Views:
Table of Contents
--------------------------
  New Filters - 8
  Modified Filters (logic changes) - 1
  Modified Filters (metadata changes only) - 1
  Removed Filters - 0		 
New Filters: 

    45469: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection (Response)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2024-23692
      - Release Date: February 25, 2025

    45475: HTTP: Backdoor.Win32.Cherryspy.A Runtime Detection (Request - Setup Key)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2024-23692
      - Release Date: February 25, 2025

    45481: HTTP: Trojan.Shell.RitpouriactStealer.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - Release Date: February 25, 2025

    45490: HTTP: Trojan.VBS.VjW0rm.druvzi Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - Release Date: February 25, 2025

    45491: HTTP: Trojan-Downloader.MSIL.Coyoteloader.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - Release Date: February 25, 2025

    45492: HTTP: Trojan.Python.Marsayhem.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - Release Date: February 25, 2025

    45493: SMB: Ransomware.MSIL.Cring.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployment: Not enabled by default in any deployment.
      - Release Date: February 25, 2025

    45495: SMB: Ransomware.Linux.Fog.A9OKG Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployment: Not enabled by default in any deployment.
      - Release Date: February 25, 2025

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    * 44587: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection (Request Check-in)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "44587: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: August 06, 2024
      - Last Modified Date: February 25, 2025

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    45422: ICMP: Trojan.Win32.ICMPinger.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Deployments updated and are now:
        - No Deployments.
      - Release Date: February 18, 2025
      - Last Modified Date: February 25, 2025

  Removed Filters: None
Keywords: ThreatDV Malware Filter Package #2030
Comments (0)