1 | 23460 | MALWARE-CNC | Trojan.Belesak.A variant outbound connection | off | off | off |
| 1 | 23468 | MALWARE-CNC | Trojan.Dropper variant outbound connection | off | off | drop |
| 1 | 23469 | MALWARE-CNC | Trojan.Dropper variant outbound connection | off | off | drop |
| 1 | 23494 | MALWARE-CNC | Win.Trojan.Onitab.A variant outbound connection | off | off | drop |
| 1 | 23495 | MALWARE-CNC | Trojan.Kugdifod.A variant outbound connection | off | off | drop |
| 1 | 23600 | MALWARE-CNC | Win.Trojan.Gamarue outbound conntection | off | drop | drop |
| 1 | 23610 | MALWARE-CNC | Worm.Crass.A variant outbound connection | off | off | off |
| 1 | 23615 | MALWARE-CNC | ACAD.Medre.A variant outbound connection | off | drop | drop |
| 1 | 23825 | MALWARE-CNC | FinFisher initial variant outbound connection | off | off | off |
| 1 | 23826 | MALWARE-CNC | FinFisher variant outbound connection | off | off | off |
| 1 | 23938 | MALWARE-CNC | Win.Trojan.Ibabyfa.dldr variant outbound connection | off | drop | drop |
| 1 | 23945 | MALWARE-CNC | Trojan.Backdoor variant outbound connection | off | drop | drop |
| 1 | 23968 | MALWARE-CNC | Win.Trojan.Crisis variant outbound connection | off | drop | drop |
| 1 | 23987 | MALWARE-CNC | Trojan.Kryptik.Kazy variant outbound connection | off | drop | drop |
| 1 | 24010 | MALWARE-CNC | runtime Trojan.Radil variant outbound connection | off | off | off |
| 1 | 24077 | MALWARE-CNC | Win.Trojan.Upof variant outbound connection | off | off | off |
| 1 | 24082 | MALWARE-CNC | Win.Trojan.Banbra variant outbound connection | off | off | drop |
| 1 | 24092 | MALWARE-CNC | Win.Trojan.Clisbot variant outbound connection | off | off | drop |
| 1 | 24182 | MALWARE-CNC | Win.Worm.Helompy variant outbound connection | off | off | off |
| 1 | 24184 | MALWARE-CNC | Win.Worm.Rokiwobi variant outbound connection | off | off | off |
| 1 | 24235 | MALWARE-CNC | Win.Trojan.Wuwo initial infection variant outbound connection | off | drop | drop |
| 1 | 24236 | MALWARE-CNC | Win.Trojan.Wuwo post infection variant outbound connection | off | drop | drop |
| 1 | 24288 | MALWARE-CNC | Win.Trojan.Flexty variant outbound connection | off | off | drop |
| 1 | 24416 | MALWARE-CNC | Win.Trojan.Agent variant outbound connection | off | off | drop |
| 1 | 24417 | MALWARE-CNC | Win.Trojan.Agent variant outbound connection | off | off | drop |
| 1 | 24440 | MALWARE-CNC | Win.Trojan.Chiviper variant outbound connection | off | drop | drop |
| 1 | 24531 | MALWARE-CNC | Win.Trojan.Scondatie.A variant outbound connection | off | drop | drop |
| 1 | 24540 | MALWARE-BACKDOOR | Win.Trojan.Spy.Heur variant outbound connection attempt | off | off | drop |
| 1 | 24541 | MALWARE-CNC | Win.Trojan.Unebot variant outbound connection | off | off | drop |
| 1 | 24586 | MALWARE-CNC | Win.Trojan.Barkiofork variant outbound connection | off | off | drop |
| 1 | 24858 | MALWARE-CNC | Win.Trojan.Quarian variant outbound connection - proxy connection | off | drop | drop |
| 1 | 24886 | MALWARE-CNC | Win.Trojan.Dorkbot variant outbound connection | off | drop | drop |
| 1 | 24976 | MALWARE-CNC | Win.Trojan.Agent variant outbound connection | off | off | drop |
| 1 | 25049 | MALWARE-CNC | Win.Trojan.Jorik.Kolilks variant outbound connection | off | drop | drop |
| 1 | 25067 | MALWARE-CNC | Win.Trojan.Riler variant outbound connection | off | off | drop |
| 1 | 25256 | MALWARE-CNC | Win.Worm.Gamarue variant outbound connection | off | drop | drop |
| 1 | 25257 | MALWARE-CNC | Win.Trojan.Skintrim variant outbound connection | off | drop | drop |
| 1 | 25258 | MALWARE-CNC | Win.Trojan.Rombrast variant outbound connection | off | drop | drop |
| 1 | 25259 | MALWARE-CNC | Win.Trojan.BancosBanload variant outbound connection | off | drop | drop |
| 1 | 25269 | MALWARE-CNC | Win.Trojan.Buterat variant outbound connection | off | drop | drop |
| 1 | 25271 | MALWARE-CNC | Win.Trojan.Buzus variant outbound connection | off | drop | drop |
| 1 | 25570 | MALWARE-CNC | Win.Trojan.Medialabs variant outbound connection | off | drop | drop |
| 1 | 25571 | MALWARE-CNC | Win.Trojan.Medialabs variant outbound connection | off | drop | drop |
| 1 | 25765 | MALWARE-CNC | Trojan Agent YEH variant outbound connection | off | drop | drop |
| 1 | 25830 | FILE-JAVA | Oracle Java malicious class download attempt | drop | drop | drop |
| 1 | 26010 | MALWARE-CNC | CNC Dirtjumper variant outbound connection | off | drop | drop |
| 1 | 26011 | MALWARE-CNC | CNC Dirtjumper variant outbound connection | off | drop | drop |
| 1 | 26178 | MALWARE-CNC | Win.Trojan.Hiloti variant outbound connection | off | off | off |
| 1 | 26264 | MALWARE-CNC | Dapato banking Trojan variant outbound connection | off | drop | drop |
| 1 | 26288 | MALWARE-CNC | Brontok Worm variant outbound connection | off | drop | drop |
| 1 | 26343 | EXPLOIT-KIT | Nuclear exploit kit landing page | off | drop | drop |
| 1 | 26463 | MALWARE-CNC | Win.Trojan.Linog.A variant outbound connection | off | off | drop |
| 1 | 26464 | MALWARE-CNC | Win.Trojan.Linog.A variant outbound connection | off | off | drop |
| 1 | 26613 | MALWARE-CNC | Medfos Trojan variant outbound connection | off | drop | drop |
| 1 | 26657 | MALWARE-CNC | Win.Trojan.Shiz variant outbound connection | off | drop | drop |
| 1 | 26696 | MALWARE-CNC | Cbeplay Ransomware variant outbound connection - Abnormal HTTP Headers | off | alert | drop |
| 1 | 26697 | MALWARE-CNC | Cbeplay Ransomware variant outbound connection - POST Body | off | drop | drop |
| 1 | 26774 | MALWARE-CNC | Win.Worm.Luder variant outbound connection | off | drop | drop |
| 1 | 26775 | MALWARE-CNC | Win.Trojan.Blocker variant outbound connection HTTP Header Structure | off | drop | drop |
| 1 | 26776 | MALWARE-CNC | Win.Trojan.Blocker variant outbound connection POST | off | drop | drop |
| 1 | 26815 | MALWARE-CNC | OSX.Trojan.KitM variant outbound connection user-agent | off | drop | drop |
| 1 | 26816 | MALWARE-CNC | OSX.Trojan.KitM variant outbound connection | off | drop | drop |
| 1 | 26835 | MALWARE-CNC | RDN Banker POST variant outbound connection | off | off | drop |
| 1 | 26923 | MALWARE-CNC | Win.Trojan.Zeus variant outbound connection | off | drop | drop |
| 1 | 26930 | MALWARE-CNC | Win.Trojan.Zeroaccess variant outbound connection | drop | drop | drop |
| 1 | 26931 | MALWARE-CNC | Win.Trojan.Zeroaccess variant outbound connection | drop | drop | drop |
| 1 | 26932 | MALWARE-CNC | Win.Trojan.Zeroaccess variant outbound connection | off | off | drop |
| 1 | 26984 | MALWARE-CNC | Win.Trojan.Injector Info Stealer Trojan variant outbound connection | off | drop | drop |
| 1 | 26997 | MALWARE-CNC | Win.Downloader.Agent variant outbound connection | off | alert | drop |
| 1 | 27007 | MALWARE-CNC | Win.Trojan.Zbot variant outbound connection | off | drop | drop |
| 1 | 27008 | MALWARE-CNC | Win.Trojan.Zbot variant outbound connection | off | drop | drop |
| 1 | 27033 | MALWARE-CNC | Win.Backdoor.Transhell variant outbound connection user-agent | off | off | drop |
| 1 | 27049 | MALWARE-CNC | Win.Trojan.Dokstormac variant outbound connection | off | drop | drop |
| 1 | 27054 | MALWARE-CNC | Win.Trojan.Yakes variant outbound connection | off | drop | drop |
| 1 | 27057 | MALWARE-CNC | Win.Trojan.Dalbot variant outbound connection | off | drop | drop |
| 1 | 27058 | MALWARE-CNC | OSX.Trojan.HackBack variant outbound connection | off | drop | drop |
| 1 | 27252 | MALWARE-CNC | Win.Trojan.ZeroAccess 111-byte URL variant outbound connection | off | off | drop |
| 1 | 27596 | MALWARE-CNC | Win.Redyms variant outbound connection | off | drop | drop |
| 1 | 27599 | MALWARE-CNC | Win.Redyms variant outbound connection | off | drop | drop |
| 1 | 27629 | MALWARE-CNC | Win.Backdoor.Aumlib variant outbound connection | off | drop | drop |
| 1 | 27630 | MALWARE-CNC | Win.Backdoor.Aumlib variant outbound connection | off | drop | drop |
| 1 | 27631 | MALWARE-CNC | Win.Backdoor.Aumlib variant outbound connection | off | drop | drop |
| 1 | 27633 | MALWARE-CNC | Worm.Silly variant outbound connection | off | drop | drop |
| 1 | 27654 | MALWARE-CNC | Win.Backdoor.Agent variant outbound connection | off | off | off |
| 1 | 27708 | MALWARE-CNC | Win.Ransomware.Urausy outbound conntection | off | off | off |
| 1 | 27711 | MALWARE-CNC | Win.Trojan.FakeAV variant outbound connection | off | drop | drop |
| 1 | 27746 | MALWARE-CNC | Unix.Trojan.Hanthie variant outbound connection | off | drop | drop |
| 1 | 27802 | MALWARE-CNC | Win.Trojan.PRISM variant outbound connection | off | drop | drop |
| 1 | 27803 | MALWARE-CNC | Win.Trojan.PRISM variant outbound connection | off | drop | drop |
| 1 | 27804 | MALWARE-CNC | Win.Trojan.PRISM variant outbound connection | off | drop | drop |
| 1 | 27964 | MALWARE-CNC | Gh0st RAT variant outbound connection | off | drop | drop |
| 1 | 28042 | MALWARE-CNC | Win.Trojan.Caphaw variant outbound connection | off | drop | drop |
| 1 | 28079 | MALWARE-CNC | Win.Trojan.Napolar variant outbound connection | off | drop | drop |
| 1 | 28105 | MALWARE-CNC | Win.Trojan.Banload variant outbound connection | off | drop | drop |
| 1 | 28111 | EXPLOIT-KIT | Nuclear/Magnitude exploit kit post Java compromise download attempt | off | drop | drop |
| 1 | 28242 | MALWARE-CNC | Win.Trojan.Tuxido outbound commincation attempt | off | drop | drop |
| 1 | 28244 | MALWARE-CNC | Win.Trojan.Phrovon outbound conntection | off | drop | drop |
| 1 | 28247 | MALWARE-CNC | Win.Trojan.Dropper variant outbound connection | off | drop | drop |
| 1 | 28254 | MALWARE-CNC | Trojan.Perl.Shellbot variant outbound connection | off | drop | drop |
| 1 | 28300 | MALWARE-CNC | Win.Trojan.Agent variant conntection | off | drop | drop |
| 1 | 28305 | MALWARE-CNC | Win.Trojan.Mecifg variant outbound connection | off | drop | drop |
| 1 | 28323 | MALWARE-CNC | Win.Backdoor.Chopper web shell conntection | off | drop | drop |
| 1 | 28325 | MALWARE-CNC | Win.Backdoor.Zuza variant outbound connection | off | drop | drop |
| 1 | 28326 | MALWARE-CNC | Win.Backdoor.Zuza variant outbound connection | off | drop | drop |
| 1 | 28328 | MALWARE-CNC | Win.Backdoor.Hupigon variant outbound connection | off | drop | drop |
| 1 | 28366 | MALWARE-CNC | Win.Backdoor.Venik variant outbound connection | off | drop | drop |
| 1 | 28373 | MALWARE-CNC | Win.Trojan.Mutopy variant outbound connection | off | drop | drop |
| 1 | 28399 | MALWARE-CNC | Linux.Backdoor.Tsunami outbound conntection | off | drop | drop |
| 1 | 28416 | MALWARE-CNC | Win.Trojan.CryptoLocker outbound conntection | off | drop | drop |
| 1 | 28417 | MALWARE-CNC | Win.Trojan.Molgomsg variant outbound connection | off | drop | drop |
| 1 | 28418 | MALWARE-CNC | Win.Downloader.Dtcontx outbound conntection | off | drop | drop |
| 1 | 28419 | MALWARE-CNC | Win.Trojan.Tesch variant outbound connection | off | drop | drop |
| 1 | 28439 | MALWARE-CNC | Win.Trojan.Bspire variant conntection | off | drop | drop |
| 1 | 28444 | MALWARE-CNC | Win.Backdoor.CBgate variant outbound connection | off | drop | drop |
| 1 | 28482 | MALWARE-CNC | Win.Trojan.Terminator RAT variant outbound connection | drop | drop | drop |
| 1 | 28484 | MALWARE-CNC | Win.Trojan.Delpbank variant outbound connection | off | drop | drop |
| 1 | 28485 | MALWARE-CNC | Win.Trojan.Khalog variant outbound connection | off | drop | drop |
| 1 | 28486 | MALWARE-CNC | Win.Trojan.Codiltak variant outbound connection | off | drop | drop |
| 1 | 28493 | MALWARE-CNC | DeputyDog diskless method variant outbound connection | off | drop | drop |
| 1 | 28538 | MALWARE-CNC | Win.Trojan.Qadars variant outbound connection | off | off | drop |
| 1 | 28547 | MALWARE-CNC | Win.Trojan.Banker variant outbound conntection | off | drop | drop |
| 1 | 28548 | MALWARE-CNC | Win.Trojan.chfx variant outbound connection | off | drop | drop |
| 1 | 28551 | MALWARE-CNC | Win.Trojan.NXI ftp username connection | off | drop | drop |
| 1 | 28559 | MALWARE-CNC | Win.Trojan.Castov variant conntection | off | drop | drop |
| 1 | 28560 | MALWARE-CNC | Win.Trojan.Plugx FTP keepalive outbound conntection | drop | drop | drop |
| 1 | 28561 | MALWARE-CNC | Win.Trojan.Plugx outbound conntection | drop | drop | drop |
| 1 | 28562 | MALWARE-CNC | Win.Trojan.Sidopa variant outbound connection | off | drop | drop |
| 1 | 28563 | MALWARE-CNC | Win.Trojan.Pkdesco variant outbound connection | off | drop | drop |
| 1 | 28564 | MALWARE-CNC | Win.Trojan.Pkdesco variant outbound connection | off | drop | drop |
| 1 | 28565 | MALWARE-CNC | Win.Trojan.Pkdesco variant outbound connection | off | drop | drop |
| 1 | 28599 | MALWARE-CNC | Win.Backdoor.Lesirt variant outbound connection | off | drop | drop |
| 1 | 28604 | MALWARE-CNC | Win.Trojan.Kasnam variant conntection | off | drop | drop |
| 1 | 28605 | MALWARE-CNC | Win.Trojan.Kasnam variant conntection | off | drop | drop |
| 1 | 28606 | MALWARE-CNC | Win.Trojan.Surtr variant conntection | off | drop | drop |
| 1 | 28607 | MALWARE-CNC | Win.Trojan.Fareit variant outbound conntection | off | drop | drop |
| 1 | 28724 | MALWARE-CNC | Win.Trojan.Agent outbound conntection | off | drop | drop |
| 1 | 28799 | MALWARE-CNC | Win.Trojan.Mxtcycle variant outbound connection | off | drop | drop |
| 1 | 28800 | MALWARE-CNC | Win.Trojan.Zeus outbound connection | off | drop | drop |
| 1 | 28802 | MALWARE-CNC | Win.Trojan.Zeus outbound connection | off | drop | drop |
| 1 | 28803 | MALWARE-CNC | Win.Trojan.Injector outbound conntection | off | drop | drop |
| 1 | 28804 | MALWARE-CNC | Win.Trojan.Injector outbound conntection | off | drop | drop |
| 1 | 28805 | MALWARE-CNC | Win.Trojan.Palevo outbound conntection | off | drop | drop |
| 1 | 28808 | MALWARE-CNC | Win.Backdoor.Ptiger variant outbound connection | off | drop | drop |
| 1 | 28809 | MALWARE-CNC | Win.Trojan.Dofoil outbound conntection | off | drop | drop |
| 1 | 28813 | MALWARE-CNC | Win.Trojan.Ufraie variant outbound connection | off | drop | drop |
| 1 | 28816 | MALWARE-CNC | Win.Trojan.Siluhdur variant outbound connection | off | drop | drop |
| 1 | 28817 | MALWARE-CNC | Win.Backdoor.Iniduoh variant outbound connection | off | drop | drop |
| 1 | 28820 | MALWARE-CNC | Win.Backdoor.Iniduoh variant outbound connection | off | drop | drop |
| 1 | 28853 | MALWARE-CNC | Win.Trojan.Dipverdle variant outbound conntection | drop | drop | drop |
| 1 | 28856 | MALWARE-CNC | Win.Trojan.Yowdab variant conntection | off | drop | drop |
| 1 | 28861 | MALWARE-CNC | Win.Trojan.Roxfora variant outbound conntection | off | drop | drop |
| 1 | 28864 | MALWARE-CNC | Win.Trojan.Tofsee variant outbound conntection | off | drop | drop |
| 1 | 28879 | MALWARE-CNC | Win.Backdoor.Tavdig variant outbound conntection | off | drop | drop |
| 1 | 28886 | MALWARE-CNC | Win.Trojan.Scar variant outbound conntection | off | drop | drop |
| 1 | 28913 | MALWARE-BACKDOOR | Zollard variant outbound connection attempt | off | off | off |
| 1 | 28914 | MALWARE-CNC | Win.Trojan.Anony variant conntection | off | drop | drop |
| 1 | 28947 | MALWARE-CNC | Win.Trojan.Tapaoux variant conntection | off | drop | drop |
| 1 | 28948 | MALWARE-CNC | Win.Trojan.Kishlog variant outbound conntection | off | drop | drop |
| 1 | 28949 | MALWARE-CNC | Win.Trojan.Kishlog variant outbound conntection | off | drop | drop |
| 1 | 28986 | MALWARE-CNC | Win.Worm.Neeris IRCbot variant outbound connection | off | drop | drop |
| 1 | 28987 | MALWARE-CNC | Win.Worm.Steckt IRCbot variant outbound connection | off | drop | drop |
| 1 | 28988 | MALWARE-CNC | Win.Worm.Steckt IRCbot variant outbound connection | off | drop | drop |
| 1 | 28989 | MALWARE-CNC | Win.Trojan.Egobot variant outbound conntection | off | drop | drop |
| 1 | 28996 | MALWARE-CNC | Win.Trojan.Bunitu variant outbound connection | off | drop | drop |
| 1 | 29011 | MALWARE-CNC | Win.Trojan.Dotconta variant outbound conntection | off | drop | drop |
| 1 | 29012 | MALWARE-OTHER | Possible Win.Trojan.Zbot variant outbound connection | off | drop | drop |
| 1 | 29013 | MALWARE-OTHER | Possible Win.Trojan.Zbot variant outbound connection | off | drop | drop |
| 1 | 29026 | MALWARE-CNC | Win.Trojan.Limlspy variant outbound conntection | off | drop | drop |
| 1 | 29038 | MALWARE-CNC | Win.Trojan.Banload variant outbound communication | off | drop | drop |
| 1 | 29044 | MALWARE-CNC | Win.Trojan.Lorask variant outbound connection | off | drop | drop |
| 1 | 29045 | MALWARE-CNC | Win.Trojan.Lorask variant outbound connection | off | drop | drop |
| 1 | 29057 | MALWARE-CNC | Win.Trojan.Descrantol variant outbound connection | off | drop | drop |
| 1 | 29058 | MALWARE-CNC | Win.Trojan.Umberial variant outbound connection | off | drop | drop |
| 1 | 29076 | MALWARE-CNC | Win.Trojan.Epixed variant outbound connection | off | drop | drop |
| 1 | 29077 | MALWARE-CNC | Win.Trojan.Platidium variant outbound connection | off | drop | drop |
| 1 | 29081 | MALWARE-CNC | Win.Trojan.Budir initial variant outbound connection | off | drop | drop |
| 1 | 29082 | MALWARE-CNC | Win.Trojan.Ldmon variant outbound connection | off | drop | drop |
| 1 | 29087 | MALWARE-CNC | Win.Trojan.Kboy variant outbound connection | off | drop | drop |
| 1 | 29095 | MALWARE-CNC | Win.Trojan.Fotip FTP file upload variant outbound connection | off | drop | drop |
| 1 | 29104 | MALWARE-CNC | Win.Trojan.Iniptad variant outbound connection | off | drop | drop |
| 1 | 29109 | MALWARE-CNC | Win.Trojan.Drafukey variant outbound conntection | off | drop | drop |
| 1 | 29114 | MALWARE-CNC | Win.Trojan.Sotark variant outbound connection | off | drop | drop |
| 1 | 29115 | MALWARE-CNC | Win.Trojan.Alset variant outbound connection | off | drop | drop |
| 1 | 29123 | DELETED | MALWARE-OTHER Win.Trojan.InstallMonster variant outbound connection | |||
| 1 | 29124 | MALWARE-OTHER | Win.Trojan.InstallMonster variant outbound connection | off | off | off |
| 1 | 29125 | MALWARE-CNC | Win.Trojan.Valden variant outbound connection | off | drop | drop |
| 1 | 29136 | MALWARE-CNC | Win.Trojan.Neos variant outbound connection | off | drop | drop |
| GID | SID | Rule Group | Rule Message | Policy State | ||
|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | ||||
| 1 | 7183 | MALWARE-CNC | Snoopware barok variant outbound connection | off | off | drop |
| GID | SID | Rule Group | Rule Message | Policy State | ||
|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | ||||
| 1 | 2420 | FILE-IDENTIFY | RealNetworks Realplayer .rmp playlist file download request | off | off | off |
| 1 | 16124 | MALWARE-CNC | Trojan.nsis.agent.s variant outbound connection | off | off | off |
| 1 | 17230 | FILE-IDENTIFY | Tiff big endian file magic detected | off | off | off |
| 1 | 17732 | FILE-IDENTIFY | TIFF file download request | off | off | off |
| 1 | 19596 | MALWARE-CNC | Poison Ivy variant outbound connection | off | off | off |
| 1 | 19597 | MALWARE-CNC | Win.Trojan.Agent.cws variant outbound connection | off | off | off |
| 1 | 19744 | MALWARE-CNC | Worm.Win32.Deecee.a variant outbound connection | off | off | off |
| 1 | 19971 | MALWARE-CNC | Win.Trojan.Mudrop.lj variant outbound connection | off | off | off |
| 1 | 21593 | MALWARE-CNC | Win.Trojan.Dropper variant outbound connection | off | drop | drop |
| 1 | 23710 | FILE-IDENTIFY | Tiff big endian file magic detected | off | off | off |
| 1 | 24463 | FILE-IDENTIFY | TIFF file attachment detected | off | off | off |
| 1 | 24464 | FILE-IDENTIFY | TIFF file attachment detected | off | off | off |
| 1 | 28528 | MALWARE-CNC | Win.Trojan.Qadars variant outbound connection | off | drop | drop |
| 1 | 28529 | MALWARE-CNC | Win.Trojan.Qadars variant outbound connection | off | drop | drop |