Sourcefire VRT Rules Update

Date: 2012-10-16

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.3.1.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:24383 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dipwit outbound communication (malware-cnc.rules)
 * 1:24382 <-> ENABLED <-> MALWARE-CNC Win.Trojan.XBlocker outbound communication (malware-cnc.rules)
 * 1:24381 <-> ENABLED <-> MALWARE-CNC Win.Trojan.XBlocker outbound communication (malware-cnc.rules)
 * 1:24380 <-> DISABLED <-> WEB-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (web-iis.rules)
 * 1:24379 <-> DISABLED <-> WEB-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (web-iis.rules)
 * 1:24378 <-> DISABLED <-> POLICY-OTHER TCP packet with urgent flag attempt (policy-other.rules)
 * 1:24377 <-> DISABLED <-> MALWARE-BACKDOOR Trojan.FakeAV.FakeAlert runtime detection (malware-backdoor.rules)
 * 1:24376 <-> DISABLED <-> MALWARE-BACKDOOR Trojan.Delf.KDV runtime detection (malware-backdoor.rules)
 * 1:24375 <-> ENABLED <-> MALWARE-CNC Win.Trojan.VB variant outbound connection (malware-cnc.rules)
 * 1:24374 <-> DISABLED <-> MALWARE-CNC Win.Dropper.Agent variant outbound connection (malware-cnc.rules)
 * 1:24373 <-> DISABLED <-> MALWARE-CNC Win.Dropper.Agent variant outbound connection (malware-cnc.rules)
 * 1:24401 <-> DISABLED <-> MISC PCT Client_Hello overflow attempt (misc.rules)
 * 1:24400 <-> DISABLED <-> MALWARE-BACKDOOR Backdoor.Win32.Protos.A runtime detection (malware-backdoor.rules)
 * 1:24399 <-> DISABLED <-> MALWARE-CNC WIN.Trojan.Mooochq variant outbound connection (malware-cnc.rules)
 * 1:24398 <-> DISABLED <-> MALWARE-CNC WIN.Trojan.Mooochq variant outbound connection (malware-cnc.rules)
 * 1:24397 <-> ENABLED <-> APP-DETECT Steam game URI handler (app-detect.rules)
 * 1:24396 <-> DISABLED <-> DDOS itsoknoproblembro UDP flood (ddos.rules)
 * 1:24395 <-> DISABLED <-> DDOS itsoknoproblembro TCP flood (ddos.rules)
 * 1:24394 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro start attack (indicator-compromise.rules)
 * 1:24393 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro stop attack (indicator-compromise.rules)
 * 1:24392 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro write file (indicator-compromise.rules)
 * 1:24391 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro start php (indicator-compromise.rules)
 * 1:24390 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro start perl (indicator-compromise.rules)
 * 1:24389 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro status check (indicator-compromise.rules)
 * 1:24388 <-> DISABLED <-> INDICATOR-COMPROMISE itsoknoproblembro file upload (indicator-compromise.rules)
 * 1:24387 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products xdomain object information disclosure attempt (browser-firefox.rules)
 * 1:24386 <-> DISABLED <-> BROWSER-FIREFOX Mozilla Multiple Products xdomain object information disclosure attempt (browser-firefox.rules)
 * 1:24385 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tracur outbound communication (malware-cnc.rules)
 * 1:24384 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Tracur outbound communication (malware-cnc.rules)

Modified Rules:


 * 1:23935 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zakahic variant outbound connection (malware-cnc.rules)
 * 1:23877 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Dtfanri variant outbound connection (malware-cnc.rules)
 * 1:23876 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Scirib variant outbound connection (malware-cnc.rules)
 * 1:23837 <-> DISABLED <-> NETBIOS SMB host announcement format string exploit attempt (netbios.rules)
 * 1:23788 <-> DISABLED <-> MALWARE-CNC Trojan.Locotout variant outbound connection (malware-cnc.rules)
 * 1:23787 <-> DISABLED <-> MALWARE-CNC Trojan.Locotout variant outbound connection (malware-cnc.rules)
 * 1:23782 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Buzus.kych connect to cnc-server (malware-cnc.rules)
 * 1:23634 <-> DISABLED <-> MALWARE-CNC Trojan.Kegotip variant outbound connection (malware-cnc.rules)
 * 1:23630 <-> DISABLED <-> MALWARE-CNC Trojan.YMrelay variant outbound connection (malware-cnc.rules)
 * 1:23628 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Pincav variant outbound connection (malware-cnc.rules)
 * 1:23599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (malware-cnc.rules)
 * 1:23598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Slagent outgoing connection (malware-cnc.rules)
 * 1:23595 <-> DISABLED <-> MALWARE-CNC Trojan.Papras variant outbound connection (malware-cnc.rules)
 * 1:23594 <-> DISABLED <-> MALWARE-CNC Trojan.Papras variant outbound connection (malware-cnc.rules)
 * 1:23593 <-> DISABLED <-> MALWARE-CNC Trojan.Smoaler variant outbound connection (malware-cnc.rules)
 * 1:23494 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Onitab.A outbound connection (malware-cnc.rules)
 * 1:23483 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Georbot file download (malware-backdoor.rules)
 * 1:23467 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mazben file download (malware-cnc.rules)
 * 1:23451 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RedSip.A outbound connection (malware-cnc.rules)
 * 1:23449 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Servstart.ax connect to cnc-server (malware-cnc.rules)
 * 1:23399 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Govdi.A connect to cnc-server (malware-cnc.rules)
 * 1:23394 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Vbvoleur.a connect to cnc-server (malware-cnc.rules)
 * 1:23391 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hioles.C runtime detection (malware-cnc.rules)
 * 1:23390 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Java.Arratomref variant outbound connection (malware-cnc.rules)
 * 1:23389 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Java.Arratomref variant outbound connection (malware-cnc.rules)
 * 1:23388 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakeMSN.I runtime detection (malware-cnc.rules)
 * 1:23387 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker outbound connection (malware-cnc.rules)
 * 1:23381 <-> DISABLED <-> MALWARE-BACKDOOR Win.Trojan.Thoper.C runtime detection (malware-backdoor.rules)
 * 1:23345 <-> DISABLED <-> MALWARE-CNC RunTime Win.Trojan.Win.Trojan.tchfro.A outbound connection (malware-cnc.rules)
 * 1:23344 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Harvso.A outbound connection (malware-cnc.rules)
 * 1:23341 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Tinrot.A runtime detection (malware-backdoor.rules)
 * 1:23340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nitol.B runtime detection (malware-cnc.rules)
 * 1:23332 <-> ENABLED <-> MALWARE-CNC Win.Trojan-Dishigy outbound connection (malware-cnc.rules)
 * 1:23254 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Delf.CL connect to cnc-server (malware-cnc.rules)
 * 1:23242 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banker.boxg connect to cnc server (malware-cnc.rules)
 * 1:23215 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Waprox.A runtime detection (malware-cnc.rules)
 * 1:23214 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Waprox.A runtime detection (malware-cnc.rules)
 * 1:22103 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Coswid.klk runtime detection (malware-cnc.rules)
 * 1:22095 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Agent outbound connection (malware-backdoor.rules)
 * 1:22088 <-> ENABLED <-> EXPLOIT-KIT Blackhole Exploit Kit javascript service method - js.js (exploit-kit.rules)
 * 1:22062 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Winpawr variant outbound connection (malware-cnc.rules)
 * 1:21998 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.PQC variant outbound connection (malware-cnc.rules)
 * 1:21997 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.bgcp variant outbound connection (malware-cnc.rules)
 * 1:21996 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot.I Runtime Detection Generic (malware-cnc.rules)
 * 1:21995 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot.I Runtime Detection Generic (malware-cnc.rules)
 * 1:21982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Insain.mh runtime detection (malware-cnc.rules)
 * 1:21979 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Nervos variant inbound communication (malware-backdoor.rules)
 * 1:21978 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Nervos variant outbound connection (malware-backdoor.rules)
 * 1:21977 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Pinit outbound connection (malware-backdoor.rules)
 * 1:21973 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash runtime detection (malware-backdoor.rules)
 * 1:21972 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.ZZSlash outbound connection (malware-backdoor.rules)
 * 1:21971 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant inbound communication (malware-backdoor.rules)
 * 1:21970 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant outbound connection (malware-backdoor.rules)
 * 1:21969 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Rebhip.A outbound connection type B (malware-backdoor.rules)
 * 1:21968 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Rebhip.A outbound connection type A (malware-backdoor.rules)
 * 1:21947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VicSpy.A runtime detection (malware-cnc.rules)
 * 1:21946 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Litmpuca.A Runtime Detection (malware-cnc.rules)
 * 1:21945 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Litmpuca.A Runtime Detection (malware-cnc.rules)
 * 1:21769 <-> DISABLED <-> MALWARE-CNC Win.Trojan.LogonInvader.a runtime detection (malware-cnc.rules)
 * 1:21761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant runtime detection (malware-cnc.rules)
 * 1:21760 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant runtime detection (malware-cnc.rules)
 * 1:21635 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Phdet.gen.A runtime detection (malware-cnc.rules)
 * 1:21610 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Refroso.azyg runtime detection (malware-cnc.rules)
 * 1:21547 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:21512 <-> DISABLED <-> MALWARE-BACKDOOR Win.Backdoor.Zegost.B runtime detection (malware-backdoor.rules)
 * 1:21502 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBbot.V connect to server (malware-cnc.rules)
 * 1:21486 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot variant outbound connection (malware-cnc.rules)
 * 1:21474 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Lancafdo.A runtime detection (malware-cnc.rules)
 * 1:21471 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos variant outbound connection (malware-cnc.rules)
 * 1:21468 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dama variant outbound connection (malware-cnc.rules)
 * 1:21467 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot variant outbound connection (malware-cnc.rules)
 * 1:21463 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bibei variant outbound connection (malware-cnc.rules)
 * 1:21461 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DarkComet outbound connection attempt - post infection (malware-cnc.rules)
 * 1:21460 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DarkComet inbound connection (malware-cnc.rules)
 * 1:21454 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.vec runtime detection (malware-cnc.rules)
 * 1:21452 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.djvk connect to server (malware-cnc.rules)
 * 1:21451 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.djvk malicious hosts file download (malware-cnc.rules)
 * 1:21448 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Webmoner.zu connect to server (malware-cnc.rules)
 * 1:21441 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Delf variant outbound connection (malware-cnc.rules)
 * 1:21440 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Murofet variant outbound connection (malware-cnc.rules)
 * 1:21435 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mentor inbound connection - post infection (malware-cnc.rules)
 * 1:21434 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Mentor outbound connection (malware-cnc.rules)
 * 1:21426 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Scar variant outbound connection (malware-cnc.rules)
 * 1:21425 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ghodow.A exe file download (malware-cnc.rules)
 * 1:21424 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ghodow.A connect to cnc (malware-cnc.rules)
 * 1:21402 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ponfoy.A runtime detection (malware-cnc.rules)
 * 1:21401 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kenzor.B outbound connection (malware-cnc.rules)
 * 1:21400 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kenzor.B outbound connection (malware-cnc.rules)
 * 1:21391 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.dcac runtime traffic detected (malware-cnc.rules)
 * 1:21390 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.dl runtime traffic detected (malware-cnc.rules)
 * 1:21386 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wadolin.A runtime traffic detected (malware-cnc.rules)
 * 1:21384 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host freewebs.com runtime traffic detected (malware-cnc.rules)
 * 1:21383 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host 9999mb.com runtime traffic detected (malware-cnc.rules)
 * 1:21382 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nuqel.Q host setting3.yeahost.com runtime traffic detected (malware-cnc.rules)
 * 1:21381 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dialer.ngb runtime traffic detected (malware-cnc.rules)
 * 1:21379 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Genome.Amqj runtime traffic detected (malware-cnc.rules)
 * 1:21376 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Microjoin activity (malware-cnc.rules)
 * 1:21374 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bifrose.EF runtime traffic detected (malware-cnc.rules)
 * 1:21369 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wallop.de runtime traffic detected (malware-cnc.rules)
 * 1:21368 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wallop.de runtime traffic detected (malware-cnc.rules)
 * 1:21362 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.TDSS.aa runtime traffic detected (malware-cnc.rules)
 * 1:21359 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.jju runtime traffic detected (malware-cnc.rules)
 * 1:21343 <-> ENABLED <-> EXPLOIT-KIT Blackhole exploit kit pdf request (exploit-kit.rules)
 * 1:21318 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FakeAV TDSS/PurpleHaze outbound connection - base64 encoded (malware-cnc.rules)
 * 1:21306 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Spyeye variant outbound connectivity check (malware-cnc.rules)
 * 1:21294 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancodor.be runtime traffic detected (malware-cnc.rules)
 * 1:21277 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shexie.A runtime traffic detected (malware-cnc.rules)
 * 1:21252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P runtime detection (malware-cnc.rules)
 * 1:21251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sirefef.P runtime detection (malware-cnc.rules)
 * 1:21250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (malware-cnc.rules)
 * 1:21242 <-> ENABLED <-> MALWARE-CNC MsUpdater Win.Trojan.outbound connection (malware-cnc.rules)
 * 1:21241 <-> ENABLED <-> MALWARE-CNC MsUpdater Win.Trojan.initial outbound connection (malware-cnc.rules)
 * 1:21240 <-> ENABLED <-> MALWARE-CNC MsUpdater Win.Trojan.outbound connection (malware-cnc.rules)
 * 1:2124 <-> DISABLED <-> MALWARE-BACKDOOR Remote PC Access connection (malware-backdoor.rules)
 * 1:21231 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bedobot.B outbound connection (malware-cnc.rules)
 * 1:21230 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Betad.A outbound connection (malware-cnc.rules)
 * 1:21229 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Synljdos.A outbound connection (malware-cnc.rules)
 * 1:21228 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cerberat.A outbound connection (malware-cnc.rules)
 * 1:21226 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Louisdreyfu.A outbound connection (malware-cnc.rules)
 * 1:21223 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gyplit.A outbound connection (malware-cnc.rules)
 * 1:21222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kcahneila.A outbound connection (malware-cnc.rules)
 * 1:21221 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A outbound connection (malware-cnc.rules)
 * 1:21220 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Susnatache.A inbound connection (malware-cnc.rules)
 * 1:21219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sysckbc outbound connection (malware-cnc.rules)
 * 1:21218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Sodager.C outbound connection (malware-cnc.rules)
 * 1:21217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banker.Am outbound connection (malware-cnc.rules)
 * 1:21216 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banker.Am outbound connection (malware-cnc.rules)
 * 1:21215 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banker.Am outbound connection (malware-cnc.rules)
 * 1:21212 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.nkor outbound connection (malware-cnc.rules)
 * 1:21211 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.slrj outbound connection (malware-cnc.rules)
 * 1:21210 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rallovs.A outbound connection (malware-cnc.rules)
 * 1:21209 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Enviserv.A outbound connection (malware-cnc.rules)
 * 1:21208 <-> ENABLED <-> MALWARE-CNC Win.Trojan.RShot.brw outbound connection (malware-cnc.rules)
 * 1:21207 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dekara.A outbound connection (malware-cnc.rules)
 * 1:21205 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B outbound connection (malware-cnc.rules)
 * 1:21204 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B outbound connection (malware-cnc.rules)
 * 1:21203 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Induc.B outbound connection (malware-cnc.rules)
 * 1:21202 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Scapzilla.A outbound connection (malware-cnc.rules)
 * 1:21201 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yakes.cmu outbound connection (malware-cnc.rules)
 * 1:21200 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yakes.cmu outbound connection (malware-cnc.rules)
 * 1:21199 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A outbound connection (malware-cnc.rules)
 * 1:21198 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qinubot.A outbound connection (malware-cnc.rules)
 * 1:21197 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A outbound connection (malware-cnc.rules)
 * 1:21196 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Caphaw.A outbound connection (malware-cnc.rules)
 * 1:21195 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Protux.B outbound connection (malware-cnc.rules)
 * 1:21194 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Wealwedst.A outbound connection (malware-cnc.rules)
 * 1:21193 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dalbot.A outbound connection (malware-cnc.rules)
 * 1:21192 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Syswrt.dvd outbound connection (malware-cnc.rules)
 * 1:21187 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Xlahlah.A outbound connection (malware-cnc.rules)
 * 1:21183 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.alfu outbound connection (malware-cnc.rules)
 * 1:21182 <-> DISABLED <-> MALWARE-CNC Win.Trojan.MeSub.ac outbound connection (malware-cnc.rules)
 * 1:21181 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.czgu outbound connection (malware-cnc.rules)
 * 1:21179 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Coofus.RFM outbound connection (malware-cnc.rules)
 * 1:21178 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Chekafe.A outbound connection (malware-cnc.rules)
 * 1:21177 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ganipin.A inbound connection (malware-cnc.rules)
 * 1:21151 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Stegae.A runtime traffic detected (malware-cnc.rules)
 * 1:21145 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Neraweq.A runtime traffic detected (malware-cnc.rules)
 * 1:21144 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21143 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21142 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (malware-cnc.rules)
 * 1:21127 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Setfic.A runtime traffic detected (malware-cnc.rules)
 * 1:21126 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Koutodoor.C runtime traffic detected (malware-cnc.rules)
 * 1:21125 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alureon.DG runtime traffic detected (malware-cnc.rules)
 * 1:21124 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Opachki.A runtime traffic detected (malware-cnc.rules)
 * 1:21123 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Flymux.A runtime traffic detected (malware-cnc.rules)
 * 1:21122 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bandok.zp runtime traffic detected (malware-cnc.rules)
 * 1:21058 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AutoIt.pm runtime traffic detected (malware-cnc.rules)
 * 1:21055 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Utka.A outbound connection (malware-cnc.rules)
 * 1:20891 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20890 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (malware-cnc.rules)
 * 1:20844 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.smxy runtime traffic detected (malware-cnc.rules)
 * 1:20838 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smokebot.A runtime traffic detected (malware-cnc.rules)
 * 1:20837 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mecklow.C runtime traffic detected (malware-cnc.rules)
 * 1:20836 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zusy.A runtime traffic detected (malware-cnc.rules)
 * 1:20830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.amdu outbound connection (malware-cnc.rules)
 * 1:19435 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Litmus.203 outbound connection (malware-cnc.rules)
 * 1:19429 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Proxy Win.Trojan.Dosenjo.C Runtime Detection (malware-cnc.rules)
 * 1:19428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Adload.BG outbound connection (malware-cnc.rules)
 * 1:19427 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amjz outbound connection (malware-cnc.rules)
 * 1:19426 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Crypter.i outbound connection (malware-cnc.rules)
 * 1:19404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Ozdok outbound connection (malware-cnc.rules)
 * 1:19401 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Sddrop.D outbound connection (malware-cnc.rules)
 * 1:19400 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Sddrop.D outbound connection (malware-cnc.rules)
 * 1:19398 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BAT.Shutdown.ef outbound connection (malware-cnc.rules)
 * 1:19397 <-> DISABLED <-> MALWARE-CNC Win.Trojan.UltimateDefender.xv outbound connection (malware-cnc.rules)
 * 1:20759 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Gbot.oce outbound connection (malware-cnc.rules)
 * 1:20756 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jorik variant outbound connection (malware-cnc.rules)
 * 1:20755 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Krap outbound connection (malware-cnc.rules)
 * 1:20754 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Virut-3 outbound connection (malware-cnc.rules)
 * 1:20697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (malware-cnc.rules)
 * 1:20695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.GZW connect to cnc server (malware-cnc.rules)
 * 1:20694 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SSonce.A backdoor access (malware-cnc.rules)
 * 1:20693 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Blackcontrol.A contact to cnc-server (malware-cnc.rules)
 * 1:20686 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Virut.BM connect to client (malware-cnc.rules)
 * 1:20685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Heloag.A connect to cnc-server (malware-cnc.rules)
 * 1:20679 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Syrutrk connect to cnc-server (malware-cnc.rules)
 * 1:20677 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn connect to cnc-server (malware-cnc.rules)
 * 1:20676 <-> DISABLED <-> MALWARE-CNC Win.Trojan.EggDrop.acn connect to cnc-server (malware-cnc.rules)
 * 1:20639 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Higest.N outbound connection (malware-cnc.rules)
 * 1:20630 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Winnti.A contact to cnc server (malware-cnc.rules)
 * 1:20627 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A C&C server response (malware-cnc.rules)
 * 1:20626 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shylock.A contact to C&C server (malware-cnc.rules)
 * 1:20606 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Domsingx.A contact to C&C server (malware-cnc.rules)
 * 1:20605 <-> DISABLED <-> MALWARE-CNC Win.Trojan.R2d2.A contact to cnc server (malware-cnc.rules)
 * 1:20604 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Buzus.isqy trojan phishing (malware-cnc.rules)
 * 1:20599 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A trojan injection (malware-cnc.rules)
 * 1:20598 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A trojan injection (malware-cnc.rules)
 * 1:20597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A trojan injection (malware-cnc.rules)
 * 1:20596 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smoaler.A trojan injection (malware-cnc.rules)
 * 1:20595 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ixeshe.F backdoor access (malware-cnc.rules)
 * 1:20587 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Larchik.A backdoor phishing (malware-cnc.rules)
 * 1:20571 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb outbound connection (malware-cnc.rules)
 * 1:20570 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb outbound connection (malware-cnc.rules)
 * 1:20569 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.kb outbound connection (malware-cnc.rules)
 * 1:20562 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE contact to cnc-server (malware-cnc.rules)
 * 1:20561 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PWSBanker.SHE contact to cnc-server (malware-cnc.rules)
 * 1:20449 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Busifom.A outbound connection (malware-cnc.rules)
 * 1:20448 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Meciv.A outbound connection (malware-cnc.rules)
 * 1:20447 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.JAAK outbound connection (malware-cnc.rules)
 * 1:20435 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Svr runtime traffic detected (malware-cnc.rules)
 * 1:20432 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hiloti outbound connection (malware-cnc.rules)
 * 1:20428 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zewit.A outbound connection (malware-cnc.rules)
 * 1:20292 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.FresctSpy.A outbound connection (malware-cnc.rules)
 * 1:20291 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Mybios.A outbound connection (malware-cnc.rules)
 * 1:20290 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A inbound connection (malware-cnc.rules)
 * 1:20289 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Doschald.A outbound connection (malware-cnc.rules)
 * 1:20281 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20280 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Kazy variant outbound connection (malware-cnc.rules)
 * 1:20235 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AdobeReader.Uz runtime traffic detected (malware-cnc.rules)
 * 1:20234 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ceckno.cmz runtime traffic detected (malware-cnc.rules)
 * 1:20233 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Virut outbound connection (malware-cnc.rules)
 * 1:20232 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Cycbot outbound connection (malware-cnc.rules)
 * 1:20229 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jinchodz variant outbound connection (malware-cnc.rules)
 * 1:20228 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Hupigon variant outbound connection (malware-cnc.rules)
 * 1:20222 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Payazol.B outbound connection (malware-cnc.rules)
 * 1:20219 <-> DISABLED <-> MALWARE-CNC Win.Trojan.ToriaSpy.A outbound connection (malware-cnc.rules)
 * 1:20218 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A outbound connection (malware-cnc.rules)
 * 1:20217 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ramagedos.A outbound connection (malware-cnc.rules)
 * 1:20213 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (malware-cnc.rules)
 * 1:20204 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Taidoor outbound connection (malware-cnc.rules)
 * 1:20109 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zombie.sm outbound connection (malware-cnc.rules)
 * 1:20108 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banker.Pher outbound connection (malware-cnc.rules)
 * 1:20107 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Small.Cns outbound connection (malware-cnc.rules)
 * 1:20099 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Xtrat.A outbound connection (malware-cnc.rules)
 * 1:20098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.KeyLogger.wav outbound connection (malware-cnc.rules)
 * 1:20097 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.dcir infected host at destination ip (malware-cnc.rules)
 * 1:20096 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.dcir outbound connection (malware-cnc.rules)
 * 1:20088 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Emudbot.A outbound connection (malware-cnc.rules)
 * 1:20087 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banker.FGU outbound connection (malware-cnc.rules)
 * 1:20086 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banload.ABY outbound connection (malware-cnc.rules)
 * 1:20085 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veebuu.BX outbound connection (malware-cnc.rules)
 * 1:20083 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Fucobha.A outbound connection (malware-cnc.rules)
 * 1:20082 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Inject.raw outbound connection (malware-cnc.rules)
 * 1:20081 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Yakes.cbi outbound connection (malware-cnc.rules)
 * 1:20080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Derusbi.A outbound connection (malware-cnc.rules)
 * 1:20079 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C outbound connection (malware-cnc.rules)
 * 1:20078 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Russkill.C outbound connection (malware-cnc.rules)
 * 1:20077 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast outbound connection (malware-cnc.rules)
 * 1:20076 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agobot.ast outbound connection (malware-cnc.rules)
 * 1:20075 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ruskill.abl outbound connection (malware-cnc.rules)
 * 1:20074 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.iseee outbound connection (malware-cnc.rules)
 * 1:20069 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.alhq runtime traffic detected (malware-cnc.rules)
 * 1:20068 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jetilms.A runtime activity detected (malware-cnc.rules)
 * 1:20067 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Zatvex.A runtime traffic detected (malware-cnc.rules)
 * 1:20066 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 SensLiceld.A runtime traffic detected (malware-cnc.rules)
 * 1:20064 <-> DISABLED <-> MALWARE-CNC Malware Win.Trojan.Clemag.A variant outbound connection (malware-cnc.rules)
 * 1:20042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sinowal outbond connection (malware-cnc.rules)
 * 1:20040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.KSpyPro.A outbound connection (malware-cnc.rules)
 * 1:20038 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (malware-cnc.rules)
 * 1:20036 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Agent.ndau runtime traffic detected (malware-cnc.rules)
 * 1:20035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win32 Coinbit.A runtime traffic detected (malware-cnc.rules)
 * 1:20026 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banker.abg.b outbound connection (malware-cnc.rules)
 * 1:20024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dreamy.bc outbound connection (malware-cnc.rules)
 * 1:20022 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Padobot.z outbound connection (malware-cnc.rules)
 * 1:20017 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Koobface.dq outbound connection (malware-cnc.rules)
 * 1:20016 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus outbound connection (malware-cnc.rules)
 * 1:20015 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zeus outbound connection (malware-cnc.rules)
 * 1:20004 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc install-time traffic detected (malware-cnc.rules)
 * 1:20003 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy Pilonoc runtime traffic detected (malware-cnc.rules)
 * 1:19997 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PSW.Win32.QQPass.gam outbound connection (malware-cnc.rules)
 * 1:19991 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot.PG runtime traffic detected (malware-cnc.rules)
 * 1:19983 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kolabc.fic outbound connection (malware-cnc.rules)
 * 1:19982 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.wwe outbound connection (malware-cnc.rules)
 * 1:19981 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Micstus.A runtime traffic detected (malware-cnc.rules)
 * 1:19975 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Crypt.vb runtime detection (malware-cnc.rules)
 * 1:19974 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.bwj runtime detection (malware-cnc.rules)
 * 1:19973 <-> DISABLED <-> MALWARE-CNC Worm.Win.Trojan.Nebuler.D runtime detection (malware-cnc.rules)
 * 1:19971 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mudrop.lj runtime detection (malware-cnc.rules)
 * 1:19965 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.avzz outbound connection (malware-cnc.rules)
 * 1:19964 <-> DISABLED <-> MALWARE-CNC Virus Win.Trojan.Sality.aa outbound connection (malware-cnc.rules)
 * 1:19963 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.aajs outbound connection (malware-cnc.rules)
 * 1:19960 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.aulk outbound connection (malware-cnc.rules)
 * 1:19959 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.aulk outbound connection (malware-cnc.rules)
 * 1:19958 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.aulk outbound connection (malware-cnc.rules)
 * 1:19949 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.asjk outbound connection (malware-cnc.rules)
 * 1:19948 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.asjk outbound connection (malware-cnc.rules)
 * 1:19947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.amwd outbound connection (malware-cnc.rules)
 * 1:19946 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd outbound connection (malware-cnc.rules)
 * 1:19945 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd outbound connection (malware-cnc.rules)
 * 1:19944 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.ykl outbound connection (malware-cnc.rules)
 * 1:19942 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen outbound connection (malware-cnc.rules)
 * 1:19941 <-> DISABLED <-> MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen outbound connection (malware-cnc.rules)
 * 1:19936 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba outbound connection (malware-cnc.rules)
 * 1:19935 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba outbound connection (malware-cnc.rules)
 * 1:19924 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Spidern.A outbound connection (malware-cnc.rules)
 * 1:19923 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Venik.B outbound connection (malware-cnc.rules)
 * 1:19922 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shiz.ivr outbound connection (malware-cnc.rules)
 * 1:19921 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Puprlehzae.A outbound connection (malware-cnc.rules)
 * 1:19920 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reppserv.A outbond connection (malware-cnc.rules)
 * 1:19919 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Murcy.A outbound connection (malware-cnc.rules)
 * 1:19918 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Ganelp.B outbound connection (malware-cnc.rules)
 * 1:19917 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sogu.A outbound connection (malware-cnc.rules)
 * 1:19916 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Bancos.ACB outbound connection (malware-cnc.rules)
 * 1:19915 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gnutler.apd outbound connection (malware-cnc.rules)
 * 1:19914 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Quivoe.A outbound connection (malware-cnc.rules)
 * 1:19905 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.jog runtime detection (malware-cnc.rules)
 * 1:19895 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Delf.jwh runtime detection (malware-cnc.rules)
 * 1:19866 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fusing.AA outbound connection (malware-cnc.rules)
 * 1:19865 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Arhost.D outbound connection (malware-cnc.rules)
 * 1:19864 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Nvbpass.A outbound connection (malware-cnc.rules)
 * 1:19863 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Httpbot.yi Runtime Detection (malware-cnc.rules)
 * 1:19862 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.iej variant outbound connection (malware-cnc.rules)
 * 1:19861 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cqcv variant outbound connection (malware-cnc.rules)
 * 1:19858 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd outbound connection - non-Windows (malware-cnc.rules)
 * 1:19857 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.hhbd outbound connection - Windows (malware-cnc.rules)
 * 1:19852 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Delf.tbv outbound connection (malware-cnc.rules)
 * 1:19833 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.bda runtime detection (malware-cnc.rules)
 * 1:19832 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Veslorn.gen.A runtime detection (malware-cnc.rules)
 * 1:19830 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poebot.BP runtime detection (malware-cnc.rules)
 * 1:19829 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rbot.gen runtime detection (malware-cnc.rules)
 * 1:19828 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SpyAgent.B runtime detection (malware-cnc.rules)
 * 1:19822 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.HH runtime detection (malware-cnc.rules)
 * 1:19820 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A runtime detection (malware-cnc.rules)
 * 1:19819 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ertfor.A runtime detection (malware-cnc.rules)
 * 1:19805 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Smser.cx Runtime Detection (malware-cnc.rules)
 * 1:19804 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.ktq variant outbound connection (malware-cnc.rules)
 * 1:19803 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Renos.FH variant outbound connection (malware-cnc.rules)
 * 1:19802 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wixud.B variant outbound connection (malware-cnc.rules)
 * 1:19800 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pher.ij Runtime Detection (malware-cnc.rules)
 * 1:19798 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent2.kxu outbound connection (malware-cnc.rules)
 * 1:19796 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DL.CashnJoy.A outbound connection (malware-cnc.rules)
 * 1:19795 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakeAV NoAdware outbound connection (malware-cnc.rules)
 * 1:19793 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.SillyFDC-DS outbound connection (malware-cnc.rules)
 * 1:19792 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Caxnet.A outbound connection (malware-cnc.rules)
 * 1:19790 <-> DISABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh outbound connection (malware-cnc.rules)
 * 1:19789 <-> DISABLED <-> MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh outbound connection (malware-cnc.rules)
 * 1:19788 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.pnc Runtime Detection (malware-cnc.rules)
 * 1:19785 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Malushka.T outbound connection (malware-cnc.rules)
 * 1:19783 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload.agcw runtime detection (malware-cnc.rules)
 * 1:19782 <-> DISABLED <-> MALWARE-CNC Win.Trojan.AVKill.bc variant outbound connection (malware-cnc.rules)
 * 1:19776 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent2.guy dropper runtime detection (malware-cnc.rules)
 * 1:19771 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Yoddos.A outbound connection (malware-cnc.rules)
 * 1:19770 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Yoddos.A outbound connection (malware-cnc.rules)
 * 1:19769 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Yoddos.A outbound indicator (malware-cnc.rules)
 * 1:19767 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Msposer.A outbound connection (malware-cnc.rules)
 * 1:19766 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Autorun.hi outbound connection (malware-cnc.rules)
 * 1:19765 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banker.BXF outbound connection (malware-cnc.rules)
 * 1:19764 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE outbound connection (malware-cnc.rules)
 * 1:19763 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE outbound connection (malware-cnc.rules)
 * 1:19762 <-> DISABLED <-> MALWARE-CNC Win.Trojan.RDPdoor.AE outbound connection (malware-cnc.rules)
 * 1:19761 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Ftpharvxqq.A outbound connection (malware-cnc.rules)
 * 1:19760 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Arsinfoder.A outbound connection (malware-cnc.rules)
 * 1:19758 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.yw variant outbound connection (malware-cnc.rules)
 * 1:19757 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.bqlu variant outbound connection (malware-cnc.rules)
 * 1:19755 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Alphabet variant outbound connection (malware-cnc.rules)
 * 1:19753 <-> DISABLED <-> MALWARE-CNC Win.Trojan.TrojanSpy.Win32.Zbot.gen.C Runtime Detection (malware-cnc.rules)
 * 1:19749 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.chgp variant outbound connection (malware-cnc.rules)
 * 1:19747 <-> DISABLED <-> MALWARE-CNC Win.Trojan.GGDoor.22 runtime detection (malware-cnc.rules)
 * 1:19746 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.biiw runtime detection (malware-cnc.rules)
 * 1:19745 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FraudLoad.dyl runtime detection (malware-cnc.rules)
 * 1:19743 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hupigon.eqlo runtime detection (malware-cnc.rules)
 * 1:19742 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.atff runtime detection (malware-cnc.rules)
 * 1:19739 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Apptom runtime detection (malware-cnc.rules)
 * 1:19733 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Jorik.BRU outbound connection (malware-cnc.rules)
 * 1:19732 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Idicaf.B outbound connection (malware-cnc.rules)
 * 1:19731 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Darkwebot.A outbound connection (malware-cnc.rules)
 * 1:19730 <-> ENABLED <-> MALWARE-CNC Win.Trojan.KukuBot.A outbound connection (malware-cnc.rules)
 * 1:19729 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih.A outbound connection (malware-cnc.rules)
 * 1:19728 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Yayih.A outbound connection (malware-cnc.rules)
 * 1:19727 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Bancos.DI outbound connection (malware-cnc.rules)
 * 1:19726 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison.AY outbound connection (malware-cnc.rules)
 * 1:19725 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Poison.AY outbound connection (malware-cnc.rules)
 * 1:19724 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.dhy outbound connection (malware-cnc.rules)
 * 1:19723 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Pherbot.A outbound connection (malware-cnc.rules)
 * 1:19722 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Poshtroper.A outbound connection (malware-cnc.rules)
 * 1:19721 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.mlh variant outbound connection (malware-cnc.rules)
 * 1:19712 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader W32.Genome.gen outbound connection (malware-cnc.rules)
 * 1:19706 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.cer outbound connection (malware-cnc.rules)
 * 1:19705 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.grdm outbound connection (malware-cnc.rules)
 * 1:19704 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.grdm outbound connection (malware-cnc.rules)
 * 1:19703 <-> ENABLED <-> MALWARE-CNC Worm Win.Trojan.Dusta.br outbound connnection (malware-cnc.rules)
 * 1:19702 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Zboter.E outbound connection (malware-cnc.rules)
 * 1:19701 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Hassar.A outbound connection (malware-cnc.rules)
 * 1:19700 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.tnr Runtime Detection (malware-cnc.rules)
 * 1:19698 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Prosti.AG variant outbound connection (malware-cnc.rules)
 * 1:19697 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Spy.Win32.VB.btm outbound connection (malware-cnc.rules)
 * 1:19696 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SdBot.nng inbound connection (malware-cnc.rules)
 * 1:19695 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.VB.nec outbound connection (malware-cnc.rules)
 * 1:19660 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Riern.K outbound connection (malware-cnc.rules)
 * 1:19659 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Soleseq.A outbound connection (malware-cnc.rules)
 * 1:19658 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.MCnovogic.A outbound connection (malware-cnc.rules)
 * 1:19616 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.Win32.Banbra.mcq outbound connection (malware-cnc.rules)
 * 1:19615 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr outbound connection (malware-cnc.rules)
 * 1:19614 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.kkr outbound connection (malware-cnc.rules)
 * 1:19612 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.bvk outbound connection (malware-cnc.rules)
 * 1:19608 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Wisscmd.A outbound connection (malware-cnc.rules)
 * 1:19597 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.cws runtime detection (malware-cnc.rules)
 * 1:19593 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Agent.btxm runtime detection - IRC (malware-cnc.rules)
 * 1:19591 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Powp.pyv outbound connection (malware-cnc.rules)
 * 1:19590 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Savnut.B outbound connection (malware-cnc.rules)
 * 1:19588 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sereki.B successful connection (malware-cnc.rules)
 * 1:19587 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sereki.B outbound connection (malware-cnc.rules)
 * 1:19586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Agent.dlg outbound connection (malware-cnc.rules)
 * 1:19585 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Dref.C outbound connection - notification (malware-cnc.rules)
 * 1:19584 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Dref.C outbound connection (malware-cnc.rules)
 * 1:19583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Bumat.rts outbound connection (malware-cnc.rules)
 * 1:19582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd outbound connection (malware-cnc.rules)
 * 1:19581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd outbound connection (malware-cnc.rules)
 * 1:19580 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Basun.wsc inbound connection (malware-cnc.rules)
 * 1:19579 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Potao.A outbound connection (malware-cnc.rules)
 * 1:19577 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Dogrobot.E outbound connection (malware-cnc.rules)
 * 1:19575 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Emold.U outbound connection (malware-cnc.rules)
 * 1:19574 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Chiviper.C outbound connection (malware-cnc.rules)
 * 1:19573 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Chiviper.C outbound connection (malware-cnc.rules)
 * 1:19572 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FFSearch.A runtime detection (malware-cnc.rules)
 * 1:19557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Shark.ag outbound connection (malware-cnc.rules)
 * 1:19556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Homa.dk outbound connection (malware-cnc.rules)
 * 1:19555 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Small.akow outbound connection (malware-cnc.rules)
 * 1:19554 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav Antivirus Xp Pro outbound connection (malware-cnc.rules)
 * 1:19495 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Pilleuz outbound connection (malware-cnc.rules)
 * 1:19491 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Genome.vau outbound connection (malware-cnc.rules)
 * 1:19490 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Koceg.B variant outbound connection (malware-cnc.rules)
 * 1:19489 <-> DISABLED <-> MALWARE-CNC Win.Trojan.DeAlfa.fa variant outbound connection (malware-cnc.rules)
 * 1:19487 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.kih variant outbound connection (malware-cnc.rules)
 * 1:19484 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Agent.alqt variant outbound connection (malware-cnc.rules)
 * 1:19483 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Reload.fy variant outbound connection (malware-cnc.rules)
 * 1:19477 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krap.af variant outbound connection (malware-cnc.rules)
 * 1:19396 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Beastdoor.b outbound connection (malware-cnc.rules)
 * 1:19395 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Monkif.J inbound connection - dest ip infected (malware-cnc.rules)
 * 1:19394 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Tidserv outbound connection (malware-cnc.rules)
 * 1:19371 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banker.IC outbound connection (malware-cnc.rules)
 * 1:19370 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Carberp.D outbound connection (malware-cnc.rules)
 * 1:19369 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Carberp.D outbound connection (malware-cnc.rules)
 * 1:19368 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Carberp.D outbound connection (malware-cnc.rules)
 * 1:19367 <-> DISABLED <-> MALWARE-CNC Worm Win.Trojan.Vaubeg.A outbound connection (malware-cnc.rules)
 * 1:19366 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HXWAN.A outbound connection (malware-cnc.rules)
 * 1:19363 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dorkbot.B outbound connection (malware-cnc.rules)
 * 1:19361 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Dcbavict.A outbound connection (malware-cnc.rules)
 * 1:19360 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Dcbavict.A outbound connection (malware-cnc.rules)
 * 1:19359 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Dcbavict.A outbound connection (malware-cnc.rules)
 * 1:19358 <-> ENABLED <-> MALWARE-CNC Win.Trojan.XYTvn.A outbound connection (malware-cnc.rules)
 * 1:19357 <-> ENABLED <-> MALWARE-CNC Worm Win.Trojan.Sohanad.ila outbound connection (malware-cnc.rules)
 * 1:19356 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fibbit.ax outbound connection (malware-cnc.rules)
 * 1:19355 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fareit.A outbound connection (malware-cnc.rules)
 * 1:19354 <-> DISABLED <-> MALWARE-BACKDOOR Win.Trojan.Agent.bhxn outbound connection (malware-backdoor.rules)
 * 1:19353 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Banker.bkhu outbound connection (malware-cnc.rules)
 * 1:19352 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Small.D outbound connection (malware-cnc.rules)
 * 1:19351 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Hatigh.C outbound connection (malware-cnc.rules)
 * 1:19348 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Downloader Win.Trojan.FraudLoad.emq outbound connection (malware-cnc.rules)
 * 1:19347 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Poison.banr outbound connection (malware-cnc.rules)
 * 1:19340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Fakeav TREAntivirus outbound connection (malware-cnc.rules)
 * 1:19339 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Agent.alda outbound connection (malware-cnc.rules)
 * 1:19332 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Clampi outbound connection (malware-cnc.rules)
 * 1:19331 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz outbound connection (malware-cnc.rules)
 * 1:19330 <-> DISABLED <-> MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz outbound connection (malware-cnc.rules)
 * 1:19312 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Win.Trojan.Agent.aah outbound connection (malware-cnc.rules)
 * 1:19183 <-> DISABLED <-> WEB-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (web-iis.rules)
 * 1:19164 <-> ENABLED <-> MALWARE-CNC Win.Trojan.SpyEye outbound connection (malware-cnc.rules)
 * 1:19135 <-> DISABLED <-> MALWARE-BACKDOOR Win.Trojan.Buterat Checkin (malware-backdoor.rules)
 * 1:19123 <-> DISABLED <-> MALWARE-CNC Dropper Win.Trojan.Cefyns.A outbound connection (malware-cnc.rules)
 * 1:19062 <-> DISABLED <-> MALWARE-CNC Win.Trojan.FakePlus Runtime Detection (malware-cnc.rules)
 * 1:19060 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ponmocup.A variant outbound connection (malware-cnc.rules)
 * 1:19057 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19056 <-> ENABLED <-> MALWARE-CNC Win.Trojan.QQFish variant outbound connection (malware-cnc.rules)
 * 1:19055 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gosik.A registration (malware-cnc.rules)
 * 1:19054 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sisron.nelo variant outbound connection (malware-cnc.rules)
 * 1:19052 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Httpbot.qdc variant outbound connection (malware-cnc.rules)
 * 1:19050 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banbra.fxe variant outbound connection (malware-cnc.rules)
 * 1:19049 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Gigade variant outbound connection (malware-cnc.rules)
 * 1:19048 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Darkness variant outbound connection (malware-cnc.rules)
 * 1:19045 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bancos.XQ variant outbound connection (malware-cnc.rules)
 * 1:19042 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.ACQE variant outbound connection (malware-cnc.rules)
 * 1:19041 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Carberp.C variant outbound connection (malware-cnc.rules)
 * 1:19040 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19039 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (malware-cnc.rules)
 * 1:19038 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Jzzer.A variant outbound connection (malware-cnc.rules)
 * 1:19037 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19036 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (malware-cnc.rules)
 * 1:19035 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Vilsel.baqb outbound connection (malware-cnc.rules)
 * 1:19034 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Kbot.qd outbound connection (malware-cnc.rules)
 * 1:19029 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PcClient.AI outbound connection (malware-cnc.rules)
 * 1:19024 <-> DISABLED <-> MALWARE-CNC Win.Trojan.StartPage outbound connection (malware-cnc.rules)
 * 1:19019 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.outbound connection (malware-cnc.rules)
 * 1:19018 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.outbound connection (malware-cnc.rules)
 * 1:19017 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.outbound connection (malware-cnc.rules)
 * 1:19016 <-> ENABLED <-> MALWARE-CNC MacBack Win.Trojan.outbound connection (malware-cnc.rules)
 * 1:18978 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Pasta.aoq runtime detection (malware-cnc.rules)
 * 1:18947 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC runtime detection (malware-cnc.rules)
 * 1:18946 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.FC runtime detection (malware-cnc.rules)
 * 1:18937 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.Krap (malware-cnc.rules)
 * 1:18936 <-> DISABLED <-> MALWARE-CNC URI request for known malicious URI - Win.Trojan.FakeAV (malware-cnc.rules)
 * 1:18720 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Terzib.A variant outbound connection (malware-cnc.rules)
 * 1:18719 <-> DISABLED <-> MALWARE-CNC Win.Trojan.IRCBot.CBY variant outbound connection (malware-cnc.rules)
 * 1:18717 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.QO variant outbound connection (malware-cnc.rules)
 * 1:18716 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.H variant outbound connection (malware-cnc.rules)
 * 1:18709 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banker.aufm variant outbound connection (malware-cnc.rules)
 * 1:18700 <-> DISABLED <-> MALWARE-CNC Win.Trojan.BHO.argt checkin (malware-cnc.rules)
 * 1:18618 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Scar.dpvy/Parkchicers.A/Delf checkin (malware-cnc.rules)
 * 1:18281 <-> DISABLED <-> MALWARE-CNC Win.Trojan.VB.njz variant outbound connection (malware-cnc.rules)
 * 1:18279 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Karagany.A variant outbound connection (malware-cnc.rules)
 * 1:16823 <-> ENABLED <-> MALWARE-CNC Win.Trojan.FlyStudio known command and control channel traffic (malware-cnc.rules)
 * 1:16808 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E - register client (malware-cnc.rules)
 * 1:16807 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E - FTP Upload ps_dump (malware-cnc.rules)
 * 1:16806 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E - FTP upload seclog (malware-cnc.rules)
 * 1:16805 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E config check (malware-cnc.rules)
 * 1:16804 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Qakbot.E - initial load (malware-cnc.rules)
 * 1:16600 <-> DISABLED <-> MALWARE-CNC Otlard Win.Trojan.activity (malware-cnc.rules)
 * 1:16558 <-> DISABLED <-> MALWARE-CNC SdBot IRC Win.Trojan.server to client communication (malware-cnc.rules)
 * 1:16496 <-> ENABLED <-> MALWARE-CNC Win.Trojan.hacktool attempt to contact server (malware-cnc.rules)
 * 1:16459 <-> ENABLED <-> MALWARE-CNC Win.Trojan.command and control communication (malware-cnc.rules)
 * 1:16391 <-> ENABLED <-> MALWARE-CNC Gozi Win.Trojan.connection to C&C (malware-cnc.rules)
 * 1:16111 <-> DISABLED <-> MALWARE-CNC Win.Trojan.zlob.wwv installtime detection (malware-cnc.rules)
 * 1:16110 <-> DISABLED <-> MALWARE-CNC Win.Trojan.zlob.wwv runtime detection - childhe (malware-cnc.rules)
 * 1:16109 <-> DISABLED <-> MALWARE-CNC Win.Trojan.zlob.wwv runtime detection - onestoponlineshop (malware-cnc.rules)
 * 1:16108 <-> DISABLED <-> MALWARE-CNC Win.Trojan.exchanger.gen2 runtime detection (malware-cnc.rules)
 * 1:16102 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.phh runtime detection - sft_ver1.1454.0.exe (malware-cnc.rules)
 * 1:16101 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.phh runtime detection - 57329.exe (malware-cnc.rules)
 * 1:16100 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.phh runtime detection - file.exe (malware-cnc.rules)
 * 1:16099 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.wdv runtime detection (malware-cnc.rules)
 * 1:16098 <-> DISABLED <-> MALWARE-CNC Win.Trojan.cekar variant runtime detection (malware-cnc.rules)
 * 1:16097 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.vvm runtime detection (malware-cnc.rules)
 * 1:16094 <-> DISABLED <-> MALWARE-CNC Win.Trojan.exchan.gen variant runtime detection (malware-cnc.rules)
 * 1:16092 <-> DISABLED <-> MALWARE-BACKDOOR Win.Trojan.delf.jwh runtime detection (malware-backdoor.rules)
 * 1:15730 <-> ENABLED <-> MALWARE-CNC Delf Win.Trojan.POST (malware-cnc.rules)
 * 1:15565 <-> ENABLED <-> MALWARE-CNC RSPlug Win.Trojan.file download (malware-cnc.rules)
 * 1:15564 <-> ENABLED <-> MALWARE-CNC RSPlug Win.Trojan.file download (malware-cnc.rules)
 * 1:15563 <-> ENABLED <-> MALWARE-CNC RSPlug Win.Trojan.server connection (malware-cnc.rules)
 * 1:14083 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.aarm runtime detection - download other malware (malware-cnc.rules)
 * 1:14082 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.aarm runtime detection - spread via spam (malware-cnc.rules)
 * 1:14081 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.aarm runtime detection - call home (malware-cnc.rules)
 * 1:13945 <-> DISABLED <-> MALWARE-CNC Win.Trojan.small.gy runtime detection - update (malware-cnc.rules)
 * 1:13944 <-> DISABLED <-> MALWARE-CNC Win.Trojan.small.gy runtime detection - get whitelist (malware-cnc.rules)
 * 1:13942 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.nac runtime detection - call home (malware-cnc.rules)
 * 1:13941 <-> DISABLED <-> MALWARE-CNC Win.Trojan.agent.nac runtime detection - click fraud (malware-cnc.rules)
 * 1:13878 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.uv runtime detection (malware-cnc.rules)
 * 1:13877 <-> DISABLED <-> MALWARE-CNC Win.Trojan.delf.uv runtime detection (malware-cnc.rules)
 * 1:13856 <-> DISABLED <-> MALWARE-CNC Win.Trojan.wintrim.z runtime detection (malware-cnc.rules)
 * 1:11950 <-> DISABLED <-> MALWARE-CNC killav_gj (malware-cnc.rules)
 * 1:10197 <-> DISABLED <-> MALWARE-BACKDOOR Wordpress backdoor theme.php code execution (malware-backdoor.rules)
 * 1:10196 <-> DISABLED <-> MALWARE-BACKDOOR Wordpress backdoor feed.php code execution (malware-backdoor.rules)
 * 1:10114 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm command and control propagation detected (malware-cnc.rules)
 * 1:10113 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm command and control propagation detected (malware-cnc.rules)
 * 1:10077 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10076 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10075 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10074 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10073 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10072 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10071 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10070 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10069 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10068 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10067 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10066 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10065 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (malware-cnc.rules)
 * 1:10064 <-> DISABLED <-> EXPLOIT Peercast URL Parameter overflow attempt (exploit.rules)
 * 1:23936 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zakahic variant outbound connection (malware-cnc.rules)
 * 1:23938 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Ibabyfa.dldr runtime detection (malware-cnc.rules)
 * 1:23941 <-> DISABLED <-> MALWARE-CNC OSX.Trojan.Aharm variant outbound connection (malware-cnc.rules)
 * 1:23948 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Sicisono variant outbound connection (malware-cnc.rules)
 * 1:23949 <-> DISABLED <-> MALWARE-CNC W32.Trojan.TKcik variant outbound connection (malware-cnc.rules)
 * 1:23953 <-> DISABLED <-> MALWARE-CNC Trojan.Comfoo variant outbound connection (malware-cnc.rules)
 * 1:23963 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Runagry variant outbound connection (malware-cnc.rules)
 * 1:23971 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Kabwak variant outbound connection (malware-cnc.rules)
 * 1:23973 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Vampols variant outbound connection (malware-cnc.rules)
 * 1:24011 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ransomer variant outbound connection (malware-cnc.rules)
 * 1:24015 <-> ENABLED <-> MALWARE-CNC W32.Trojan.Magania variant outbound connection (malware-cnc.rules)
 * 1:24062 <-> DISABLED <-> MALWARE-CNC W32.Trojan.Hufysk variant outbound connection (malware-cnc.rules)
 * 1:24077 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Upof outbound runtime detection (malware-cnc.rules)
 * 1:24087 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Bledoor TCP tunnel in UDP (malware-cnc.rules)
 * 1:24088 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Bledoor TCP tunnel in ICMP (malware-cnc.rules)
 * 1:24092 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Clisbot outbound connection (malware-cnc.rules)
 * 1:24115 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (malware-backdoor.rules)
 * 1:24116 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (malware-backdoor.rules)
 * 1:24117 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (malware-backdoor.rules)
 * 1:24118 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (malware-backdoor.rules)
 * 1:24119 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (malware-backdoor.rules)
 * 1:24120 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (malware-backdoor.rules)
 * 1:24121 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (malware-backdoor.rules)
 * 1:24122 <-> ENABLED <-> MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (malware-backdoor.rules)
 * 1:24191 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Raven variant outbound connection (malware-cnc.rules)
 * 1:24214 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Seveto variant outbound connection (malware-cnc.rules)
 * 1:24215 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Banload variant outbound connection (malware-cnc.rules)
 * 1:24216 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Biloky variant outbound connection (malware-cnc.rules)
 * 1:24217 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Spy variant outbound connection (malware-cnc.rules)
 * 1:24257 <-> ENABLED <-> MALWARE-OTHER mygeeksmail.dll download (malware-other.rules)
 * 1:24258 <-> ENABLED <-> MALWARE-OTHER mygeeksmail.dll download (malware-other.rules)
 * 1:24259 <-> ENABLED <-> MALWARE-OTHER PwDump7.exe download (malware-other.rules)
 * 1:24260 <-> ENABLED <-> MALWARE-OTHER PwDump7.exe download (malware-other.rules)
 * 1:24261 <-> ENABLED <-> MALWARE-OTHER Lanman2.dll download (malware-other.rules)
 * 1:24262 <-> ENABLED <-> MALWARE-OTHER Lanman2.dll download (malware-other.rules)
 * 1:24285 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Nomno variant outbound connection (malware-cnc.rules)
 * 1:24287 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Minitalviv variant outbound connection (malware-cnc.rules)
 * 1:24288 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Flexty outbound connection (malware-cnc.rules)
 * 1:24311 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Downloader download (malware-other.rules)
 * 1:24312 <-> ENABLED <-> MALWARE-OTHER Win.Trojan.Downloader inbound email (malware-other.rules)
 * 1:24340 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Bredolab initial CNC connection (malware-cnc.rules)
 * 1:24345 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Drexonin variant outbound connection (malware-cnc.rules)
 * 1:24346 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Zbot variant outbound connection (malware-cnc.rules)
 * 1:24347 <-> DISABLED <-> MALWARE-CNC Win.Downloader.Bloropac variant outbound connection (malware-cnc.rules)
 * 1:24361 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Gozi.Prinimalka variant outbound connection (malware-cnc.rules)
 * 1:24368 <-> ENABLED <-> MALWARE-CNC Lizamoon sql injection campaign phone-home attempt (malware-cnc.rules)
 * 1:9424 <-> DISABLED <-> MALWARE-OTHER /winnt/explorer.exe unicode klez infection (malware-other.rules)