New Filters: 45469: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection (Response) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2024-23692 - Release Date: February 25, 2025 45475: HTTP: Backdoor.Win32.Cherryspy.A Runtime Detection (Request - Setup Key) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2024-23692 - Release Date: February 25, 2025 45481: HTTP: Trojan.Shell.RitpouriactStealer.A Runtime Detection - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: February 25, 2025 45490: HTTP: Trojan.VBS.VjW0rm.druvzi Runtime Detection - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: February 25, 2025 45491: HTTP: Trojan-Downloader.MSIL.Coyoteloader.A Runtime Detection - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: February 25, 2025 45492: HTTP: Trojan.Python.Marsayhem.A Runtime Detection - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - Deployment: Performance-Optimized (Disabled) - Release Date: February 25, 2025 45493: SMB: Ransomware.MSIL.Cring.A Runtime Detection - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployment: Not enabled by default in any deployment. - Release Date: February 25, 2025 45495: SMB: Ransomware.Linux.Fog.A9OKG Runtime Detection - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Virus - Severity: High - Description: This filter is deployed in the Malware Filter Package. - Deployment: Not enabled by default in any deployment. - Release Date: February 25, 2025 Modified Filters (logic changes): * = Enabled in Default deployments * 44587: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection (Request Check-in) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Name changed from "44587: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection". - Description updated. - Detection logic updated. - Vulnerability references updated. - Release Date: August 06, 2024 - Last Modified Date: February 25, 2025 Modified Filters (metadata changes only): * = Enabled in Default deployments 45422: ICMP: Trojan.Win32.ICMPinger.A Runtime Detection - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Description updated. - Deployments updated and are now: - No Deployments. - Release Date: February 18, 2025 - Last Modified Date: February 25, 2025 Removed Filters: None

ThreatDV Malware Filter Package #2030

Product / Version includes:

TippingPoint ThreatDVAll

Last updated: 2025/02/25

Solution ID: KA-0019123

Category: Configure , Troubleshoot , Install

Summary

ThreatDV Malware Filter Package #2030 February 25, 2025

Table of Contents
--------------------------
  New Filters - 8
  Modified Filters (logic changes) - 1
  Modified Filters (metadata changes only) - 1
  Removed Filters - 0

New Filters: 

    45469: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection (Response)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2024-23692
      - Release Date: February 25, 2025

    45475: HTTP: Backdoor.Win32.Cherryspy.A Runtime Detection (Request - Setup Key)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2024-23692
      - Release Date: February 25, 2025

    45481: HTTP: Trojan.Shell.RitpouriactStealer.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - Release Date: February 25, 2025

    45490: HTTP: Trojan.VBS.VjW0rm.druvzi Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - Release Date: February 25, 2025

    45491: HTTP: Trojan-Downloader.MSIL.Coyoteloader.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - Release Date: February 25, 2025

    45492: HTTP: Trojan.Python.Marsayhem.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - Release Date: February 25, 2025

    45493: SMB: Ransomware.MSIL.Cring.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployment: Not enabled by default in any deployment.
      - Release Date: February 25, 2025

    45495: SMB: Ransomware.Linux.Fog.A9OKG Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Virus
      - Severity: High
      - Description: This filter is deployed in the Malware Filter Package.
      - Deployment: Not enabled by default in any deployment.
      - Release Date: February 25, 2025

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    * 44587: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection (Request Check-in)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "44587: HTTP: Trojan-Downloader.VBA.Hatvibe.A Runtime Detection".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: August 06, 2024
      - Last Modified Date: February 25, 2025

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    45422: ICMP: Trojan.Win32.ICMPinger.A Runtime Detection
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Deployments updated and are now:
        - No Deployments.
      - Release Date: February 18, 2025
      - Last Modified Date: February 25, 2025

  Removed Filters: None

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

ThreatDV Malware Filter Package #2030

ThreatDV Malware Filter Package #2030

Product / Version includes:

Summary