Sourcefire VRT Rules Update

Date: 2013-07-30

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.3.1.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:27498 <-> DISABLED <-> BLACKLIST DNS request for known malware domain veiceobatnei.com - pushdo (blacklist.rules)
 * 1:27516 <-> DISABLED <-> BLACKLIST DNS request for known malware domain moqcadiguseo.com - pushdo (blacklist.rules)
 * 1:27411 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pivaficfang.com - pushdo (blacklist.rules)
 * 1:27410 <-> DISABLED <-> BLACKLIST DNS request for known malware domain beodubumu.com - pushdo (blacklist.rules)
 * 1:27409 <-> DISABLED <-> BLACKLIST DNS request for known malware domain picgoradokri.com - pushdo (blacklist.rules)
 * 1:27408 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jucipeimace.com - pushdo (blacklist.rules)
 * 1:27406 <-> DISABLED <-> BLACKLIST DNS request for known malware domain keopijinib.com - pushdo (blacklist.rules)
 * 1:27407 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jeireovatlot.com - pushdo (blacklist.rules)
 * 1:27403 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rotovanuglo.com - pushdo (blacklist.rules)
 * 1:27405 <-> DISABLED <-> BLACKLIST DNS request for known malware domain heijarocaf.com - pushdo (blacklist.rules)
 * 1:27402 <-> DISABLED <-> BLACKLIST DNS request for known malware domain joseodeofil.com - pushdo (blacklist.rules)
 * 1:27404 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hudafveaheo.com - pushdo (blacklist.rules)
 * 1:27400 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kafpicdeasim.com - pushdo (blacklist.rules)
 * 1:27401 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jixugliwi.com - pushdo (blacklist.rules)
 * 1:27398 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nirruggirc.com - pushdo (blacklist.rules)
 * 1:27399 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mupdircanbid.com - pushdo (blacklist.rules)
 * 1:27396 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mutigigigah.com - pushdo (blacklist.rules)
 * 1:27397 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gugxafnadugn.com - pushdo (blacklist.rules)
 * 1:27394 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fannaflofozb.com - pushdo (blacklist.rules)
 * 1:27395 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kiwikurugce.com - pushdo (blacklist.rules)
 * 1:27393 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xaficpedufi.com - pushdo (blacklist.rules)
 * 1:27391 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xiqickeam.com - pushdo (blacklist.rules)
 * 1:27392 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mupsopicnafo.com - pushdo (blacklist.rules)
 * 1:27389 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xoqhilwoqror.com - pushdo (blacklist.rules)
 * 1:27390 <-> DISABLED <-> BLACKLIST DNS request for known malware domain puxmaftavagi.com - pushdo (blacklist.rules)
 * 1:27387 <-> DISABLED <-> BLACKLIST DNS request for known malware domain heotahugqicj.com - pushdo (blacklist.rules)
 * 1:27388 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mideodeonuk.com - pushdo (blacklist.rules)
 * 1:27385 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nafgasajuwic.com - pushdo (blacklist.rules)
 * 1:27386 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qoqkeivoktig.com - pushdo (blacklist.rules)
 * 1:27384 <-> DISABLED <-> BLACKLIST DNS request for known malware domain wicxeidokjic.com - pushdo (blacklist.rules)
 * 1:27383 <-> DISABLED <-> BLACKLIST DNS request for known malware domain culuxsajabo.com - pushdo (blacklist.rules)
 * 1:27381 <-> DISABLED <-> BLACKLIST DNS request for known malware domain girbeoharo.com - pushdo (blacklist.rules)
 * 1:27382 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mojibudatfo.com - pushdo (blacklist.rules)
 * 1:27379 <-> DISABLED <-> BLACKLIST DNS request for known malware domain caluneihugj.com - pushdo (blacklist.rules)
 * 1:27380 <-> DISABLED <-> BLACKLIST DNS request for known malware domain suvadolit.com - pushdo (blacklist.rules)
 * 1:27377 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bozwagipeq.com - pushdo (blacklist.rules)
 * 1:27378 <-> DISABLED <-> BLACKLIST DNS request for known malware domain januvokxo.com - pushdo (blacklist.rules)
 * 1:27375 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rafaxokvu.com - pushdo (blacklist.rules)
 * 1:27376 <-> DISABLED <-> BLACKLIST DNS request for known malware domain huceicafwep.com - pushdo (blacklist.rules)
 * 1:27374 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fozwabozba.com - pushdo (blacklist.rules)
 * 1:27373 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fupveahilvil.com - pushdo (blacklist.rules)
 * 1:27372 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lozwoqdeteoc.com - pushdo (blacklist.rules)
 * 1:27370 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jimuhadirbo.com - pushdo (blacklist.rules)
 * 1:27371 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lozwoqdeteoc.kz - pushdo (blacklist.rules)
 * 1:27368 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lubiweigupk.com - pushdo (blacklist.rules)
 * 1:27369 <-> DISABLED <-> BLACKLIST DNS request for known malware domain citoqcoqx.com - pushdo (blacklist.rules)
 * 1:27366 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qirmiqoqcafh.com - pushdo (blacklist.rules)
 * 1:27367 <-> DISABLED <-> BLACKLIST DNS request for known malware domain koqpozhuho.com - pushdo (blacklist.rules)
 * 1:27364 <-> DISABLED <-> BLACKLIST DNS request for known malware domain wapicqojapa.com - pushdo (blacklist.rules)
 * 1:27365 <-> DISABLED <-> BLACKLIST DNS request for known malware domain natmagirka.com - pushdo (blacklist.rules)
 * 1:27362 <-> DISABLED <-> BLACKLIST DNS request for known malware domain wanhilqicq.kz - pushdo (blacklist.rules)
 * 1:27363 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dafkeaseix.com - pushdo (blacklist.rules)
 * 1:27360 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pirebeoxeoh.com - pushdo (blacklist.rules)
 * 1:27361 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tupdeapanfit.com - pushdo (blacklist.rules)
 * 1:27358 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jihatvokvod.com - pushdo (blacklist.rules)
 * 1:27359 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vatqupgigi.com - pushdo (blacklist.rules)
 * 1:27356 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ruheonugx.com - pushdo (blacklist.rules)
 * 1:27357 <-> DISABLED <-> BLACKLIST DNS request for known malware domain beohokeob.com - pushdo (blacklist.rules)
 * 1:27355 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fupnoxoqgoxa.com - pushdo (blacklist.rules)
 * 1:27353 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pozwozseilut.com - pushdo (blacklist.rules)
 * 1:27354 <-> DISABLED <-> BLACKLIST DNS request for known malware domain neosicujip.com - pushdo (blacklist.rules)
 * 1:27352 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xolikusos.com - pushdo (blacklist.rules)
 * 1:27351 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kihatsicx.com - pushdo (blacklist.rules)
 * 1:27349 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fupretoweanu.com - pushdo (blacklist.rules)
 * 1:27350 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mukirpewoqd.com - pushdo (blacklist.rules)
 * 1:27348 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qupwofiljabu.com - pushdo (blacklist.rules)
 * 1:27347 <-> DISABLED <-> BLACKLIST DNS request for known malware domain beocoqtea.com - pushdo (blacklist.rules)
 * 1:27346 <-> DISABLED <-> BLACKLIST DNS request for known malware domain taxopodafxo.com - pushdo (blacklist.rules)
 * 1:27344 <-> DISABLED <-> BLACKLIST DNS request for known malware domain picdicicdirx.com - pushdo (blacklist.rules)
 * 1:27345 <-> DISABLED <-> BLACKLIST DNS request for known malware domain batupduggea.com - pushdo (blacklist.rules)
 * 1:27342 <-> DISABLED <-> BLACKLIST DNS request for known malware domain feicanwudugw.com - pushdo (blacklist.rules)
 * 1:27343 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fildirkafxun.com - pushdo (blacklist.rules)
 * 1:27340 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pozdafcigafv.com - pushdo (blacklist.rules)
 * 1:27341 <-> DISABLED <-> BLACKLIST DNS request for known malware domain weifucicwa.com - pushdo (blacklist.rules)
 * 1:27339 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tugriljupm.com - pushdo (blacklist.rules)
 * 1:27337 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xafrugrede.com - pushdo (blacklist.rules)
 * 1:27338 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xafvujoriv.com - pushdo (blacklist.rules)
 * 1:27335 <-> DISABLED <-> BLACKLIST DNS request for known malware domain keagirrokfav.com - pushdo (blacklist.rules)
 * 1:27336 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hokmafgofi.com - pushdo (blacklist.rules)
 * 1:27333 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dobuveiliti.com - pushdo (blacklist.rules)
 * 1:27334 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tirhipanuwic.com - pushdo (blacklist.rules)
 * 1:27331 <-> DISABLED <-> BLACKLIST DNS request for known malware domain beigupxupoja.com - pushdo (blacklist.rules)
 * 1:27332 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ruxweawova.com - pushdo (blacklist.rules)
 * 1:27330 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jeofudokl.com - pushdo (blacklist.rules)
 * 1:27328 <-> DISABLED <-> BLACKLIST DNS request for known malware domain heinugsozr.com - pushdo (blacklist.rules)
 * 1:27329 <-> DISABLED <-> BLACKLIST DNS request for known malware domain numirugxo.com - pushdo (blacklist.rules)
 * 1:27326 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xububuxti.com - pushdo (blacklist.rules)
 * 1:27327 <-> DISABLED <-> BLACKLIST DNS request for known malware domain huxnirlogicd.com - pushdo (blacklist.rules)
 * 1:27324 <-> DISABLED <-> BLACKLIST DNS request for known malware domain luxseonirveo.com - pushdo (blacklist.rules)
 * 1:27325 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cukakoqnu.com - pushdo (blacklist.rules)
 * 1:27322 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qirkeitoqdob.com - pushdo (blacklist.rules)
 * 1:27323 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gomivuxba.com - pushdo (blacklist.rules)
 * 1:27320 <-> DISABLED <-> BLACKLIST DNS request for known malware domain beowozwic.com - pushdo (blacklist.rules)
 * 1:27321 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cupbuxupiq.com - pushdo (blacklist.rules)
 * 1:27318 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jupregeijick.com - pushdo (blacklist.rules)
 * 1:27319 <-> DISABLED <-> BLACKLIST DNS request for known malware domain foqumafda.com - pushdo (blacklist.rules)
 * 1:27316 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nokcicmozsan.com - pushdo (blacklist.rules)
 * 1:27317 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jeiveomafsov.com - pushdo (blacklist.rules)
 * 1:27315 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rilceonafxir.com - pushdo (blacklist.rules)
 * 1:27313 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ficpejeovi.com - pushdo (blacklist.rules)
 * 1:27314 <-> DISABLED <-> BLACKLIST DNS request for known malware domain koqmeosako.com - pushdo (blacklist.rules)
 * 1:27312 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nugguptalilt.com - pushdo (blacklist.rules)
 * 1:27311 <-> DISABLED <-> BLACKLIST DNS request for known malware domain keadirtoqkea.com - pushdo (blacklist.rules)
 * 1:27309 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gacafvuxv.com - pushdo (blacklist.rules)
 * 1:27310 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tirhagutugxi.com - pushdo (blacklist.rules)
 * 1:27307 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cixicuxus.com - pushdo (blacklist.rules)
 * 1:27308 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fuxtifeibe.com - pushdo (blacklist.rules)
 * 1:27306 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tefalilkaqe.com - pushdo (blacklist.rules)
 * 1:27305 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lokjabuxdo.com - pushdo (blacklist.rules)
 * 1:27304 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mupfasakirqi.com - pushdo (blacklist.rules)
 * 1:27302 <-> DISABLED <-> BLACKLIST DNS request for known malware domain deofutugqupq.com - pushdo (blacklist.rules)
 * 1:27303 <-> DISABLED <-> BLACKLIST DNS request for known malware domain goqrokxiqo.com - pushdo (blacklist.rules)
 * 1:27300 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jozvuxnuna.com - pushdo (blacklist.rules)
 * 1:27301 <-> DISABLED <-> BLACKLIST DNS request for known malware domain doraragiqir.com - pushdo (blacklist.rules)
 * 1:27298 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mutufanwozf.com - pushdo (blacklist.rules)
 * 1:27299 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fuxqeiqova.com - pushdo (blacklist.rules)
 * 1:27296 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pozdobatnumo.com - pushdo (blacklist.rules)
 * 1:27297 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kapilupetea.com - pushdo (blacklist.rules)
 * 1:27294 <-> DISABLED <-> BLACKLIST DNS request for known malware domain focuppozh.com - pushdo (blacklist.rules)
 * 1:27295 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lufiseobozq.com - pushdo (blacklist.rules)
 * 1:27293 <-> DISABLED <-> BLACKLIST DNS request for known malware domain muqawogus.com - pushdo (blacklist.rules)
 * 1:27291 <-> DISABLED <-> BLACKLIST DNS request for known malware domain noseobokruc.com - pushdo (blacklist.rules)
 * 1:27292 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hokirwozcoq.com - pushdo (blacklist.rules)
 * 1:27289 <-> DISABLED <-> BLACKLIST DNS request for known malware domain beijirukirif.com - pushdo (blacklist.rules)
 * 1:27290 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cicmotoqcahu.com - pushdo (blacklist.rules)
 * 1:27288 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:27287 <-> DISABLED <-> SQL 1 = 1 - possible sql injection attempt (sql.rules)
 * 1:27517 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nuxugjeop.com - pushdo (blacklist.rules)
 * 1:27518 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cuxafkoqi.com - pushdo (blacklist.rules)
 * 1:27519 <-> DISABLED <-> BLACKLIST DNS request for known malware domain haveapill.com - pushdo (blacklist.rules)
 * 1:27520 <-> DISABLED <-> BLACKLIST DNS request for known malware domain leisukovat.com - pushdo (blacklist.rules)
 * 1:27521 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dirweikugqij.com - pushdo (blacklist.rules)
 * 1:27522 <-> DISABLED <-> BLACKLIST DNS request for known malware domain taqeixoqbei.com - pushdo (blacklist.rules)
 * 1:27523 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mupxiholakeo.com - pushdo (blacklist.rules)
 * 1:27524 <-> DISABLED <-> BLACKLIST DNS request for known malware domain micsigafgi.com - pushdo (blacklist.rules)
 * 1:27525 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical width overflow attempt (file-image.rules)
 * 1:27526 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules)
 * 1:27527 <-> DISABLED <-> FILE-IMAGE Directshow GIF logical height overflow attempt (file-image.rules)
 * 1:27528 <-> DISABLED <-> FILE-IMAGE Gif logical width overflow attempt (file-image.rules)
 * 1:27529 <-> DISABLED <-> FILE-IMAGE Gif logical height overflow attempt (file-image.rules)
 * 1:27530 <-> DISABLED <-> FILE-IMAGE Gif logical height overflow attempt (file-image.rules)
 * 1:27531 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer 9 and 10 information disclosure attempt (browser-ie.rules)
 * 1:27532 <-> ENABLED <-> SERVER-MAIL Exim and Dovecot mail from remote command execution attempt (server-mail.rules)
 * 1:27412 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bilfasozquta.com - pushdo (blacklist.rules)
 * 1:27413 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gaxubatfu.com - pushdo (blacklist.rules)
 * 1:27414 <-> DISABLED <-> BLACKLIST DNS request for known malware domain coqmuleavi.com - pushdo (blacklist.rules)
 * 1:27415 <-> DISABLED <-> BLACKLIST DNS request for known malware domain veapatjupwa.com - pushdo (blacklist.rules)
 * 1:27416 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hatjicweiruc.com - pushdo (blacklist.rules)
 * 1:27417 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mibufokaflu.com - pushdo (blacklist.rules)
 * 1:27418 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vuxgabatvo.com - pushdo (blacklist.rules)
 * 1:27419 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nogircafloz.com - pushdo (blacklist.rules)
 * 1:27420 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nugvilgogicn.com - pushdo (blacklist.rules)
 * 1:27421 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fonirminugt.com - pushdo (blacklist.rules)
 * 1:27422 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jeimupgonokc.com - pushdo (blacklist.rules)
 * 1:27423 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dehugnurilr.com - pushdo (blacklist.rules)
 * 1:27424 <-> DISABLED <-> BLACKLIST DNS request for known malware domain veadatlihei.com - pushdo (blacklist.rules)
 * 1:27425 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sudafbilp.com - pushdo (blacklist.rules)
 * 1:27426 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pomeamozsag.com - pushdo (blacklist.rules)
 * 1:27427 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lunaratji.com - pushdo (blacklist.rules)
 * 1:27428 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kabozraqick.com - pushdo (blacklist.rules)
 * 1:27429 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xeonokmupvic.com - pushdo (blacklist.rules)
 * 1:27430 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jeoheovux.com - pushdo (blacklist.rules)
 * 1:27431 <-> DISABLED <-> BLACKLIST DNS request for known malware domain deaqijoqi.com - pushdo (blacklist.rules)
 * 1:27432 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jupheisozmoz.com - pushdo (blacklist.rules)
 * 1:27433 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lozdaflawupq.com - pushdo (blacklist.rules)
 * 1:27434 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hijicxoqk.com - pushdo (blacklist.rules)
 * 1:27435 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jeakawulok.com - pushdo (blacklist.rules)
 * 1:27436 <-> DISABLED <-> BLACKLIST DNS request for known malware domain momaxivuxvo.com - pushdo (blacklist.rules)
 * 1:27437 <-> DISABLED <-> BLACKLIST DNS request for known malware domain roxigarokhe.com - pushdo (blacklist.rules)
 * 1:27438 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hokcacusok.com - pushdo (blacklist.rules)
 * 1:27439 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hatweidafcoq.com - pushdo (blacklist.rules)
 * 1:27440 <-> DISABLED <-> BLACKLIST DNS request for known malware domain buhabatdu.com - pushdo (blacklist.rules)
 * 1:27441 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pozjeosujanc.com - pushdo (blacklist.rules)
 * 1:27442 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vabuxwoga.com - pushdo (blacklist.rules)
 * 1:27443 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vuxnokheil.com - pushdo (blacklist.rules)
 * 1:27444 <-> DISABLED <-> BLACKLIST DNS request for known malware domain reopicjasa.com - pushdo (blacklist.rules)
 * 1:27445 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dilhaseoxu.com - pushdo (blacklist.rules)
 * 1:27446 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sicwuplixipu.com - pushdo (blacklist.rules)
 * 1:27447 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bokrawaveaha.com - pushdo (blacklist.rules)
 * 1:27448 <-> DISABLED <-> BLACKLIST DNS request for known malware domain sugaqokag.com - pushdo (blacklist.rules)
 * 1:27449 <-> DISABLED <-> BLACKLIST DNS request for known malware domain woqwicsone.com - pushdo (blacklist.rules)
 * 1:27450 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lokudeawifu.com - pushdo (blacklist.rules)
 * 1:27451 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qoqcinubokje.com - pushdo (blacklist.rules)
 * 1:27452 <-> DISABLED <-> BLACKLIST DNS request for known malware domain fapuxqogirq.com - pushdo (blacklist.rules)
 * 1:27453 <-> DISABLED <-> BLACKLIST DNS request for known malware domain jutacannafe.com - pushdo (blacklist.rules)
 * 1:27454 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nupansola.com - pushdo (blacklist.rules)
 * 1:27455 <-> DISABLED <-> BLACKLIST DNS request for known malware domain daffimufuf.com - pushdo (blacklist.rules)
 * 1:27456 <-> DISABLED <-> BLACKLIST DNS request for known malware domain simuwigopat.com - pushdo (blacklist.rules)
 * 1:27457 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nugbibejamoq.com - pushdo (blacklist.rules)
 * 1:27458 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ceagutonugbo.com - pushdo (blacklist.rules)
 * 1:27459 <-> DISABLED <-> BLACKLIST DNS request for known malware domain taflowicaf.com - pushdo (blacklist.rules)
 * 1:27460 <-> DISABLED <-> BLACKLIST DNS request for known malware domain latvilsaculo.com - pushdo (blacklist.rules)
 * 1:27461 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qocomuhax.com - pushdo (blacklist.rules)
 * 1:27462 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gisubanea.com - pushdo (blacklist.rules)
 * 1:27463 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lokrofanpe.com - pushdo (blacklist.rules)
 * 1:27464 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gubodafhuxb.com - pushdo (blacklist.rules)
 * 1:27465 <-> DISABLED <-> BLACKLIST DNS request for known malware domain dutugwanirq.com - pushdo (blacklist.rules)
 * 1:27466 <-> DISABLED <-> BLACKLIST DNS request for known malware domain feovileig.com - pushdo (blacklist.rules)
 * 1:27467 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hatxirveaxoq.com - pushdo (blacklist.rules)
 * 1:27469 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qeajiwiwib.com - pushdo (blacklist.rules)
 * 1:27470 <-> DISABLED <-> BLACKLIST DNS request for known malware domain vasuxbuxl.com - pushdo (blacklist.rules)
 * 1:27468 <-> DISABLED <-> BLACKLIST DNS request for known malware domain piltiviruh.com - pushdo (blacklist.rules)
 * 1:27473 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hoquhuxrokt.com - pushdo (blacklist.rules)
 * 1:27482 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kugugfozvoq.com - pushdo (blacklist.rules)
 * 1:27503 <-> DISABLED <-> BLACKLIST DNS request for known malware domain wozbowuwegik.com - pushdo (blacklist.rules)
 * 1:27511 <-> DISABLED <-> BLACKLIST DNS request for known malware domain neixirrux.kz - pushdo (blacklist.rules)
 * 1:27497 <-> DISABLED <-> BLACKLIST DNS request for known malware domain koqsajuppi.com - pushdo (blacklist.rules)
 * 1:27481 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qafcoqcoqs.com - pushdo (blacklist.rules)
 * 1:27474 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pajicafso.com - pushdo (blacklist.rules)
 * 1:27495 <-> DISABLED <-> BLACKLIST DNS request for known malware domain cibimozsu.com - pushdo (blacklist.rules)
 * 1:27477 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nilokxeosoz.com - pushdo (blacklist.rules)
 * 1:27499 <-> DISABLED <-> BLACKLIST DNS request for known malware domain moluxubeoke.com - pushdo (blacklist.rules)
 * 1:27492 <-> DISABLED <-> BLACKLIST DNS request for known malware domain xisafeowa.com - pushdo (blacklist.rules)
 * 1:27480 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mihacafreoj.com - pushdo (blacklist.rules)
 * 1:27476 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ceavuxjajanc.com - pushdo (blacklist.rules)
 * 1:27509 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mafquwecar.com - pushdo (blacklist.rules)
 * 1:27505 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kipucagowad.com - pushdo (blacklist.rules)
 * 1:27479 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hugcicpatk.com - pushdo (blacklist.rules)
 * 1:27504 <-> DISABLED <-> BLACKLIST DNS request for known malware domain meatubeibu.com - pushdo (blacklist.rules)
 * 1:27493 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kokceafohilc.com - pushdo (blacklist.rules)
 * 1:27506 <-> DISABLED <-> BLACKLIST DNS request for known malware domain mirotuggada.com - pushdo (blacklist.rules)
 * 1:27512 <-> DISABLED <-> BLACKLIST DNS request for known malware domain ruxneafuhe.com - pushdo (blacklist.rules)
 * 1:27485 <-> DISABLED <-> BLACKLIST DNS request for known malware domain lozbokbumicl.com - pushdo (blacklist.rules)
 * 1:27486 <-> DISABLED <-> BLACKLIST DNS request for known malware domain bokgowofuppi.com - pushdo (blacklist.rules)
 * 1:27489 <-> DISABLED <-> BLACKLIST DNS request for known malware domain geajozhuwepi.com - pushdo (blacklist.rules)
 * 1:27490 <-> DISABLED <-> BLACKLIST DNS request for known malware domain geigupkos.com - pushdo (blacklist.rules)
 * 1:27494 <-> DISABLED <-> BLACKLIST DNS request for known malware domain wabowanfank.com - pushdo (blacklist.rules)
 * 1:27508 <-> DISABLED <-> BLACKLIST DNS request for known malware domain goqvasusei.com - pushdo (blacklist.rules)
 * 1:27475 <-> DISABLED <-> BLACKLIST DNS request for known malware domain veimulilqead.com - pushdo (blacklist.rules)
 * 1:27515 <-> DISABLED <-> BLACKLIST DNS request for known malware domain qagupanci.com - pushdo (blacklist.rules)
 * 1:27496 <-> DISABLED <-> BLACKLIST DNS request for known malware domain micvuxtebi.com - pushdo (blacklist.rules)
 * 1:27478 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hoqiteoheop.com - pushdo (blacklist.rules)
 * 1:27513 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nafwucirdahu.com - pushdo (blacklist.rules)
 * 1:27488 <-> DISABLED <-> BLACKLIST DNS request for known malware domain hokneohabe.com - pushdo (blacklist.rules)
 * 1:27502 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tupkoveacoqw.com - pushdo (blacklist.rules)
 * 1:27483 <-> DISABLED <-> BLACKLIST DNS request for known malware domain someogahu.com - pushdo (blacklist.rules)
 * 1:27510 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tupmeolillit.com - pushdo (blacklist.rules)
 * 1:27484 <-> DISABLED <-> BLACKLIST DNS request for known malware domain kafriqoqhatb.com - pushdo (blacklist.rules)
 * 1:27487 <-> DISABLED <-> BLACKLIST DNS request for known malware domain buwicceaxeo.com - pushdo (blacklist.rules)
 * 1:27472 <-> DISABLED <-> BLACKLIST DNS request for known malware domain tirqirvealux.com - pushdo (blacklist.rules)
 * 1:27501 <-> DISABLED <-> BLACKLIST DNS request for known malware domain gafxugeikabi.com - pushdo (blacklist.rules)
 * 1:27507 <-> DISABLED <-> BLACKLIST DNS request for known malware domain nuqabuxpi.com - pushdo (blacklist.rules)
 * 1:27500 <-> DISABLED <-> BLACKLIST DNS request for known malware domain pilpuxmafr.com - pushdo (blacklist.rules)
 * 1:27491 <-> DISABLED <-> BLACKLIST DNS request for known malware domain rugpilkokjeo.com - pushdo (blacklist.rules)
 * 1:27514 <-> DISABLED <-> BLACKLIST DNS request for known malware domain geileawoz.com - pushdo (blacklist.rules)
 * 1:27471 <-> DISABLED <-> BLACKLIST DNS request for known malware domain supqafbufu.com - pushdo (blacklist.rules)

Modified Rules:


 * 1:26480 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zbot fake PNG config file download without User-Agent (malware-cnc.rules)
 * 1:25948 <-> ENABLED <-> EXPLOIT-KIT redirection to driveby download (exploit-kit.rules)
 * 1:21778 <-> DISABLED <-> SQL parameter ending in comment characters - possible sql injection attempt - POST (sql.rules)
 * 1:21289 <-> DISABLED <-> OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (os-windows.rules)
 * 1:16461 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (file-office.rules)