/
DNS Malware
Document toolboxDocument toolbox

DNS Malware

Owned by Ashish Khabde
May 15, 2019

DNS malware is software used to disrupt your DNS service, gather sensitive information, or gain access to your appliance. It can include downloaders, backdoors, trojan horses, and other malicious software.

The following table lists the auto rules that are used to mitigate DNS malware when forwarding DNS requests to a resolver such as a Microsoft DNS server.

Rule IDRule TypeRule NameDescription

Enable Condition

ParametersComments
110100300Auto

EARLY DROP UDP MALWARE backdoor

This rule drops UDP packets that contain the backdoor malware BKDR_QUEJOB.EVL, which poses as an installer of FaceBook messenger. This malware may be spread as a malicious attachment in email messages.

Always enabled

Events per second (default = 1)


130300300Auto

DROP MALWARE trojan downloader

This rule drops UDP packets that contain the trojan downloader malware, which downloads and installs new versions of malicious programs, including Trojans and AdWare.

Always enabledEvents per second (default = 1)
130300400Auto

DROP MALWARE possible Hiloti

This rule drops UDP packets that contain trojan Hiloti malicious programs that may download potentially malicious files from a remote server and report system information back to the server.

Always enabledEvents per second (default = 1)
125000000SystemDROP TROJAN Rovnix UDP DNS lookup (cherniypoyas.ru)This rule drops Rovnix Trojan DNS lookup using UDP (cherniypoyas.ru).

Enabled by default

Events per second (default = 1)
125000001SystemDROP TROJAN Rovnix TCP DNS lookup
(cherniypoyas.ru)		This rule drops Rovnix Trojan DNS lookup using TCP
(cherniypoyas.ru).		Enabled by defaultEvents per second (default = 1)
125000002System

DROP TROJAN Rovnix UDP DNS lookup (chernoypoyas.su)

This rule drops Rovnix Trojan DNS lookup using UDP (chernoypoyas.su).

Enabled by defaultEvents per second (default = 1)
125000003System

DROP TROJAN Rovnix TCP DNS lookup (chernoypoyas.su)

This rule drops Rovnix Trojan DNS lookup using TCP
(cherniypoyas.ru).		Enabled by defaultEvents per second (default = 1)
125000004SystemDROP TROJAN Rovnix UDP DNS lookup
(beliypoyas.ru)		This rule drops Rovnix Trojan DNS lookup using UDP
(beliypoyas.ru).		Enabled by defaultEvents per second (default = 1)
125000005SystemDROP TROJAN Rovnix TCP DNS lookup
(beliypoyas.ru)		This rule drops Rovnix Trojan DNS lookup using TCP
(beliypoyas.ru).		Enabled by defaultEvents per second (default = 1)
125000006System

DROP TROJAN Rovnix UDP DNS lookup (beliypoyas.su)

This rule drops Rovnix Trojan  DNS lookup using UDP (beliypoyas.su).

Enabled by defaultEvents per second (default = 1)
125000007System

DROP TROJAN Rovnix TCP DNS lookup (beliypoyas.su)

This rule drops Rovnix Trojan DNS lookup using TCP (beliypoyas.su).

Enabled by defaultEvents per second (default = 1)
125000008SystemDROP TROJAN Rovnix UDP DNS lookup
(zeleniypoyas.ru)		This rule drops Rovnix Trojan DNS lookup using UDP
(zeleniypoyas.ru).		Enabled by defaultEvents per second (default = 1)
125000009SystemDROP TROJAN Rovnix TCP DNS lookup
(zeleniypoyas.ru)		This rule drops Rovnix Trojan DNS lookup using TCP
(zeleniypoyas.ru).		Enabled by defaultEvents per second (default = 1)
125000010System

DROP TROJAN Rovnix UDP DNS lookup (zeleniypoyas.su)

This rule drops Rovnix Trojan DNS lookup using UDP (zeleniypoyas.su).

Enabled by defaultEvents per second (default = 1)
125000011System

DROP TROJAN Rovnix TCP DNS lookup (zeleniypoyas.su)

This rule drops Rovnix Trojan DNS lookup using TCP (zeleniypoyas.su).

Enabled by defaultEvents per second (default = 1)
125000012SystemDROP TROJAN Iron Tiger DNSTunnel UDP DNS lookup (xssok.blogspot.com)This rule drops Trojan Iron Tiger DNSTunnel DNS lookup using UDP (xssok.blogspot.com).Enabled by defaultEvents per second (default = 1)
125000013SystemDROP TROJAN Iron Tiger DNSTunnel TCP DNS lookup (xssok.blogspot.com)This rule drops Trojan Iron Tiger DNSTunnel DNS lookup using TCP (xssok.blogspot.com).Enabled by defaultEvents per second (default = 1)
125000014System

DROP TROJAN Iron Tiger Gh0ST/PlugX/Various Backdoors UDP DNS lookup (gameofthrones.ddns.net)

This rule drops Trojan Iron Tiger Gh0ST/PlugX/Various Backdoors DNS Lookup using UDP (gameofthrones.ddns.net).Enabled by defaultEvents per second (default = 1)
125000015System

DROP TROJAN Iron Tiger Gh0ST/PlugX/Various Backdoors TCP DNS lookup (gameofthrones.ddns.net)

This rule drops Trojan Iron Tiger Gh0ST/PlugX/Various Backdoors DNS Lookup using TCP (gameofthrones.ddns.net).Enabled by defaultEvents per second (default = 1)
125000016SystemDROP TROJAN Iron Tiger Likely PlugX UDP DNS lookup (chrome.servehttp.com)This rule drops Trojan Iron Tiger Likely PlugX DNS Lookup using UDP (chrome.servehttp.com).Enabled by defaultEvents per second (default = 1)
125000017SystemDROP TROJAN Iron Tiger Likely PlugX TCP DNS lookup (chrome.servehttp.com)This rule drops Trojan Iron Tiger Likely PlugX DNS Lookup using TCP (chrome.servehttp.com).Enabled by defaultEvents per second (default = 1)
125000018SystemDROP TROJAN Iron Tiger Backdoor.GTalkTrojan DNS UDP lookup
(update.gtalklite.com)		This rule drops Trojan Iron Tiger Backdoor.GTalkTrojan DNS lookup using UDP (update.gtalklite.com).Enabled by defaultEvents per second (default = 1)
125000019SystemDROP TROJAN Iron Tiger Backdoor.GTalkTrojan DNS TCP lookup
(update.gtalklite.com)		This rule drops Trojan Iron Tiger Backdoor.GTalkTrojan DNS lookup using TCP (update.gtalklite.com).Enabled by defaultEvents per second (default = 1)
125000020SystemDROP TROJAN Iron Tiger HTTPBrowser DNS UDP lookup
(trendmicro-update.org)		This rule drops Trojan Iron Tiger HTTPBrowser DNS lookup using UDP (trendmicro-update.org)Enabled by defaultEvents per second (default = 1)
125000021SystemDROP TROJAN Iron Tiger HTTPBrowser DNS TCP lookup (trendmicro-update.org)This rule drops Trojan Iron Tiger HTTPBrowser DNS lookup using TCP (trendmicro-update.org).Enabled by defaultEvents per second (default = 1)
125000022SystemDROP TROJAN XCodeGhost DNS UDP
lookup (init.icloud-analysis.com)		This rule drops TrojanXCodeGhost DNS lookup using UDP (init.icloud-analysis.com)Enabled by defaultEvents per second (default = 1)
125000023SystemDROP TROJAN XCodeGhost DNS TCP
lookup (init.icloud-analysis.com)		This rule drops Trojan XCodeGhost DNS lookup using TCP (init.icloud-analysis.com)Enabled by defaultEvents per second (default = 1)
125000024System

DROP TROJAN XCodeGhost DNS UDP lookup (init.icloud-diagnostics.com)

This rule drops Trojan XCodeGhost DNS lookup using UDP (init.icloud-diagnostics.com)Enabled by defaultEvents per second (default = 1)
125000025System

DROP TROJAN XCodeGhost DNS TCP lookup (init.icloud-diagnostics.com)

This rule drops Trojan XCodeGhost DNS lookup using TCP (init.icloud-diagnostics.com)Enabled by defaultEvents per second (default = 1)
125000026SystemDROP TROJAN XCodeGhost DNS UDP
lookup (init.crash-analytics.com)		This rule drops Trojan XCodeGhost DNS lookup using UDP (init.crash-analytics.com)Enabled by defaultEvents per second (default = 1)
125000027SystemDROP TROJAN XCodeGhost DNS TCP
lookup (init.crash-analytics.com)		This rule drops Trojan XCodeGhost DNS lookup using TCP (init.crash-analytics.com)Enabled by defaultEvents per second (default = 1)
125000028SystemDROP UDP MOBILE_MALWARE Android/Keymoge DNS UDP Lookup (aps.kemoge.net)This rule drops MOBILE_MALWARE Android/Keymoge DNS Lookup using UDP (aps.kemoge.net).Enabled by defaultEvents per second (default = 1)
125000029SystemDROP TCP MOBILE_MALWARE Android/Keymoge DNS TCP Lookup
(aps.kemoge.net)		This rule drops MOBILE_MALWARE
Android/Keymoge DNS Lookup using TCP
(aps.kemoge.net).		Enabled by defaultEvents per second (default = 1)
125000030SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (googlemanage.com)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (googlemanage.com).Enabled by defaultEvents per second (default = 1)
125000031SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (googlemanage.com)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (googlemanage.com).Enabled by defaultEvents per second (default = 1)
125000032SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (operaa.net)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (operaa.net).Enabled by defaultEvents per second (default = 1)
125000033SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (operaa.net)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (operaa.net).Enabled by defaultEvents per second (default = 1)
125000034SystemDROP UDP TROJAN PlugX or EvilGrab DNS UDP Lookup (websecexp.com)This rule drops TROJAN PlugX or EvilGrab DNS Lookup using UDP (websecexp.com).Enabled by defaultEvents per second (default = 1)
125000035SystemDROP TCP TROJAN PlugX or EvilGrab DNS TCP Lookup (websecexp.com)This rule drops TROJAN PlugX or EvilGrab DNS Lookup using TCP (websecexp.com).Enabled by defaultEvents per second (default = 1)
125000036SystemDROP UDP TROJAN PlugX or EvilGrab DNS UDP Lookup (appeur.gnway.cc)This rule drops TROJAN PlugX or EvilGrab DNS Lookup using UDP (appeur.gnway.cc).Enabled by defaultEvents per second (default = 1)
125000037SystemDROP TCP TROJAN PlugX or EvilGrab DNS TCP Lookup (appeur.gnway.cc)This rule drops TROJAN PlugX or EvilGrab DNS Lookup using TCP (appeur.gnway.cc).Enabled by defaultEvents per second (default = 1)
125000038SystemDROP UDP TROJAN PlugX DNS UDP Lookup (mailsecurityservice.com)This rule drops TROJAN PlugX DNS Lookup using UDP (mailsecurityservice.com).Enabled by defaultEvents per second (default = 1)
125000039SystemDROP TCP TROJAN PlugX DNS TCP Lookup (mailsecurityservice.com)This rule drops TROJAN PlugX DNS Lookup using TCP (mailsecurityservice.com).Enabled by defaultEvents per second (default = 1)
125000040SystemDROP UDP TROJAN Sednit DNS UDP Lookup (swsupporttools.com)This rule drops TROJAN Sednit DNS Lookup using UDP (swsupporttools.com).Enabled by defaultEvents per second (default = 1)
125000041SystemDROP TCP TROJAN Sednit DNS TCP Lookup (swsupporttools.com)This rule drops TROJAN Sednit DNS Lookup using TCP (swsupporttools.com).Enabled by defaultEvents per second (default = 1)
125000042System

DROP UDP TROJAN JS/RecJS DNS UDP Lookup (calllgt.endofinternet.net)

This rule drops TROJAN JS/RecJS DNS Lookup using UDP (calllgt.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000043System

DROP TCP TROJAN JS/RecJS DNS TCP Lookup (calllgt.endofinternet.net)

This rule drops TROJAN JS/RecJS DNS Lookup using TCP (calllgt.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000044System

DROP UDP TROJAN JS/RecJS DNS UDP Lookup (offmkos.endofinternet.net)

This rule drops TROJAN JS/RecJS DNS Lookup using UDP (offmkos.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000045System

DROP TCP TROJAN JS/RecJS DNS TCP Lookup (offmkos.endofinternet.net)

This rule drops TROJAN JS/RecJS DNS Lookup using TCP (offmkos.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000046SystemDROP UDP TROJAN JS/RecJS DNS UDP Lookup (poonahost.endofinter net.net)This rule drops TROJAN JS/RecJS DNS Lookup using UDP (poonahost.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000047SystemDROP TCP TROJAN JS/RecJS DNS TCP Lookup (poonahost.endofinter net.net)This rule drops TROJAN JS/RecJS DNS Lookup using TCP (poonahost.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000048System

DROP UDP TROJAN JS/RecJS DNS UDP Lookup (askleonri.isteingeek.de)

This rule drops TROJAN JS/RecJS DNS Lookup using UDP (askleonri.isteingeek.de).Enabled by defaultEvents per second (default = 1)
125000049System

DROP TCP TROJAN JS/RecJS DNS TCP Lookup (askleonri.isteingeek.de)

This rule drops TROJAN JS/RecJS DNS Lookup using TCP (askleonri.isteingeek.de).Enabled by defaultEvents per second (default = 1)
125000050SystemDROP UDP TROJAN JS/RecJS DNS UDP Lookup (edrimake.endofinternet.net)This rule drops TROJAN JS/RecJS DNS Lookup using UDP (edrimake.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000051SystemDROP TCP TROJAN JS/RecJS DNS TCP Lookup (edrimake.endofinternet.net)This rule drops TROJANJS/RecJS DNS Lookup using TCP (edrimake.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000052SystemDROP UDP TROJAN JS/RecJS DNS UDP Lookup (qkmakein.endofinternet.net)This rule drops TROJAN JS/RecJS DNS Lookup using UDP (qkmakein.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000053SystemDROP TCP TROJANJS/RecJS DNS TCP
Lookup (qkmakein.endofinternet.net)		This rule drops TROJAN JS/RecJS DNS Lookup using TCP (qkmakein.endofinternet.net).Enabled by defaultEvents per second (default = 1)
125000054SystemDROP UDP TROJAN JS/RecJS DNS UDP Lookup (cuninn.servebbs.com)This rule drops TROJAN JS/RecJS DNS Lookup using UDP (cuninn.servebbs.com).Enabled by defaultEvents per second (default = 1)
125000055SystemDROP TCP TROJAN JS/RecJS DNS TCP Lookup (cuninn.servebbs.com)This rule drops TROJANJS/RecJS DNS Lookup using TCP (cuninn.servebbs.com).Enabled by defaultEvents per second (default = 1)
125000056SystemDROP UDP TROJAN JS/RecJS DNS UDP Lookup (grihostad.servebbs.com)This rule drops TROJAN JS/RecJS DNS Lookup using UDP (grihostad.servebbs.com).Enabled by defaultEvents per second (default = 1)
125000057SystemDROP TCP TROJANJS/RecJS DNS TCP Lookup (grihostad.servebbs.com)This rule drops TROJANJS/RecJS DNS Lookup using TCP(grihostad.servebbs.com).Enabled by defaultEvents per second (default = 1)
125000058SystemDROP UDP TROJANJS/RecJS DNS UDP Lookup(askpotubeda.isteingeek.de)This rule drops TROJANS/RecJS DNS Lookup using
UDP(askpotubeda.isteingeek.de).		Enabled by defaultEvents per second (default = 1)
125000059SystemDROP TCP TROJAN JS/RecJS DNS TCP Lookup(askpotubeda.isteingeek.de)This rule drops TROJANJS/RecJS DNS Lookup using TCP(askpotubeda.isteingeek.de).Enabled by defaultEvents per second (default = 1)
125000060SystemDROP UDP TROJANJS/RecJS DNS UDP Lookup (isqgt.isteingeek.de)This rule drops TROJAN JS/RecJS DNS Lookup using UDP (isqgt.isteingeek.de).Enabled by defaultEvents per second (default = 1)
125000061SystemDROP TCP TROJANJS/RecJS DNS TCP Lookup (isqgt.isteingeek.de)This rule drops TROJANJS/RecJS DNS Lookup using TCP (isqgt.isteingeek.de).Enabled by defaultEvents per second (default = 1)
125000062SystemDROP UDP TROJANJS/RecJS DNS UDP Lookup (griahost.servebbs.com)This rule drops TROJANJS/RecJS DNS Lookup using UDP (griahost.servebbs.com).Enabled by defaultEvents per second (default = 1)
125000063SystemDROP TCP TROJAN JS/RecJS DNS TCP Lookup (griahost.servebbs.com)This rule drops TROJAJS/RecJS DNS Lookup using TCP (griahost.servebbs.com).Enabled by defaultEvents per second (default = 1)
125000064System

DROP UDP TROJANWin32/Wedex TXT DNS UDP Lookup 1(cooky.nothn.5000)

This rule drops TROJANWin32/Wedex TXT DNSLookup 1 using UDP(cooky.nothn.5000).

Enabled by defaultEvents per second (default = 1)
125000065System

DROP TCP TROJANWin32/Wedex TXT DNSTCP Lookup 1(cooky.nothn.5000)

This rule drops TROJANWin32/Wedex TXT DNSLookup 1 using TCP (cooky.nothn.5000).

Enabled by defaultEvents per second (default = 1)
125000066System

DROP UDP TROJAN Win32/Wedex TXT DNSUDP Lookup 2 (cooky.error.500)

This rule drops TROJANWin32/Wedex TXT DNSLookup 2 using UDP (cooky.error.500).

Enabled by defaultEvents per second (default = 1)
125000067System

DROP TCP TROJANWin32/Wedex TXT DNS TCP Lookup 2 (cooky.error.500)

This rule drops TROJANWin32/Wedex TXT DNSLookup 2 using TCP (cooky.error.500).

Enabled by defaultEvents per second (default = 1)
125000068System

DROP UDP TROJAN Win32/Wedex TXT DNS UDP Lookup 3 (cooky.pcall.500)

This rule drops TROJAN Win32/Wedex TXT DNS Lookup 3 using UDP (cooky.pcall.500).

Enabled by defaultEvents per second (default = 1)
125000069System

DROP TCP TROJAN Win32/Wedex TXT DNS TCP Lookup 3 (cooky.pcall.500)

This rule drops TROJANWin32/Wedex TXT DNSLookup 3 using TCP (cooky.pcall.500).

Enabled by defaultEvents per second (default = 1)
125000070System

DROP UDP TROJAN Aldi Bot .onion Proxy Domain (evgg4iqc23vvoxhx)

This rule drops TROJAN AldiBot .onion Proxy Domain using UDP (evgg4iqc23vvoxhx).

Enabled by defaultEvents per second (default = 1)
125000071System

DROP TCP TROJAN Aldi Bot .onion Proxy Domain (evgg4iqc23vvoxhx)

This rule drops TROJAN Aldi Bot .onion Proxy Domain using TCP (evgg4iqc23vvoxhx).

Enabled by defaultEvents per second (default = 1)
125000072System

DROP UDP TROJAN ritroni .onion Proxy Domain (ggvvwt7u6b3qaicm)

This rule drops TROJAN Critroni onion Proxy Domain using UDP (ggvvwt7u6b3qaicm).

Enabled by defaultEvents per second (default = 1)
125000073System

DROP TCP TROJAN Critroni .onion Proxy Domain (ggvvwt7u6b3qaicm)

This rule drops TROJAN Critroni .onion Proxy Domain using TCP (ggvvwt7u6b3qaicm).

Enabled by defaultEvents per second (default = 1)
125000074System

DROP UDP TROJAN InfiniteLocker .onion Proxy Domain (qbstdn6k7iivyki2)

This rule drops TROJAN InfiniteLocker .onion Proxy Domain using UDP (qbstdn6k7iivyki2).

Enabled by defaultEvents per second (default = 1)
125000075System

DROP TCP TROJAN InfiniteLocker .onion Proxy Domain (qbstdn6k7iivyki2)

This rule drops TROJAN InfiniteLocker .onion Proxy Domain using TCP (qbstdn6k7iivyki2).

Enabled by defaultEvents per second (default = 1)
125000076System

DROP UDP TROJAN Zbot.onion Proxy Domain (7sv5jprihn6qdl36)

This rule drops TROJAN Zbot onion Proxy Domain using UDP (7sv5jprihn6qdl36).

Enabled by defaultEvents per second (default = 1)
125000077System

DROP TCP TROJAN Zbot.onion Proxy Domain (7sv5jprihn6qdl36)

This rule drops TROJAN Zbot.onion Proxy Domain using TCP (7sv5jprihn6qdl36).

Enabled by defaultEvents per second (default = 1)
125000078System

DROP UDP TROJAN Java/CoinWalletStealer.onion Proxy Domain (btcgenyj6ho35io2)

This rule drops TROJAN Java/CoinWalletStealer .onion Proxy Domain using UDP (btcgenyj6ho35io2).

Enabled by defaultEvents per second (default = 1)
125000079System

DROP TCP TROJAN Java/CoinWalletStealer .onion Proxy Domain (btcgenyj6ho35io2)

This rule drops TROJAN Java/CoinWalletStealer .onion Proxy Domain using TCP (btcgenyj6ho35io2).

Enabled by defaultEvents per second (default = 1)
125000080System

DROP UDP TROJAN AlphaCrypt .onion Proxy Domain (3st7uyjfocyourll)

This rule drops TROJAN AlphaCrypt .onion Proxy Domain using UDP (3st7uyjfocyourll).

Enabled by defaultEvents per second (default = 1)
125000081System

DROP TCP TROJAN AlphaCrypt .onion Proxy Domain (3st7uyjfocyourll)

This rule drops TROJAN AlphaCrypt .onion Proxy Domain using TCP (3st7uyjfocyourll).

Enabled by defaultEvents per second (default = 1)
125000082SystemDROP UDP POLICY DNS
Query to.onion proxy Domain (paypartnerstodo.com)		This rule drops POLICY DNS Query to.onion proxy Domain using UDP (paypartnerstodo.com).Enabled by defaultEvents per second (default = 1)
125000083SystemDROP TCP POLICY DNS Query to.onion proxy Domain (paypartnerstodo.com)This rule drops POLICY DNS Query to.onion proxy Domain
using TCP (paypartnerstodo.com).		Enabled by defaultEvents per second (default = 1)
125000084SystemDROP UDP POLICY DNS Query to.onion proxy Domain (allepohelpto.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (allepohelpto.com).Enabled by defaultEvents per second (default = 1)
125000085SystemDROP TCP POLICY DNS Query to.onion proxy Domain (allepohelpto.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (allepohelpto.com).Enabled by defaultEvents per second (default = 1)
125000086System

DROP UDP POLICY DNS Query to.onion proxy Domain (marketcryptopartners.com)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (marketcryptopartners.com).Enabled by defaultEvents per second (default = 1)
125000087System

DROP TCP POLICY DNS Query to.onion proxy Domai (marketcryptopartners.com)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (marketcryptopartners.com).Enabled by defaultEvents per second (default = 1)
125000088SystemDROP UDP POLICY DNS Query to.onion proxy Domain (partnersinvestpayto.com)This rule drops POLICY DNSQuery to.onion proxy Domain using UDP (partnersinvestpayto.com).Enabled by defaultEvents per second (default = 1)
125000089SystemDROP TCP POLICY DNS Query to.onion proxy Domain (partnersinvestpayto.com)This rule drops POLICY DNSQuery to.onion proxy Domain using TCP (partnersinvestpayto.com).Enabled by defaultEvents per second (default = 1)
125000090SystemDROP UDP POLICY DNS Query to.onion proxy Domain(forkinvestpay.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (forkinvestpay.com).Enabled by defaultEvents per second (default = 1)
125000091SystemThis rule drops POLICY DNS Query to.onion proxy Domain using UDP
(forkinvestpay.com).		This rule drops POLICY DNS Query to.onion proxy Domain using TCP (forkinvestpay.com).Enabled by defaultEvents per second (default = 1)
125000092SystemDROP UDP POLICY DNS Query to.onion proxy Domain (effectwaytopay.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (effectwaytopay.com).Enabled by defaultEvents per second (default = 1)
125000093SystemDROP TCP POLICY DNS Query to.onion proxy Domain (effectwaytopay.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (effectwaytopay.com).Enabled by defaultEvents per second (default = 1)
125000094System

DROP UDP TROJAN Cryptowall.onion Proxy Domain (3wzn5p2yiumh7akj)

This rule drops TROJAN Cryptowall .onion Proxy Domain using UDP (3wzn5p2yiumh7akj).

Enabled by defaultEvents per second (default = 1)
125000095System

DROP TCP TROJAN Cryptowall.onion Proxy Domain (3wzn5p2yiumh7akj)

This rule drops TROJAN Cryptowall .onion Proxy Domain using TCP (3wzn5p2yiumh7akj).

Enabled by defaultEvents per second (default = 1)
125000096System

DROP UDP TROJAN Android/Spy.Agent.LP .onion Proxy Domain (44l6tamp6og2p755)

This rule drops TROJAN Android/Spy.Agent.LP. onion Proxy Domain using UDP (44l6tamp6og2p755).

Enabled by defaultEvents per second (default = 1)
125000097System

DROP TCP TROJAN Android/Spy.Agent.LP.onion Proxy Domain (44l6tamp6og2p755)

This rule drops TROJAN Android/Spy.Agent.LP .onion Proxy Domain using TCP (44l6tamp6og2p755).

Enabled by defaultEvents per second (default = 1)
125000098SystemDROP UDP TROJAN Sofacy DNS UDP
Lookup (softupdates.info.)		This rule drops TROJAN Sofacy DNS Lookup using UDP (softupdates.info.)Enabled by defaultEvents per second (default = 1)
125000099SystemDROP TCP TROJAN Sofacy DNS TCP Lookup (softupdates.info.)This rule drops TROJAN Sofacy DNS Lookup using TCP (softupdates.info.)Enabled by defaultEvents per second (default = 1)
125000100SystemDROP UDP TROJAN Sofacy DNS UDP
Lookup (drivres-update.info.)		This rule drops TROJAN Sofacy DNS Lookup using UDP (drivres-update.info.)Enabled by defaultEvents per second (default = 1)
125000101SystemDROP TCP TROJAN Sofacy DNS TCP Lookup (drivres-update.info.)This rule drops TROJAN Sofacy DNS Lookup using TCP (drivres-update.info.)Enabled by defaultEvents per second (default = 1)
125000102SystemDROP UDP POLICY DNS Query to.onion proxy Domain (starswarsspecs.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (starswarsspecs.com).Enabled by defaultEvents per second (default = 1)
125000103SystemDROP TCP POLICY DNS Query to.onion proxy Domain (starswarsspecs.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (starswarsspecs.com).Enabled by defaultEvents per second (default = 1)
125000104System

DROP UDP POLICY DNS Query to.onion proxy Domain (maverickpaypartners.com)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (maverickpaypartners.com).Enabled by defaultEvents per second (default = 1)
125000105System

DROP TCP POLICY DNS Query to.onion proxy Domain (maverickpaypartners.com)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (maverickpaypartners.com).Enabled by defaultEvents per second (default = 1)
125000106SystemDROP UDP TROJANRedyms CnC DNS UDP Lookup (iqcgqyaeqimiiycs.org)This rule drops TROJAN Redyms CnC DNS Lookup
using UDP (iqcgqyaeqimiiycs.org).		Enabled by defaultEvents per second (default = 1)
125000107SystemDROP TCP TROJAN Redyms CnC DNS TCP Lookup (iqcgqyaeqimiiycs.org)This rule drops TROJAN Redyms CnC DNS Lookup using TCP (iqcgqyaeqimiiycs.org).Enabled by defaultEvents per second (default = 1)
125000108System

DROP UDP TROJAN Redyms CnC DNS UDP Lookup (skgkyaqykaeegquu.org)

This rule drops TROJAN Redyms CnC DNS Lookup
using UDP (skgkyaqykaeegquu.org).		Enabled by defaultEvents per second (default = 1)
125000109System

DROP TCP TROJAN Redyms CnC DNS TCP Lookup (skgkyaqykaeegquu.org)

This rule drops TROJANRedyms CnC DNS Lookup
using TCP (skgkyaqykaeegquu.org).		Enabled by defaultEvents per second (default = 1)
125000110System

DROP UDP TROJAN Redyms CnC DNS UDP Lookup (uokkwqswimaamcwe.org)

This rule drops TROJAN Redyms CnC DNS Lookup
using UDP (uokkwqswimaamcwe.org).		Enabled by defaultEvents per second (default = 1)
125000111System

DROP TCP TROJAN Redyms CnC DNS TCP Lookup (uokkwqswimaamcwe.org)

This rule drops TROJAN Redyms CnC DNS Lookup
using TCP (uokkwqswimaamcwe.org).		Enabled by defaultEvents per second (default = 1)
125000112System

DROP UDP TROJAN Redyms CnC DNS UDP Lookup (wscswugeiuayswqg.org)

This rule drops TROJAN Redyms CnC DNS Lookup using UDP (wscswugeiuayswqg.org).Enabled by defaultEvents per second (default = 1)
125000113System

DROP TCP TROJAN Redyms CnC DNS TCP Lookup (wscswugeiuayswqg.org)

This rule drops TROJANRedyms CnC DNS Lookup
using TCP (wscswugeiuayswqg.org).		Enabled by defaultEvents per second (default = 1)
125000114SystemDROP UDP TROJAN Redyms CnC DNS UDP Lookup (ywyayoskasuciwuo.org)This rule drops TROJAN Redyms CnC DNS Lookup
using UDP (ywyayoskasuciwuo.org).		Enabled by defaultEvents per second (default = 1)
125000115SystemDROP TCP TROJAN Redyms CnC DNS TCP Lookup(ywyayoskasuciwuo.org)This rule drops TROJAN Redyms CnC DNS Lookup
using TCP (ywyayoskasuciwuo.org).		Enabled by defaultEvents per second (default = 1)
125000116System

DROP UDP TROJAN Ransomware/Poshcoder Onion Domain UDP Lookup (vswefkqsipoeuq5o)

This rule drops TROJAN Ransomware/Poshcoder Onion Domain Lookup using UDP (vswefkqsipoeuq5o).

Enabled by defaultEvents per second (default = 1)
125000117System

DROP TCP TROJAN Ransomware/Poshcoder Onion Domain TCP Lookup (vswefkqsipoeuq5o)

This rule drops TROJAN Ransomware/Poshcoder Onion Domain Lookup using TCP (vswefkqsipoeuq5o).

Enabled by defaultEvents per second (default = 1)
125000118System

DROP UDP TROJAN Critroni .onion Proxy Domain (tmclybfqzgkaeilm)

This rule drops TROJAN Critroni. onion Proxy Domain using UDP (tmclybfqzgkaeilm).

Enabled by defaultEvents per second (default = 1)
125000119System

DROP TCP TROJAN Critroni .onion Proxy Domain (tmclybfqzgkaeilm)

This rule drops TROJAN Critroni. onion Proxy Domain using TCP (tmclybfqzgkaeilm).

Enabled by defaultEvents per second (default = 1)
125000120System

DROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (alhadath.mobi)

This rule drops TROJAN Possible CopyKittens DNS Lookup using UDP (alhadath.mobi).

Enabled by defaultEvents per second (default = 1)
125000121System

DROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (alhadath.mobi)

This rule drops TROJAN Possible CopyKittens DNS Lookup using TCP (alhadath.mobi).

Enabled by defaultEvents per second (default = 1)
125000122SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (big-windowss.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (big-windowss.com).		Enabled by defaultEvents per second (default = 1)
125000123SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (big-windowss.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (big-windowss.com).		Enabled by defaultEvents per second (default = 1)
125000124SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (cacheupdate14.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (cacheupdate14.com).		Enabled by defaultEvents per second (default = 1)
125000125System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (cacheupdate14.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (cacheupdate14.com).		Enabled by defaultEvents per second (default = 1)
125000126System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (fbstatica.space)

This rule drops TROJAN Possible CopyKittens DNS Lookup using UDP (fbstatic-a.space).

Enabled by defaultEvents per second (default = 1)
125000127System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (fbstatica.space)

This rule drops TROJAN Possible CopyKittens DNS Lookup using TCP (fbstatic-a.space).

Enabled by defaultEvents per second (default = 1)
125000128System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (fbstatica.xyz)

This rule drops TROJAN Possible CopyKittens DNS Lookup using UDP (fbstatic-a.xyz).

Enabled by defaultEvents per second (default = 1)
125000129System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (fbstatica.xyz)

This rule drops TROJAN Possible CopyKittens DNS Lookup using TCP (fbstatic-a.xyz).

Enabled by defaultEvents per second (default = 1)
125000130System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (fbstatic-akamaihd.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (fbstatic-akamaihd.com).		Enabled by defaultEvents per second (default = 1)
125000131System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (fbstatic-akamaihd.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (fbstatic-akamaihd.com).		Enabled by defaultEvents per second (default = 1)
125000132System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (gmailtagmanager.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (gmailtagmanager.com).		Enabled by defaultEvents per second (default = 1)
125000133System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (gmailtagmanager.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (gmailtagmanager.com).		Enabled by defaultEvents per second (default = 1)
125000134System

DROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (haaretz.link)

This rule drops TROJAN Possible CopyKittens DNS Lookup using UDP (haaretz.link).

Enabled by defaultEvents per second (default = 1)
125000135System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (haaretz.link)

This rule drops TROJAN Possible CopyKittens DNS Lookup using TCP (haaretz.link).

Enabled by defaultEvents per second (default = 1)
125000136System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (haaretz-news.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (haaretz-news.com).		Enabled by defaultEvents per second (default = 1)
125000137System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (haaretz-news.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (haaretz-news.com).		Enabled by defaultEvents per second (default = 1)
125000138System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (heartax.info)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (heartax.info).		Enabled by defaultEvents per second (default = 1)
125000139SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (heartax.info)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (heartax.info).		Enabled by defaultEvents per second (default = 1)
125000140System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (img.gmailtagmanager.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (img.gmailtagmanager.com).		Enabled by defaultEvents per second (default = 1)
125000141System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (img.gmailtagmanager.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (img.gmailtagmanager.com).		Enabled by defaultEvents per second (default = 1)
125000142System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (kernel4windows.in)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (kernel4windows.in).		Enabled by defaultEvents per second (default = 1)
125000143System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (kernel4windows.in)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (kernel4windows.in).		Enabled by defaultEvents per second (default = 1)
125000144System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (main.windowskernel14.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP(main.windowskernel14.com)		Enabled by defaultEvents per second (default = 1)
125000145System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (main.windowskernel14.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (main.windowskernel14.com)		Enabled by defaultEvents per second (default = 1)
125000146SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (micro-windows.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (micro-windows.in).		Enabled by defaultEvents per second (default = 1)
125000147SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (micro-windows.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (micro-windows.in).		Enabled by defaultEvents per second (default = 1)
125000148SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup(mswordupdate15.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (mswordupdate15.com).		Enabled by defaultEvents per second (default = 1)
125000149System

DROP TCP TROJAN Possible CopyKittens DNS TCP

Lookup (mswordupdate15.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (mswordupdate15.com).		Enabled by defaultEvents per second (default = 1)
125000150System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (mswordupdate16.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (mswordupdate16.com).		Enabled by defaultEvents per second (default = 1)
125000151SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup(mswordupdate16.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (mswordupdate16.com).		Enabled by defaultEvents per second (default = 1)
125000152System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (mswordupdate17.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (mswordupdate17.com).		Enabled by defaultEvents per second (default = 1)
125000153SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (mswordupdate17.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (mswordupdate17.com).		Enabled by defaultEvents per second (default = 1)
125000154SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (mywindows24.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (mywindows24.in).		Enabled by defaultEvents per second (default = 1)
125000155SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (mywindows24.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (mywindows24.in).		Enabled by defaultEvents per second (default = 1)
125000156SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (patch7-windows.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (patch7-windows.com).		Enabled by defaultEvents per second (default = 1)
125000157SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (patch7-windows.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (patch7-windows.com).		Enabled by defaultEvents per second (default = 1)
125000158System

DROP UDP TROJAN Possible CopyKittens DNS UDP

Lookup (patch8-windows.com)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (patch8-windows.com).		Enabled by defaultEvents per second (default = 1)
125000159SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (patch8-windows.com)

This rule drops TROJAN Possible CopyKittens DNS

Lookup using TCP (patch8-windows.com).

Enabled by defaultEvents per second (default = 1)
125000160SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (patchthiswindows.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (patchthiswindows.com).		Enabled by defaultEvents per second (default = 1)
125000161SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (patchthiswindows.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (patchthiswindows.com).		Enabled by defaultEvents per second (default = 1)
125000162SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (u.mywindows24.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (u.mywindows24.in).		Enabled by defaultEvents per second (default = 1)
125000163SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (u.mywindows24.in)This rule drops TROJAN Possible CopyKittens DNS Lookup using TCP (u.mywindows24.in).Enabled by defaultEvents per second (default = 1)
125000164System

DROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (walla.link)

This rule drops TROJAN Possible CopyKittens DNS Lookup using UDP (walla.link).

Enabled by defaultEvents per second (default = 1)
125000165System

DROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (walla.link)

This rule drops TROJAN Possible CopyKittens DNS Lookup using TCP (walla.link).

Enabled by defaultEvents per second (default = 1)
125000166SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (wethearservice.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (wethearservice.com).		Enabled by defaultEvents per second (default = 1)
125000167SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (wethearservice.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (wethearservice.com).		Enabled by defaultEvents per second (default = 1)
125000168System

DROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (wheatherserviceapi.info)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (wheatherserviceapi.info).		Enabled by defaultEvents per second (default = 1)
125000169System

DROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (wheatherserviceapi.info)

This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (wheatherserviceapi.info).		Enabled by defaultEvents per second (default = 1)
125000170SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windowkernel.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windowkernel.com).		Enabled by defaultEvents per second (default = 1)
125000171SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windowkernel.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windowkernel.com).		Enabled by defaultEvents per second (default = 1)
125000172SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windows-10patch.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windows-10patch.in).		Enabled by defaultEvents per second (default = 1)
125000173SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windows-10patch.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windows-10patch.in).		Enabled by defaultEvents per second (default = 1)
125000174SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windows24-kernel.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windows24-kernel.in).		Enabled by defaultEvents per second (default = 1)
125000175SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windows24-kernel.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windows24-kernel.in).		Enabled by defaultEvents per second (default = 1)

125000176

SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windows-drive20.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windows-drive20.com).		Enabled by defaultEvents per second (default = 1)
125000177SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windows-drive20.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windows-drive20.com).		Enabled by defaultEvents per second (default = 1)
125000178SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windows-india.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windows-india.in).		Enabled by defaultEvents per second (default = 1)
125000179SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windows-india.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windows-india.in).		Enabled by defaultEvents per second (default = 1)
125000180SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windowskernel.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windowskernel.in).		Enabled by defaultEvents per second (default = 1)
125000181SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windowskernel.in)This rule drops TROJAN Possible CopyKittens DNS Lookup using TCP (windowskernel.in).Enabled by defaultEvents per second (default = 1)
125000182SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windows-kernel.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windows-kernel.in).		Enabled by defaultEvents per second (default = 1)
125000183SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windows-kernel.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windows-kernel.in).		Enabled by defaultEvents per second (default = 1)
125000184SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windowskernel14.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windowskernel14.com).		Enabled by defaultEvents per second (default = 1)
125000185SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windowskernel14.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windowskernel14.com).		Enabled by defaultEvents per second (default = 1)
125000186SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windowslayer.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windowslayer.in).		Enabled by defaultEvents per second (default = 1)
125000187SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windowslayer.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windowslayer.in).		Enabled by defaultEvents per second (default = 1)
125000188SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windows-my50.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windows-my50.com).		Enabled by defaultEvents per second (default = 1)
125000189SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windows-my50.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windows-my50.com).		Enabled by defaultEvents per second (default = 1)
125000190SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windowssup.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using UDP (windowssup.in).		Enabled by defaultEvents per second (default = 1)
125000191SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windowssup.in)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windowssup.in).		Enabled by defaultEvents per second (default = 1)
125000192SystemDROP UDP TROJAN Possible CopyKittens DNS UDP Lookup (windowsupup.com)This rule drops TROJAN Possible CopyKittens DNS Lookup using UDP (windowsupup.com).Enabled by defaultEvents per second (default = 1)
125000193SystemDROP TCP TROJAN Possible CopyKittens DNS TCP Lookup (windowsupup.com)This rule drops TROJAN Possible CopyKittens DNS
Lookup using TCP (windowsupup.com).		Enabled by defaultEvents per second (default = 1)
125000194System

DROP UDP TROJAN Win32/Teslacrypt. onion Proxy Domain (tw7kaqthui5ojcez)

This rule drops TROJAN Win32/Teslacrypt .onion Proxy Domain using UDP (tw7kaqthui5ojcez).

Enabled by defaultEvents per second (default = 1)
125000195System

DROP TCP TROJAN Win32/Teslacrypt. onion Proxy Domain (tw7kaqthui5ojcez)

This rule drops TROJAN Win32/Teslacrypt .onion Proxy Domain using TCP (tw7kaqthui5ojcez).

Enabled by defaultEvents per second (default = 1)
125000196SystemDROP UDP POLICY DNS Query to.onion proxy Domain (paybtc798.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (paybtc798.com).Enabled by defaultEvents per second (default = 1)
125000197SystemDROP TCP POLICY DNS Query to.onion proxy Domain (paybtc798.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (paybtc798.com).Enabled by defaultEvents per second (default = 1)
125000198SystemDROP UDP POLICY DNS Query to.onion proxy Domain (softpay4562.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (softpay4562.com).Enabled by defaultEvents per second (default = 1)
125000199SystemDROP TCP POLICY DNS Query to.onion proxy Domain (softpay4562.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (softpay4562.com).Enabled by defaultEvents per second (default = 1)
125000200SystemDROP UDP POLICY DNS Query to.onion proxy Domain (bark1paypartners.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (bark1paypartners.com).Enabled by defaultEvents per second (default = 1)
125000201SystemDROP TCP POLICY DNS Query to.onion proxy Domain (bark1paypartners.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (bark1paypartners.com).Enabled by defaultEvents per second (default = 1)
125000202SystemDROP UDP POLICY DNS Query to.onion proxy Domain (btcpay435.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (btcpay435.com).Enabled by defaultEvents per second (default = 1)
125000203SystemDROP TCP POLICY DNS Query to.onion proxy Domain (btcpay435.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (btcpay435.com).Enabled by defaultEvents per second (default = 1)
125000204SystemDROP UDP POLICY DNS Query to.onion proxy Domain (nersinvestpayto.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (nersinvestpayto.com).Enabled by defaultEvents per second (default = 1)
125000205SystemDROP TCP POLICY DNS Query to.onion proxy Domain (nersinvestpayto.com)This rule drops POLICY DNS Query to.onion proxy Domain
using TCP (nersinvestpayto.com).		Enabled by defaultEvents per second (default = 1)
125000206System

DROP UDP TROJAN Unknown Downloader. onion Proxy Domain (qmu7bm3cjfbux5xg)

This rule drops TROJAN Unknown Downloader. onion Proxy Domain using UDP (qmu7bm3cjfbux5xg).

Enabled by defaultEvents per second (default = 1)
125000207System

DROP TCP TROJAN Unknown Downloader. onion Proxy Domain (qmu7bm3cjfbux5xg)

This rule drops TROJAN Unknown Downloader .onion Proxy Domain using TCP (qmu7bm3cjfbux5xg).

Enabled by defaultEvents per second (default = 1)
125000208System

DROP UDP TROJAN Zbot. onion Proxy Domain (2kf7l7vpvvttzxuv)

This rule drops TROJAN Zbot. onion Proxy Domain using UDP (2kf7l7vpvvttzxuv).

Enabled by defaultEvents per second (default = 1)
125000209System

DROP TCP TROJAN Zbot. onion Proxy Domain (2kf7l7vpvvttzxuv)

This rule drops TROJAN Zbot. onion Proxy Domain using TCP (2kf7l7vpvvttzxuv).

Enabled by defaultEvents per second (default = 1)
125000210SystemDROP UDP TROJAN Derusbi/Winnti DNS UDP Lookup (ns5.cisco-inc.net.)This rule drops TROJAN Derusbi/Winnti DNS Lookup using UDP (ns5.cisco-inc.net.)Enabled by defaultEvents per second (default = 1)
125000211SystemDROP TCP TROJAN Derusbi/Winnti DNS TCP Lookup (ns5.cisco-inc.net.)This rule drops TROJAN Derusbi/Winnti DNS Lookup using TCP (ns5.cisco-inc.net.)Enabled by defaultEvents per second (default = 1)
125000212SystemDROP UDP TROJAN Derusbi/Winnti DNS UDP Lookup (ware.mremote.biz.)This rule drops TROJAN Derusbi/Winnti DNS Lookup using UDP (ware.mremote.biz.)Enabled by defaultEvents per second (default = 1)
125000213SystemDROP TCP TROJAN Derusbi/Winnti DNS TCP Lookup (ware.mremote.biz.)This rule drops TROJAN Derusbi/Winnti DNS Lookup using TCP (ware.mremote.biz.)Enabled by defaultEvents per second (default = 1)
125000214SystemDROP UDP TROJAN Derusbi/Winnti DNS UDP Lookup (free.msftncsl.com.)This rule drops TROJAN Derusbi/Winnti DNS Lookup using UDP (free.msftncsl.com.)Enabled by defaultEvents per second (default = 1)
125000215SystemDROP TCP TROJAN Derusbi/Winnti DNS TCP Lookup (free.msftncsl.com.)This rule drops TROJAN Derusbi/Winnti DNS Lookup using TCP (free.msftncsl.com.)Enabled by defaultEvents per second (default = 1)
125000216SystemDROP UDP TROJAN Possible Winnti or other APT Implant DNS UDP Lookup (micriosoft.net.)This rule drops TROJAN Possible Winnti or other APT Implant DNS Lookup using UDP (micriosoft.net.).Enabled by defaultEvents per second (default = 1)
125000217SystemDROP TCP TROJAN Possible Winnti or other APT Implant DNS TCP Lookup (micriosoft.net.)This rule drops TROJAN Possible Winnti or other APT Implant DNS Lookup using TCP (micriosoft.net.)Enabled by defaultEvents per second (default = 1)
125000218SystemDROP UDP TROJAN Derusbi/Winnti DNS UDP Lookup (rd.kasparsky.net.)This rule drops TROJAN Derusbi/Winnti DNS Lookup using UDP (rd.kasparsky.net.)Enabled by defaultEvents per second (default = 1)
125000219SystemDROP TCP TROJAN Derusbi/Winnti DNS TCP Lookup (rd.kasparsky.net.)This rule drops TROJAN Derusbi/Winnti DNS Lookup using TCP (rd.kasparsky.net.)Enabled by defaultEvents per second (default = 1)
125000220System

DROP UDP TROJAN TeslaCrypt/AlphaCrypt Payment DNS UDP Lookup (t7r67vsrpjcm5dfc)

This rule drops TROJAN TeslaCrypt/AlphaCrypt Payment DNS Lookup using UDP (t7r67vsrpjcm5dfc).

Enabled by defaultEvents per second (default = 1)
125000221System

DROP TCP TROJAN TeslaCrypt/AlphaCrypt Payment DNS TCP Lookup (t7r67vsrpjcm5dfc)

This rule drops TROJAN TeslaCrypt/AlphaCrypt Payment DNS Lookup using TCP (t7r67vsrpjcm5dfc).

Enabled by defaultEvents per second (default = 1)
125000222SystemDROP UDP TROJAN Sakula DNS UDP
Lookup (mail.cbppnews.com)		This rule drops TROJAN Sakula DNS Lookup using UDP (mail.cbppnews.com).Enabled by defaultEvents per second (default = 1)
125000223SystemDROP TCP TROJAN Sakula DNS TCP Lookup (mail.cbppnews.com)This rule drops TROJAN Sakula DNS Lookup using TCP (mail.cbppnews.com).Enabled by defaultEvents per second (default = 1)
125000224SystemDROP UDP TROJAN Sakula DNS UDP
Lookup (inocnation.com)		This rule drops TROJAN Sakula DNS Lookup using UDP (inocnation.com).Enabled by defaultEvents per second (default = 1)
125000225SystemDROP TCP TROJAN Sakula DNS TCP Lookup (inocnation.com)This rule drops TROJAN Sakula DNS Lookup using TCP (inocnation.com).Enabled by defaultEvents per second (default = 1)
125000226SystemDROP UDP POLICY DNS Query to.onion proxy Domain (waytopaytosystem.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (waytopaytosystem.com).Enabled by defaultEvents per second (default = 1)
125000227SystemDROP TCP POLICY DNS Query to.onion proxy Domain (waytopaytosystem.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (waytopaytosystem.com).Enabled by defaultEvents per second (default = 1)
125000228SystemDROP UDP TROJAN Zbot. onion Proxy Domain (o2y3ee3fj6usmvn6)This rule drops TROJAN Zbot. onion Proxy Domain using UDP (o2y3ee3fj6usmvn6).Enabled by defaultEvents per second (default = 1)
125000229SystemDROP TCP TROJAN Zbot. onion Proxy Domain (o2y3ee3fj6usmvn6)This rule drops TROJAN Zbot. onion Proxy Domain using TCP (o2y3ee3fj6usmvn6).Enabled by defaultEvents per second (default = 1)
125000230SystemDROP UDP POLICY DNS Query to.onion proxy Domain (deepwebgateway.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (deepwebgateway.com).Enabled by defaultEvents per second (default = 1)
125000231SystemDROP TCP POLICY DNS Query to.onion proxy Domain (deepwebgateway.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (deepwebgateway.com).Enabled by defaultEvents per second (default = 1)
125000232SystemDROP UDP POLICY DNS Query to.onion proxy Domain (malkintop100.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (malkintop100.com).Enabled by defaultEvents per second (default = 1)
125000233SystemDROP TCP POLICY DNS Query to.onion proxy Domain (malkintop100.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (malkintop100.com).Enabled by defaultEvents per second (default = 1)
125000234SystemDROP UDP POLICY DNS Query to.onion proxy Domain (onion.link)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (onion.link).Enabled by defaultEvents per second (default = 1)
125000235SystemDROP TCP POLICY DNS Query to.onion proxy Domain (onion.link)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (onion.link).Enabled by defaultEvents per second (default = 1)
125000236SystemDROP UDP POLICY DNS Query to.onion proxy Domain (encpayment23.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (encpayment23.com).Enabled by defaultEvents per second (default = 1)
125000237SystemDROP TCP POLICY DNS Query to.onion proxy Domain (encpayment23.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (encpayment23.com).Enabled by defaultEvents per second (default = 1)
125000238SystemDROP UDP POLICY DNS Query to.onion proxy Domain (expay34.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (expay34.com).Enabled by defaultEvents per second (default = 1)
125000239SystemDROP TCP POLICY DNS Query to.onion proxy Domain (expay34.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (expay34.com).Enabled by defaultEvents per second (default = 1)
125000240SystemDROP UDP TROJAN Sacto DNS UDP Lookup (ispcache.eicp.net.)This rule drops TROJAN Sacto DNS Lookup using UDP (ispcache.eicp.net.)Enabled by defaultEvents per second (default = 1)
125000241SystemDROP TCP TROJAN Sacto DNS TCP Lookup (ispcache.eicp.net.)This rule drops TROJAN Sacto DNS Lookup using TCP (ispcache.eicp.net.)Enabled by defaultEvents per second (default = 1)
125000242SystemDROP UDP TROJAN Sacto DNS UDP Lookup (test-user123.vicp.cc.)This rule drops TROJAN Sacto DNS Lookup using UDP (test-user123.vicp.cc.)Enabled by defaultEvents per second (default = 1)
125000243SystemDROP TCP TROJAN Sacto DNS TCP Lookup (test-user123.vicp.cc.)This rule drops TROJAN Sacto DNS Lookup using TCP (test-user123.vicp.cc.)Enabled by defaultEvents per second (default = 1)
125000244SystemDROP UDP TROJAN Trojan.Win32.Generic.onion Proxy Domain (q5xofefox3mejgok)This rule drops TROJAN Trojan.Win32.Generic.onion Proxy Domain using UDP (q5xofefox3mejgok).Enabled by defaultEvents per second (default = 1)
125000245SystemDROP TCP TROJAN Trojan.Win32.Generic.onion Proxy Domain (q5xofefox3mejgok)This rule drops TROJAN Trojan.Win32.Generic.onion Proxy Domain using TCP (q5xofefox3mejgok).Enabled by defaultEvents per second (default = 1)
125000246SystemDROP UDP TROJAN Zbot. onion Proxy Domain (szlvj5va4ey3vnfd)This rule drops TROJAN Zbot. onion Proxy Domain using UDP (szlvj5va4ey3vnfd).Enabled by defaultEvents per second (default = 1)
125000247SystemDROP TCP TROJAN Zbot. onion Proxy Domain (szlvj5va4ey3vnfd)This rule drops TROJAN Zbot. onion Proxy Domain using TCP (szlvj5va4ey3vnfd).Enabled by defaultEvents per second (default = 1)
125000248SystemDROP UDP TROJAN Unknown Ransomware.onion Proxy Domain (kqd2eml2kjib53oe)This rule drops TROJAN Unknown Ransomware.onion Proxy Domain using UDP (kqd2eml2kjib53oe).Enabled by defaultEvents per second (default = 1)
125000249SystemDROP TCP TROJAN Unknown Ransomware.onion Proxy Domain (kqd2eml2kjib53oe)This rule drops TROJAN Unknown Ransomware.onion Proxy Domain using TCP (kqd2eml2kjib53oe).Enabled by defaultEvents per second (default = 1)
125000250SystemDROP UDP TROJAN Plugx DNS UDP Lookup (googletranslatione.com.)This rule drops TROJAN Plugx DNS Lookup using UDP (googletranslatione.com.).Enabled by defaultEvents per second (default = 1)
125000251SystemDROP TCP TROJAN Plugx DNS TCP Lookup (googletranslatione.com.)This rule drops TROJAN Plugx DNS Lookup using TCP (googletranslatione.com.).Enabled by defaultEvents per second (default = 1)
125000252SystemDROP UDP TROJAN Sacto DNS UDP Lookup (mdytourism.com.)This rule drops TROJAN Sacto DNS Lookup using UDP (mdytourism.com.).Enabled by defaultEvents per second (default = 1)
125000253SystemDROP TCP TROJAN Sacto DNS TCP Lookup (mdytourism.com.)This rule drops TROJAN Sacto DNS Lookup using TCP (mdytourism.com.).Enabled by defaultEvents per second (default = 1)
125000254SystemDROP UDP TROJAN Sacto DNS UDP Lookup (sidonaygn.net.)This rule drops TROJAN Sacto DNS Lookup using UDP (sidonaygn.net.).Enabled by defaultEvents per second (default = 1)
125000255SystemDROP TCP TROJAN Sacto DNS TCP Lookup (sidonaygn.net.)This rule drops TROJAN Sacto DNS Lookup using TCP (sidonaygn.net.).Enabled by defaultEvents per second (default = 1)
125000256SystemDROP UDP TROJAN Sacto DNS UDP Lookup (cmcscan.com.)This rule drops TROJAN Sacto DNS Lookup using UDP (cmcscan.com.).Enabled by defaultEvents per second (default = 1)
125000257SystemDROP TCP TROJAN Sacto DNS TCP Lookup (cmcscan.com.)This rule drops TROJAN Sacto DNS Lookup using TCP (cmcscan.com.).Enabled by defaultEvents per second (default = 1)
125000258SystemDROP UDP TROJAN Possible APT.SSLSneak DNS UDP Lookup
(oil3689hso.com.)		This rule drops TROJAN Possible APT.SSLSneak DNS Lookup using UDP (oil3689hso.com.).Enabled by defaultEvents per second (default = 1)
125000259SystemDROP TCP TROJAN Possible APT.SSLSneak DNS TCP Lookup (oil3689hso.com.)This rule drops TROJAN Possible APT.SSLSneak DNS Lookup using TCP (oil3689hso.com.).Enabled by defaultEvents per second (default = 1)
125000260SystemDROP UDP TROJAN Possible APT.SSLSneak DNS UDP Lookup
(bedaliosp.com.)		This rule drops TROJAN Possible APT.SSLSneak DNS Lookup using UDP (bedaliosp.com.).Enabled by defaultEvents per second (default = 1)
125000261SystemDROP TCP TROJAN Possible APT.SSLSneak DNS TCP Lookup (bedaliosp.com.)This rule drops TROJAN Possible APT.SSLSneak DNS Lookup using TCP (bedaliosp.com.).Enabled by defaultEvents per second (default = 1)
125000262SystemDROP UDP TROJAN Possible APT.SSLSneak DNS UDP Lookup (serv-1.net.)This rule drops TROJAN Possible APT.SSLSneak DNS Lookup using UDP (serv-1.net.).Enabled by defaultEvents per second (default = 1)
125000263SystemDROP TCP TROJAN Possible APT.SSLSneak DNS TCP Lookup
(serv-1.net.)		This rule drops TROJAN Possible APT.SSLSneak DNS Lookup using TCP (serv-1.net.).Enabled by defaultEvents per second (default = 1)
125000264SystemDROP UDP TROJAN Possible APT.SSLSneak DNS UDP Lookup
(netglasswear.com.)		This rule drops TROJAN Possible APT.SSLSneak DNS Lookup using UDP (netglasswear.com.).Enabled by defaultEvents per second (default = 1)
125000265SystemDROP TCP TROJAN Possible APT.SSLSneak DNS TCP Lookup
(netglasswear.com.)		This rule drops TROJAN Possible APT.SSLSneak DNS Lookup using TCP (netglasswear.com.).Enabled by defaultEvents per second (default = 1)
125000266SystemDROP UDP TROJAN Win32/Bulta DNS UDP Lookup (kugo.f3322.net)This rule drops TROJAN Win32/Bulta DNS Lookup
using UDP (kugo.f3322.net).		Enabled by defaultEvents per second (default = 1)
125000267SystemDROP TCP TROJAN Win32/Bulta DNS TCP Lookup (kugo.f3322.net)This rule drops TROJAN Win32/Bulta DNS Lookup
using TCP (kugo.f3322.net).		Enabled by defaultEvents per second (default = 1)
125000268SystemDROP UDP TROJAN Win32/Bulta DNS UDP Lookup (yk.ftwxw.com)This rule drops TROJAN Win32/Bulta DNS Lookup
using UDP (yk.ftwxw.com).		Enabled by defaultEvents per second (default = 1)
125000269SystemDROP TCP TROJAN Win32/Bulta DNS TCP Lookup (yk.ftwxw.com)This rule drops TROJAN Win32/Bulta DNS Lookup using TCP (yk.ftwxw.com).Enabled by defaultEvents per second (default = 1)
125000270SystemDROP UDP TROJAN Zbot. onion Proxy Domain (fhqt44i7du2oyd35)This rule drops TROJAN Zbot. onion Proxy Domain using UDP (fhqt44i7du2oyd35).Enabled by defaultEvents per second (default = 1)
125000271SystemDROP TCP TROJAN Zbot. onion Proxy Domain (fhqt44i7du2oyd35)This rule drops TROJAN Zbot. onion Proxy Domain using TCP (fhqt44i7du2oyd35).Enabled by defaultEvents per second (default = 1)
125000272SystemDROP UDP TROJAN EvilGrab or APT.9002 DNS UDP Lookup (secvies.com)This rule drops TROJAN EvilGrab or APT.9002 DNS Lookup using UDP (secvies.com).Enabled by defaultEvents per second (default = 1)
125000273SystemDROP TCP TROJAN EvilGrab or APT.9002 DNS TCP Lookup (secvies.com)This rule drops TROJAN EvilGrab or APT.9002 DNS Lookup using TCP (secvies.com).Enabled by defaultEvents per second (default = 1)
125000274SystemDROP UDP TROJAN TrochilusRAT DNS UDP Lookup (security-centers.com)This rule drops TROJAN TrochilusRAT DNS Lookup
using UDP (security-centers.com).		Enabled by defaultEvents per second (default = 1)
125000275SystemDROP TCP TROJAN TrochilusRAT DNS TCP Lookup (security-centers.com)This rule drops TROJAN TrochilusRAT DNS Lookup
using TCP (security-centers.com).		Enabled by defaultEvents per second (default = 1)
125000276SystemDROP UDP Possible EK SSL Redir DNS UDP Lookup (promotion.mediaqites.com.)This rule drops Possible EK SSL Redir DNS Lookup using UDP (promotion.mediaqites.com.).Enabled by defaultEvents per second (default = 1)
125000277SystemDROP TCP Possible EK SSL Redir DNS TCP Lookup (promotion.mediaqites.com.)This rule drops Possible EK SSL Redir DNS Lookup using TCP (promotion.mediaqites.com.).Enabled by defaultEvents per second (default = 1)
125000278SystemDROP UDP Possible EKSSL Redir DNS UDP Lookup (adition.untouchable-media.com.)This rule drops Possible EKSSL Redir DNS Lookup using UDP (adition.untouchable-media.com.).Enabled by defaultEvents per second (default = 1)
125000279SystemDROP TCP Possible EKSSL Redir DNS TCP Lookup (adition.untouchable-media.com.)This rule drops Possible EKSSL Redir DNS Lookup using TCP (adition.untouchable-media.com.).Enabled by defaultEvents per second (default = 1)
125000280SystemDROP UDP Possible EK SSL Redir DNS UDP Lookup (admarkets.mediadfusion.com.)This rule drops Possible EK SSL Redir DNS Lookup using UDP (admarkets.mediadfusion.com.).Enabled by defaultEvents per second (default = 1)
125000281SystemDROP TCP Possible EK SSL Redir DNS TCP Lookup (admarkets.mediadfusion.com.)This rule drops Possible EK SSL Redir DNS Lookup using TCP (admarkets.mediadfusion.com.).Enabled by defaultEvents per second (default = 1)
125000282SystemDROP UDP Possible EK SSL Redir DNS UDP Lookup (promotion.maternitymedia.com.)This rule drops Possible EK SSL Redir DNS Lookup using UDP (promotion.maternitymedia.com.).Enabled by defaultEvents per second (default = 1)
125000283SystemDROP TCP Possible EK SSL Redir DNS TCP Lookup (promotion.maternitymedia.com.)This rule drops Possible EK SSL Redir DNS Lookup using TCP (promotion.maternitymedia.com.).Enabled by defaultEvents per second (default = 1)
125000284SystemDROP UDP Observed Malvertising Domain DNS Request (markets.mediasoftmac.com)This rule drops Observed Malvertising Domain DNS
Request using UDP (markets.mediasoftmac.com).		Enabled by defaultEvents per second (default = 1)
125000285SystemDROP TCP Observed Malvertising Domain DNS Request (markets.mediasoftmac.com)This rule drops Observed Malvertising Domain DNS
Request using TCP (markets.mediasoftmac.com).		Enabled by defaultEvents per second (default = 1)
125000286SystemDROP UDP Observed Malvertising Domain DNS Request (advertising.northsidemarket.com)This rule drops Observed Malvertising Domain DNS
Request using UDP (advertising.northsidemarket.com).		Enabled by defaultEvents per second (default = 1)
125000287SystemDROP TCP Observed Malvertising Domain DNS Request (advertising.northsidemarket.com)This rule drops Observed Malvertising Domain DNS
Request using TCP (advertising.northsidemarket.com).		Enabled by defaultEvents per second (default = 1)
125000288SystemDROP UDP TROJAN Superman APT DNS UDP Lookup (ie.update-windows-microsoft.com.)This rule drops TROJAN Superman APT DNS Lookup using UDP (ie.update-windows-microsoft.com.).Enabled by defaultEvents per second (default = 1)
125000289SystemDROP TCP TROJAN Superman APT DNS TCP Lookup (ie.update-windows-microsoft.com.)This rule drops TROJAN Superman APT DNS Lookup using TCP (ie.update-windows-microsoft.com.).Enabled by defaultEvents per second (default = 1)
125000290SystemDROP UDP Chrome Extension Phishing DNS Request (chrome-extension)This rule drops Chrome Extension Phishing DNS
Request using UDP (chrome-extension).		Enabled by defaultEvents per second (default = 1)
125000291SystemDROP TCP Chrome Extension Phishing DNS Request (chrome-extension)This rule drops Chrome Extension Phishing DNS
Request using TCP (chrome-extension).		Enabled by defaultEvents per second (default = 1)
125000292SystemDROP UDP TROJAN Kivars DNS UDP Lookup (microsoftmse.com.)This rule drops TROJAN Kivars DNS Lookup using UDP (microsoftmse.com.).Enabled by defaultEvents per second (default = 1)
125000293SystemDROP TCP TROJAN Kivars DNS TCP Lookup (microsoftmse.com.)This rule drops TROJAN Kivars DNS Lookup using TCP (microsoftmse.com.).Enabled by defaultEvents per second (default = 1)
125000294SystemDROP UDP TROJAN Keylogger.Bedrun DNS UDP Lookup (news.dumb1.com.)This rule drops TROJAN Keylogger.Bedrun DNS Lookup using UDP (news.dumb1.com.).Enabled by defaultEvents per second (default = 1)
125000295SystemDROP TCP TROJAN Keylogger.Bedrun DNS TCP Lookup (news.dumb1.com.)This rule drops TROJAN Keylogger.Bedrun DNS Lookup using TCP (news.dumb1.com.).Enabled by defaultEvents per second (default = 1)
125000296SystemDROP UDP POLICY DNS Query to.onion proxy Domain (belladonnamonna.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (belladonnamonna.com).Enabled by defaultEvents per second (default = 1)
125000297SystemDROP TCP POLICY DNS Query to.onion proxy Domain (belladonnamonna.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (belladonnamonna.com).Enabled by defaultEvents per second (default = 1)
125000298SystemDROP UDP POLICY DNS Query to.onion proxy Domain (praypartnerstodo.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (praypartnerstodo.com).Enabled by defaultEvents per second (default = 1)
125000299SystemDROP TCP POLICY DNS Query to.onion proxy Domain (praypartnerstodo.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (praypartnerstodo.com).Enabled by defaultEvents per second (default = 1)
125000300SystemDROP UDP POLICY DNS Query to.onion proxy Domain (hiltonpaytoo.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (hiltonpaytoo.com).Enabled by defaultEvents per second (default = 1)
125000301SystemDROP TCP POLICY DNS Query to.onion proxy Domain (hiltonpaytoo.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (hiltonpaytoo.com).Enabled by defaultEvents per second (default = 1)
125000302SystemDROP UDP POLICY DNS Query to.onion proxy Domain (barklpaypartners.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (barklpaypartners.com).Enabled by defaultEvents per second (default = 1)
125000303SystemDROP TCP POLICY DNS Query to.onion proxy Domain (barklpaypartners.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (barklpaypartners.com).Enabled by defaultEvents per second (default = 1)
125000304SystemDROP UDP TROJAN Ransomware/Poshcoder Onion Domain UDP Lookup (3afd57c4dchzp3pe)This rule drops TROJAN Ransomware/Poshcoder
Onion Domain Lookup using UDP (3afd57c4dchzp3pe).		Enabled by defaultEvents per second (default = 1)
125000305SystemDROP TCP TROJAN Ransomware/Poshcoder Onion Domain TCP Lookup (3afd57c4dchzp3pe)This rule drops TROJAN Ransomware/Poshcoder
Onion Domain Lookup using TCP (3afd57c4dchzp3pe).		Enabled by defaultEvents per second (default = 1)
125000306SystemDROP UDP TROJAN APT Related DNS UDP Lookup PlugX, Gh0st, Bergard (mailnews.eicp.net.)This rule drops TROJAN APT Related DNS Lookup PlugX, Gh0st, Bergard using UDP (mail-news.eicp.net.).Enabled by defaultEvents per second (default = 1)
125000307SystemDROP TCP TROJAN APT Related DNS TCP Lookup PlugX, Gh0st, Bergard (mail-news.eicp.net.)This rule drops TROJAN APT Related DNS Lookup PlugX, Gh0st, Bergard using TCP (mail-news.eicp.net.).Enabled by defaultEvents per second (default = 1)
125000308SystemDROP UDP TROJAN CustomRAT DNS lookup (www729448908.f3322.org.)This rule drops TROJAN CustomRAT DNS lookup using UDP (www729448908.f3322.org.).Enabled by defaultEvents per second (default = 1)
125000309SystemDROP TCP TROJAN CustomRAT DNS lookup (www729448908.f3322.org.)This rule drops TROJAN CustomRAT DNS lookup using TCP (www729448908.f3322.org.).Enabled by defaultEvents per second (default = 1)
125000310SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (9i7ffdgvffibow7.vrnserver.ru.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (9i7ffdgvffibow7.vrnserver.ru.).Enabled by defaultEvents per second (default = 1)
125000311SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (9i7ffdgvffibow7.vrnserver.ru.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (9i7ffdgvffibow7.vrnserver.ru.).Enabled by defaultEvents per second (default = 1)
125000312
DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (aaa123.spdns.de.)This rule drops TROJAN ScarletMimic DNS Lookup using UDP (aaa123.spdns.de.).Enabled by defaultEvents per second (default = 1)
125000313SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (aaa123.spdns.de.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (aaa123.spdns.de.).Enabled by defaultEvents per second (default = 1)
125000314SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (accounts.yourturbe.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP
(accounts.yourturbe.org.).		Enabled by defaultEvents per second (default = 1)
125000315SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (accounts.yourturbe.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (accounts.yourturbe.org.).Enabled by defaultEvents per second (default = 1)
125000316SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (account.websurprisemail.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (account.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000317SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (account.websurprisemail.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (account.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000318SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (addi.apple.cloudns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (addi.apple.cloudns.org.).Enabled by defaultEvents per second (default = 1)
125000319SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (addi.apple.cloudns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (addi.apple.cloudns.org.).Enabled by defaultEvents per second (default = 1)
125000320SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (admin.spdns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (admin.spdns.org.).Enabled by defaultEvents per second (default = 1)
125000321SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (admin.spdns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (admin.spdns.org.).Enabled by defaultEvents per second (default = 1)
125000322SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (apple.lenovositegroup.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (apple.lenovositegroup.com.).Enabled by defaultEvents per second (default = 1)
125000323SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (apple.lenovositegroup.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (apple.lenovositegroup.com.).Enabled by defaultEvents per second (default = 1)
125000324SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (bailee.alanna.cloudns.biz.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (bailee.alanna.cloudns.biz.).Enabled by defaultEvents per second (default = 1)
125000325SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (bailee.alanna.cloudns.biz.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (bailee.alanna.cloudns.biz.).Enabled by defaultEvents per second (default = 1)
125000326SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (bee.aoto.cloudns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (bee.aoto.cloudns.org.).Enabled by defaultEvents per second (default = 1)
125000327SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (bee.aoto.cloudns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (bee.aoto.cloudns.org.).Enabled by defaultEvents per second (default = 1)
125000328SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (bits.githubs.net.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (bits.githubs.net.).Enabled by defaultEvents per second (default = 1)
125000329SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (bits.githubs.net.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (bits.githubs.net.).Enabled by defaultEvents per second (default = 1)
125000330SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (book.websurprisemail.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (book.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000331SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (book.websurprisemail.
com.)		This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (book.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000332SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (clean.popqueen.cloudns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (clean.popqueen.cloudns.org.).Enabled by defaultEvents per second (default = 1)
125000333SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup
(clean.popqueen.cloudns.org.)		This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (clean.popqueen.cloudns.org.).Enabled by defaultEvents per second (default = 1)
125000334SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (desk.websurprisemail.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (desk.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000335SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (desk.websurprisemail.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (desk.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000336SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (detail43.myfirewall.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (detail43.myfirewall.org.).Enabled by defaultEvents per second (default = 1)
125000337SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (detail43.myfirewall.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (detail43.myfirewall.org.).Enabled by defaultEvents per second (default = 1)
125000338SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (dolat.websurprisemail.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (dolat.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000339SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (dolat.websurprisemail.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (dolat.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000340System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (dolet.websurprisemail.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (dolet.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000341System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (dolet.websurprisemail.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (dolet.websurprisemail.com.).Enabled by defaultEvents per second (default = 1)
125000342SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (economy.spdns.de.)This rule drops TROJAN Scarlet
Mimic DNS Lookup using UDP (economy.spdns.de.).		Enabled by defaultEvents per second (default = 1)
125000343SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (economy.spdns.de.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (economy.spdns.de.).Enabled by defaultEvents per second (default = 1)
125000344System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (economy.spdns.eu.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (economy.spdns.eu.).

Enabled by defaultEvents per second (default = 1)
125000345System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (economy.spdns.eu.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (economy.spdns.eu.).

Enabled by defaultEvents per second (default = 1)

125000346

SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (eemete.freetcp.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (eemete.freetcp.com.).Enabled by defaultEvents per second (default = 1)


125000347

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (eemete.freetcp.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (eemete.freetcp.com.).Enabled by defaultEvents per second (default = 1)


125000348

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (firefox.spdns.de.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (firefox.spdns.de.).

Enabled by default

Events per second (default = 1)


125000349

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (firefox.spdns.de.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (firefox.spdns.de.).

Enabled by default

Events per second (default = 1)


125000350

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (firewallupdate.firewall-gateway.net.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (firewallupdate.firewall-gateway.net.).

Enabled by default

Events per second (default = 1)


125000351

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (firewallupdate.firewall
-gateway.net.)		This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (firewallupdate.firewall-gateway.net.).Enabled by defaultEvents per second (default = 1)


125000352

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (fish.seafood.cloudns.org.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (fish.seafood.cloudns.org.).Enabled by defaultEvents per second (default = 1)


125000353

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (fish.seafood.cloudns.org.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (fish.seafood.cloudns.org.).

Enabled by default

Events per second (default = 1)


125000354

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (ftp112.lenta.cloudns.pw.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (ftp112.lenta.cloudns.pw.).

Enabled by default

Events per second (default = 1)


125000355

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (ftp112.lenta.cloudns.pw.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (ftp112.lenta.cloudns.pw.).

Enabled by default

Events per second (default = 1)


125000356

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (github.ignorelist.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (github.ignorelist.com.).Enabled by defaultEvents per second (default = 1)


125000357

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (github.ignorelist.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (github.ignorelist.com.).Enabled by defaultEvents per second (default = 1)


125000358

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (islam.youtubesitegroup.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (islam.youtubesitegroup.com.).

Enabled by default

Events per second (default = 1)


125000359

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (islam.youtubesitegroup.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (islam.youtubesitegroup.com.).

Enabled by default

Events per second (default = 1)


125000360

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (kissecurity.firewall-gat
eway.net.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (kissecurity.firewall-gateway.net.).

Enabled by default

Events per second (default = 1)


125000361

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (kissecurity.firewall-gateway.net.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (kissecurity.firewall-gateway.net.).Enabled by defaultEvents per second (default = 1)


125000362

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (liumingzhen.myftp.org.)DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (liumingzhen.myftp.org.)Enabled by defaultEvents per second (default = 1)


125000363

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (liumingzhen.myftp.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (liumingzhen.myftp.org.).

Enabled by default

Events per second (default = 1)


125000364

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (mail.firewall-gateway.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (mail.firewall-gateway.com.).

Enabled by default

Events per second (default = 1)


125000365

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (mail.firewall-gateway.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (mail.firewall-gateway.com.).

Enabled by default

Events per second (default = 1)


125000366

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (mareva.catherine.cloudns.us.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (mareva.catherine.cloudns.us.).Enabled by defaultEvents per second (default = 1)


125000367

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (mareva.catherine.cloudns.us.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (mareva.catherine.cloudns.us.).Enabled by defaultEvents per second (default = 1)


125000368

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (mm.lenovositegroup.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (mm.lenovositegroup.com.).

Enabled by default

Events per second (default = 1)


125000369

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (mm.lenovositegroup.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (mm.lenovositegroup.com.).

Enabled by default

Events per second (default = 1)


125000370

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (muslim.islamhood.net.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (muslim.islamhood.net.).Enabled by defaultEvents per second (default = 1)

125000371

System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (muslim.islamhood.net.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (muslim.islamhood.net.).Enabled by defaultEvents per second (default = 1)

125000372

System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (news.firewallgateway.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (news.firewall-gateway.com.).Enabled by defaultEvents per second (default = 1)
125000373System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (news.firewall-gateway.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (news.firewall-gateway.com.).Enabled by defaultEvents per second (default = 1)
125000374SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (opero.spdns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (opero.spdns.org.).Enabled by defaultEvents per second (default = 1)
125000375SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (opero.spdns.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (opero.spdns.org.).Enabled by defaultEvents per second (default = 1)
125000376System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (otcgk.border.cloudns.pw.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (otcgk.border.cloudns.pw.).Enabled by defaultEvents per second (default = 1)
125000377System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (otcgk.border.cloudns.pw.)

This rule drops TROJAN ScarletMimic DNS Lookup using TCP (otcgk.border.cloudns.pw.).Enabled by defaultEvents per second (default = 1)
125000378SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (p.klark.cloudns.in.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (p.klark.cloudns.in.).Enabled by defaultEvents per second (default = 1)
125000379SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (p.klark.cloudns.in.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (p.klark.cloudns.in.).Enabled by defaultEvents per second (default = 1)
125000380SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (ppcc.vasilevich.cloudns.info.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (ppcc.vasilevich.cloudns.info.).Enabled by defaultEvents per second (default = 1)
125000381SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (ppcc.vasilevich.cloudns.info.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (ppcc.vasilevich.cloudns.info.).Enabled by defaultEvents per second (default = 1)
125000382System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (press.ufoneconference.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (press.ufoneconference.com.)Enabled by defaultEvents per second (default = 1)
125000383System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (press.ufoneconference.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (press.ufoneconference.com.)Enabled by defaultEvents per second (default = 1)
125000384SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (qq.yourturbe.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (qq.yourturbe.org.).Enabled by defaultEvents per second (default = 1)
125000385SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (qq.yourturbe.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (qq.yourturbe.org.).Enabled by defaultEvents per second (default = 1)
125000386System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (sys.firewall-gateway.net.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (sys.firewall-gateway.net.).Enabled by defaultEvents per second (default = 1)
125000387System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (sys.firewall-gateway.net.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (sys.firewall-gateway.net.).Enabled by defaultEvents per second (default = 1)
125000388SystemDROP UDP TROJAN Scarlet Mimic DNS UDPLookup (vip.yahoo.cloudns.info.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (vip.yahoo.cloudns.info.).Enabled by defaultEvents per second (default = 1)
125000389SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (vip.yahoo.cloudns.info.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (vip.yahoo.cloudns.info.).Enabled by defaultEvents per second (default = 1)
125000390SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (webmail.yourturbe.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (webmail.yourturbe.org.).Enabled by defaultEvents per second (default = 1)
125000391SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (webmail.yourturbe.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (webmail.yourturbe.org.).Enabled by defaultEvents per second (default = 1)
125000392SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (www.37513.cn.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (www.37513.cn.).Enabled by defaultEvents per second (default = 1)
125000393SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (www.37513.cn.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (www.37513.cn.).Enabled by defaultEvents per second (default = 1)
125000394System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (www.angleegg.xxxy.info.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (www.angleegg.xxxy.info.).Enabled by defaultEvents per second (default = 1)
125000395System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (www.angleegg.xxxy.info.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (www.angleegg.xxxy.info.).Enabled by defaultEvents per second (default = 1)
125000396SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (www.googmail.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (www.googmail.org.).Enabled by defaultEvents per second (default = 1)
125000397SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (www.googmail.org.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (www.googmail.org.).Enabled by defaultEvents per second (default = 1)
125000398System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (www.gorlan.cloudns.pro.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (www.gorlan.cloudns.pro.).

Enabled by defaultEvents per second (default = 1)
125000399System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (www.gorlan.cloudns.pro.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (www.gorlan.cloudns.pro.).

Enabled by defaultEvents per second (default = 1)
125000400SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (www.uyghur.25u.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (www.uyghur.25u.com.).Enabled by defaultEvents per second (default = 1)
125000401SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (www.uyghur.25u.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (www.uyghur.25u.com.).Enabled by defaultEvents per second (default = 1)
125000402System

DROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (www.uyghuri.mrface.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP www.uyghuri.mrface.com.).Enabled by defaultEvents per second (default = 1)
125000403System

DROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (www.uyghuri.mrface.com.)

This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP www.uyghuri.mrface.com.).Enabled by defaultEvents per second (default = 1)
125000404SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (youturbe.co.cc.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (youturbe.co.cc.).Enabled by defaultEvents per second (default = 1)
125000405SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (youturbe.co.cc.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (youturbe.co.cc.).Enabled by defaultEvents per second (default = 1)
125000406SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (yycc.mrbonus.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (yycc.mrbonus.com.).Enabled by defaultEvents per second (default = 1)
125000407SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (yycc.mrbonus.com.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (yycc.mrbonus.com.).Enabled by defaultEvents per second (default = 1)
125000408SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (zjhao.dtdns.net.)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (zjhao.dtdns.net.).Enabled by defaultEvents per second (default = 1)
125000409SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (zjhao.dtdns.net.)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (zjhao.dtdns.net.).Enabled by defaultEvents per second (default = 1)
125000410System

DROP UDP TROJAN MSIL/Spy.Banker.DJ.onion Proxy Domain (b3pepirxq7l2aybj)

This rule drops TROJAN MSIL/Spy.Banker.DJ .onion Proxy Domain Lookup using UDP (b3pepirxq7l2aybj).

Enabled by defaultEvents per second (default = 1)
125000411System

DROP TCP TROJAN MSIL/Spy.Banker.DJ.onion Proxy Domain (b3pepirxq7l2aybj)

This rule drops TROJAN MSIL/Spy.Banker.DJ .onion Proxy Domain Lookup using TCP (b3pepirxq7l2aybj).

Enabled by defaultEvents per second (default = 1)
125000412System

DROP UDP TROJAN Fakben .onion Proxy Domain (24fkxhnr3cdtvwmy)

This rule drops TROJAN Fakben. onion Proxy Domain Lookup using UDP (24fkxhnr3cdtvwmy).

Enabled by defaultEvents per second (default = 1)
125000413System

DROP TCP TROJAN Fakben .onion Proxy Domain (24fkxhnr3cdtvwmy)

This rule drops TROJAN Fakben. onion Proxy Domain Lookup using TCP (24fkxhnr3cdtvwmy).

Enabled by defaultEvents per second (default = 1)
125000414System

DROP UDP TROJAN Ransomware Raas/Sarento.onion Proxy Domain (ghscjen32hejrbjy)

This rule drops TROJAN Ransomware Raas/Sarento. onion Proxy Domain Lookup using UDP (ghscjen32hejrbjy).

Enabled by defaultEvents per second (default = 1)
125000415SystemDROP TCP TROJAN Ransomware
Raas/Sarento.onion Proxy Domain
(ghscjen32hejrbjy)		This rule drops TROJAN Ransomware Raas/Sarento
.onion Proxy Domain Lookup using TCP (ghscjen32hejrbjy).		Enabled by defaultEvents per second (default = 1)
125000416SystemDROP UDP TROJAN TeslaCrypt/AlphaCrypt
Variant .onion Payment Domain (yez2o5lwqkmlv5lc)		This rule drops TROJAN TeslaCrypt/AlphaCrypt Variant.onion Payment Domain Lookup using UDP (yez2o5lwqkmlv5lc).Enabled by defaultEvents per second (default = 1)
125000417SystemDROP TCP TROJAN TeslaCrypt/AlphaCrypt
Variant .onion Payment Domain
(yez2o5lwqkmlv5lc)		This rule drops TROJAN TeslaCrypt/AlphaCrypt Variant.onion Payment Domain Lookup using TCP
(yez2o5lwqkmlv5lc).		Enabled by defaultEvents per second (default = 1)
125000418SystemDROP UDP POLICY DNS Query to.onion proxy Domain (billingdetros.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (billingdetros.com).Enabled by defaultEvents per second (default = 1)
125000419SystemDROP TCP POLICY DNS Query to.onion proxy Domain (billingdetros.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (billingdetros.com).Enabled by defaultEvents per second (default = 1)
125000420SystemDROP UDP POLICY DNS Query to.onion proxy Domain (fileinvestpaytor.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (fileinvestpaytor.com).Enabled by defaultEvents per second (default = 1)
125000421SystemDROP TCP POLICY DNS Query to.onion proxy Domain (fileinvestpaytor.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (fileinvestpaytor.com).Enabled by defaultEvents per second (default = 1)
125000422SystemDROP UDP POLICY DNS Query to.onion proxy Domain (worldoptionstopaytor.com)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (worldoptionstopaytor.com).Enabled by defaultEvents per second (default = 1)
125000423SystemDROP TCP POLICY DNS Query to.onion proxy Domain (worldoptionstopaytor.com)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (worldoptionstopaytor.com).Enabled by defaultEvents per second (default = 1)
125000424SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (temp.injection.me.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (temp.injection.me.).Enabled by defaultEvents per second (default = 1)
125000425SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (temp.injection.me.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (temp.injection.me.).Enabled by defaultEvents per second (default = 1)
125000426SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (7dkj.injection.me.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (7dkj.injection.me.).Enabled by defaultEvents per second (default = 1)
125000427SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (7dkj.injection.me.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (7dkj.injection.me.).Enabled by defaultEvents per second (default = 1)
125000428SystemDROP UDP POLICY DNS Query to.onion proxy Domain (toragent.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (toragent.ch).Enabled by defaultEvents per second (default = 1)
125000429SystemDROP TCP POLICY DNS Query to.onion proxy Domain (toragent.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (toragent.ch).Enabled by defaultEvents per second (default = 1)
125000430SystemDROP UDP POLICY DNS Query to.onion proxy Domain (torgateway.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (torgateway.ch).Enabled by defaultEvents per second (default = 1)
125000431SystemDROP TCP POLICY DNS Query to.onion proxy Domain (torgateway.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (torgateway.ch).Enabled by defaultEvents per second (default = 1)
125000432SystemDROP UDP POLICY DNS Query to.onion proxy Domain (privacytoday.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (privacytoday.ch).Enabled by defaultEvents per second (default = 1)
125000433SystemDROP TCP POLICY DNS Query to.onion proxy Domain (privacytoday.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (privacytoday.ch).Enabled by defaultEvents per second (default = 1)
125000434SystemDROP UDP POLICY DNS Query to.onion proxy Domain (torconnection.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (torconnection.ch).Enabled by defaultEvents per second (default = 1)
125000435SystemDROP TCP POLICY DNS Query to.onion proxy Domain (torconnection.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (torconnection.ch).Enabled by defaultEvents per second (default = 1)
125000436SystemDROP UDP POLICY DNS Query to.onion proxy Domain (torwebsites.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (torwebsites.ch).Enabled by defaultEvents per second (default = 1)
125000437SystemDROP TCP POLICY DNS Query to.onion proxy Domain (torwebsites.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (torwebsites.ch).Enabled by defaultEvents per second (default = 1)
125000438SystemDROP UDP POLICY DNS Query to.onion proxy Domain (tordevice.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (tordevice.ch).Enabled by defaultEvents per second (default = 1)
125000439SystemDROP TCP POLICY DNS Query to.onion proxy Domain (tordevice.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (tordevice.ch).Enabled by defaultEvents per second (default = 1)
125000440SystemDROP UDP POLICY DNS Query to.onion proxy Domain (ip2tor.be)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (ip2tor.be).Enabled by defaultEvents per second (default = 1)
125000441SystemDROP TCP POLICY DNS Query to.onion proxy Domain (ip2tor.be)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (ip2tor.be).Enabled by defaultEvents per second (default = 1)
125000442SystemDROP UDP POLICY DNS Query to.onion proxy Domain (torfilter.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (torfilter.ch).Enabled by defaultEvents per second (default = 1)
125000443SystemDROP TCP POLICY DNS Query to.onion proxy Domain (torfilter.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (torfilter.ch).Enabled by defaultEvents per second (default = 1)
125000444SystemDROP UDP POLICY DNS Query to.onion proxy Domain (torway.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (torway.ch).Enabled by defaultEvents per second (default = 1)
125000445SystemDROP TCP POLICY DNS Query to.onion proxy Domain (torway.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (torway.ch).Enabled by defaultEvents per second (default = 1)
125000446SystemDROP UDP POLICY DNS Query to.onion proxy Domain (torapplication.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (torapplication.ch).Enabled by defaultEvents per second (default = 1)
125000447SystemDROP TCP POLICY DNS Query to.onion proxy Domain (torapplication.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (torapplication.ch).Enabled by defaultEvents per second (default = 1)
125000448SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (cochine.homeip.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (cochine.homeip.net.).Enabled by defaultEvents per second (default = 1)
125000449SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (cochine.homeip.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (cochine.homeip.net.).Enabled by defaultEvents per second (default = 1)
125000450SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (cochine.blogdns.org.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (cochine.blogdns.org.).Enabled by defaultEvents per second (default = 1)
125000451SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (cochine.blogdns.org.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (cochine.blogdns.org.).Enabled by defaultEvents per second (default = 1)
125000452SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (greegate.3322.org.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (greegate.3322.org.).Enabled by defaultEvents per second (default = 1)
125000453SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (greegate.3322.org.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (greegate.3322.org.).Enabled by defaultEvents per second (default = 1)
125000454System

DROP UDP TROJAN TeslaCrypt/AlphaCrypt Payment DNS UDP Lookup (javajvlsworf3574)

This rule drops TROJAN TeslaCrypt/AlphaCrypt Payment DNS Lookup using UDP (javajvlsworf3574).

Enabled by defaultEvents per second (default = 1)
125000455System

DROP TCP TROJAN TeslaCrypt/AlphaCrypt Payment DNS TCP Lookup (javajvlsworf3574)

This rule drops TROJAN TeslaCrypt/AlphaCrypt Payment DNS Lookup using TCP (javajvlsworf3574).

Enabled by defaultEvents per second (default = 1)
125000456SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (ashex.eicp.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (ashex.eicp.net.).Enabled by defaultEvents per second (default = 1)
125000457SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (ashex.eicp.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (ashex.eicp.net.).Enabled by defaultEvents per second (default = 1)
125000458System

DROP UDP MOBILE_MALWARE Android/Fakeinst.KD. onion Proxy Domain (pc35hiptpcwqezgs)

This rule drops MOBILE_MALWARE Android/Fakeinst.KD .onion Proxy Domain Lookup using UDP (pc35hiptpcwqezgs).

Enabled by defaultEvents per second (default = 1)
125000459System

DROP TCP MOBILE_MALWARE Android/Fakeinst.KD .onion Proxy Domain (pc35hiptpcwqezgs)

This rule drops MOBILE_MALWARE Android/Fakeinst.KD .onion Proxy Domain Lookup using TCP (pc35hiptpcwqezgs).

Enabled by defaultEvents per second (default = 1)
125000460SystemDROP UDP POLICY DNS Query to.onion proxy Domain (torsatellite.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (torsatellite.ch).Enabled by defaultEvents per second (default = 1)
125000461SystemDROP TCP POLICY DNS Query to.onion proxy Domain (torsatellite.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (torsatellite.ch).Enabled by defaultEvents per second (default = 1)
125000462SystemDROP UDP POLICY DNS Query to.onion proxy Domain (toradapter.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (toradapter.ch).Enabled by defaultEvents per second (default = 1)
125000463SystemDROP TCP POLICY DNS Query to.onion proxy Domain (toradapter.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (toradapter.ch).Enabled by defaultEvents per second (default = 1)
125000464SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (vietapps.vietimes.org.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (vietapps.vietimes.org.).Enabled by defaultEvents per second (default = 1)
125000465SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (vietapps.vietimes.org.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (vietapps.vietimes.org.).Enabled by defaultEvents per second (default = 1)
125000466SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (lqmt.vnnexpress.org.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (lqmt.vnnexpress.org.).Enabled by defaultEvents per second (default = 1)
125000467SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (lqmt.vnnexpress.org.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (lqmt.vnnexpress.org.).Enabled by defaultEvents per second (default = 1)
125000468SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (www.notebookhk.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (www.notebookhk.net.).Enabled by defaultEvents per second (default = 1)
125000469SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (www.notebookhk.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (www.notebookhk.net.).Enabled by defaultEvents per second (default = 1)
125000470SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (micky.dynamicdns.org.uk.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (micky.dynamicdns.org.uk.).Enabled by defaultEvents per second (default = 1)
125000471SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (micky.dynamicdns.org.uk.)This rule drops TROJANPossible PlugX DNS Lookup using TCP (micky.dynamicdns.org.uk.).Enabled by defaultEvents per second (default = 1)
125000472SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (freepak.linkpc.net.)This rule drops TROJAN Possible PlugX DNS Lookup
using UDP (freepak.linkpc.net.).		Enabled by defaultEvents per second (default = 1)
125000473SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup
(freepak.linkpc.net.)		This rule drops TROJAN Possible PlugX DNS Lookup using TCP (freepak.linkpc.net.).Enabled by defaultEvents per second (default = 1)
125000474SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (img.microtoo.info.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (img.microtoo.info.).Enabled by defaultEvents per second (default = 1)
125000475SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (img.microtoo.info.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (img.microtoo.info.).Enabled by defaultEvents per second (default = 1)
125000476SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (shine.p0tat0ve.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (shine.p0tat0ve.com.).Enabled by defaultEvents per second (default = 1)
125000477SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (shine.p0tat0ve.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (shine.p0tat0ve.com.).Enabled by defaultEvents per second (default = 1)
125000478SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (capser.zues.info.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (capser.zues.info.).Enabled by defaultEvents per second (default = 1)
125000479SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (capser.zues.info.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (capser.zues.info.).Enabled by defaultEvents per second (default = 1)
125000480SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (bacguarp.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (bacguarp.com.).Enabled by defaultEvents per second (default = 1)
125000481SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (bacguarp.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (bacguarp.com.).Enabled by defaultEvents per second (default = 1)
125000482SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (bitree.fartit.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (bitree.fartit.com.).Enabled by defaultEvents per second (default = 1)
125000483SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (bitree.fartit.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (bitree.fartit.com.).Enabled by defaultEvents per second (default = 1)
125000484SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (www.erophorlc.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (www.erophorlc.com.).Enabled by defaultEvents per second (default = 1)
125000485SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (www.erophorlc.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (www.erophorlc.com.).Enabled by defaultEvents per second (default = 1)
125000486SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (afghanistancownews.
myvnc.com.)		This rule drops TROJAN Possible PlugX DNS Lookup using UDP (afghanistancownews.myvnc.
com.).		Enabled by defaultEvents per second (default = 1)
125000487SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (afghanistancownews.
myvnc.com.)		This rule drops TROJAN Possible PlugX DNS Lookup using TCP (afghanistancownews.myvnc.
com.).		Enabled by defaultEvents per second (default = 1)
125000488SystemDROP UDP TROJANPossible PlugX DNS
UDP Lookup (krdomain.sytes.net.)		This rule drops TROJAN Possible PlugX DNS Lookup using UDPn(krdomain.sytes.net.).Enabled by defaultEvents per second (default = 1)
125000489SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (krdomain.sytes.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (krdomain.sytes.net.).Enabled by defaultEvents per second (default = 1)
125000490SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (krrouji.xicp.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (krrouji.xicp.net.).Enabled by defaultEvents per second (default = 1)
125000491SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (krrouji.xicp.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (krrouji.xicp.net.).Enabled by defaultEvents per second (default = 1)
125000492SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (localsite.kernet.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (localsite.kernet.net.).Enabled by defaultEvents per second (default = 1)
125000493SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (localsite.kernet.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (localsite.kernet.net.).Enabled by defaultEvents per second (default = 1)
125000494SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (register.freesharecenter.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP
(register.freesharecenter.com.).		Enabled by defaultEvents per second (default = 1)
125000495SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (register.freesharecenter.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (register.freesharecenter.com.).Enabled by defaultEvents per second (default = 1)
125000496SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (vpn.immnuogen.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (vpn.immnuogen.com.).Enabled by defaultEvents per second (default = 1)
125000497SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (vpn.immnuogen.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (vpn.immnuogen.com.).Enabled by defaultEvents per second (default = 1)
125000498SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (lh.mykorean.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (lh.mykorean.net.).Enabled by defaultEvents per second (default = 1)
125000499SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (lh.mykorean.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (lh.mykorean.net.).Enabled by defaultEvents per second (default = 1)
125000500SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (lh.huanke8.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (lh.huanke8.net.).Enabled by defaultEvents per second (default = 1)
125000501SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (lh.huanke8.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (lh.huanke8.net.).Enabled by defaultEvents per second (default = 1)
125000502SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (lhok.newsbs.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (lhok.newsbs.net.).Enabled by defaultEvents per second (default = 1)
125000503SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (lhok.newsbs.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (lhok.newsbs.net.).Enabled by defaultEvents per second (default = 1)
125000504SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (udp.zfwxm.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (udp.zfwxm.com.).Enabled by defaultEvents per second (default = 1)
125000505SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (udp.zfwxm.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (udp.zfwxm.com.).Enabled by defaultEvents per second (default = 1)
125000506SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (kr.942m.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (kr.942m.com.).Enabled by defaultEvents per second (default = 1)
125000507SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (kr.942m.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (kr.942m.com.).Enabled by defaultEvents per second (default = 1)
125000508SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (krweb.xicp.net.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (krweb.xicp.net.).Enabled by defaultEvents per second (default = 1)
125000509SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (krweb.xicp.net.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (krweb.xicp.net.).Enabled by defaultEvents per second (default = 1)
125000510SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (imail.gotdns.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (imail.gotdns.com.).Enabled by defaultEvents per second (default = 1)
125000511SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (imail.gotdns.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (imail.gotdns.com.).Enabled by defaultEvents per second (default = 1)
125000512SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (bugatti.from-wa.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (bugatti.from-wa.com.).Enabled by defaultEvents per second (default = 1)
125000513SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (bugatti.from-wa.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (bugatti.from-wa.com.).Enabled by defaultEvents per second (default = 1)
125000514SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (mol-government.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (mol-government.com.).Enabled by defaultEvents per second (default = 1)
125000515SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (mol-government.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (mol-government.com.).Enabled by defaultEvents per second (default = 1)
125000516SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (flower-show.org.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (flower-show.org.).Enabled by defaultEvents per second (default = 1)
125000517SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (flower-show.org.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (flower-show.org.).Enabled by defaultEvents per second (default = 1)
125000518SystemDROP UDP TROJAN Possible PlugX DNS UDP Lookup (www.twititier.com.)This rule drops TROJAN Possible PlugX DNS Lookup using UDP (www.twititier.com.).Enabled by defaultEvents per second (default = 1)
125000519SystemDROP TCP TROJAN Possible PlugX DNS TCP Lookup (www.twititier.com.)This rule drops TROJAN Possible PlugX DNS Lookup using TCP (www.twititier.com.).Enabled by defaultEvents per second (default = 1)
125000520SystemDROP UDP TROJAN Possible Superman APT DNS UDP Lookup (secure2.sophosrv.com.)This rule drops TROJAN Possible Superman APT DNS Lookup using UDP (secure2.sophosrv.com.).Enabled by defaultEvents per second (default = 1)
125000521SystemDROP TCP TROJAN Possible Superman APT DNS TCP Lookup
(secure2.sophosrv.com .)		This rule drops TROJAN Possible Superman APT DNS Lookup using TCP (secure2.sophosrv.com.).Enabled by defaultEvents per second (default = 1)
125000522SystemDROP UDP TROJAN Possible
APT.HTTPBrowser DNS UDP Lookup
(ncominc.com.)		This rule drops TROJAN Possible APT.HTTPBrowser DNS Lookup using UDP (ncominc.com.).Enabled by defaultEvents per second (default = 1)
125000523SystemDROP TCP TROJAN Possible
APT.HTTPBrowser DNS TCP Lookup
(ncominc.com.)		This rule drops TROJAN Possible APT.HTTPBrowser DNS Lookup using TCP
(ncominc.com.).		Enabled by defaultEvents per second (default = 1)
125000524SystemDROP UDP TROJAN
Possible APT.HTTPBrowser DNS
UDP Lookup (korea.windowsdata.com.)		This rule drops TROJAN Possible APT.HTTPBrowser DNS Lookup using UDP
(korea.windowsdata.com.).		Enabled by defaultEvents per second (default = 1)
125000525SystemDROP TCP TROJAN Possible
APT.HTTPBrowser DNS TCP Lookup
(korea.windowsdata.com.)		This rule drops TROJAN Possible APT.HTTPBrowser DNS Lookup using TCP
(korea.windowsdata.com.).		Enabled by defaultEvents per second (default = 1)
125000526SystemDROP UDP TROJAN Possible Fowap DNS UDP Lookup (pptzhu.info.ddns.us.)This rule drops TROJAN Possible Fowap DNS Lookup using UDP (pptzhu.info.ddns.us.).Enabled by defaultEvents per second (default = 1)
125000527SystemDROP TCP TROJAN Possible Fowap DNS TCP Lookup (pptzhu.info.ddns.us.)This rule drops TROJAN Possible Fowap DNS Lookup using TCP (pptzhu.info.ddns.us.).Enabled by defaultEvents per second (default = 1)
125000528SystemDROP UDP TROJAN Win32/Agent.XRA
(Robo) DNS UDP Lookup (wallex.ho.ua.)		This rule drops TROJAN Win32/Agent.XRA (Robo) DNS Lookup using UDP (wallex.ho.ua.).Enabled by defaultEvents per second (default = 1)
125000529SystemDROP TCP TROJAN Win32/Agent.XRA
(Robo) DNS TCP Lookup (wallex.ho.ua.)		This rule drops TROJAN Win32/Agent.XRA (Robo) DNS Lookup using TCP (wallex.ho.ua.).Enabled by defaultEvents per second (default = 1)
125000530SystemDROP UDP TROJAN Win32/Agent.XRA
(Robo) DNS UDP Lookup (wallejob.in.ua.)		This rule drops TROJAN Win32/Agent.XRA (Robo) DNS Lookup using UDP (wallejob.in.ua.).Enabled by defaultEvents per second (default = 1)
125000531SystemDROP TCP TROJAN Win32/Agent.XRA
(Robo) DNS TCP Lookup (wallejob.in.ua.)		This rule drops TROJAN Win32/Agent.XRA (Robo) DNS Lookup using TCP (wallejob.in.ua.).Enabled by defaultEvents per second (default = 1)
125000532SystemDROP UDP TROJAN Win32/Agent.XRA
(Robo) DNS UDP Lookup (gils.ho.ua.)		This rule drops TROJAN Win32/Agent.XRA (Robo) DNS Lookup using UDP (gils.ho.ua.).Enabled by defaultEvents per second (default = 1)
125000533SystemDROP TCP TROJAN Win32/Agent.XRA
(Robo) DNS TCP Lookup (gils.ho.ua.)		This rule drops TROJAN Win32/Agent.XRA (Robo) DNS Lookup using TCP (gils.ho.ua.).Enabled by defaultEvents per second (default = 1)
125000534System

DROP UDP TROJAN Encryptor Raas Variant.onion Proxy Domain (idxcgov7x3dl552g)

This rule drops TROJAN Encryptor Raas Variant .onion Proxy Domain Lookup using UDP (idxcgov7x3dl552g).

Enabled by defaultEvents per second (default = 1)
125000535System

DROP TCP TROJAN Encryptor Raas Variant.onion Proxy Domain (idxcgov7x3dl552g)

This rule drops TROJAN Encryptor Raas Variant.onion Proxy Domain Lookup using TCP (idxcgov7x3dl552g).

Enabled by defaultEvents per second (default = 1)
125000536System

DROP UDP TROJAN Ransomware Locky.onion Payment Domain (6dtxgqam4crv6rr6)

This rule drops TROJAN Ransomware Locky.onion Payment Domain using UDP (6dtxgqam4crv6rr6).

Enabled by defaultEvents per second (default = 1)
125000537System

DROP TCP TROJAN Ransomware Locky.onion Payment Domain DROP TCP MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy Domain (yuwurw46taaep6ip) (6dtxgqam4crv6rr6)

This rule drops TROJAN Ransomware Locky .onion Payment Domain using TCP (6dtxgqam4crv6rr6).

Enabled by defaultEvents per second (default = 1)
125000538System

DROP UDP MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy Domain (yuwurw46taaep6ip)

This rule drops MOBILE_MALWARE Backdoor.AndroidOS.Torec.a.onion Proxy Domain Lookup using UDP (yuwurw46taaep6ip).

Enabled by defaultEvents per second (default = 1)
125000539System

DROP TCP MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy Domain (yuwurw46taaep6ip)

This rule drops MOBILE_MALWARE Backdoor.AndroidOS.Torec.a.onion Proxy Domain Lookup using TCP (yuwurw46taaep6ip).

Enabled by defaultEvents per second (default = 1)
125000540System

DROP UDP MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy Domain 2 (voooxrrw2wxnoyew)

This rule drops MOBILE_MALWARE Backdoor.AndroidOS.Torec.a.onion Proxy Domain 2 Lookup using UDP (voooxrrw2wxnoyew).

Enabled by defaultEvents per second (default = 1)
125000541System

DROP TCP MOBILE_MALWARE Backdoor.AndroidOS.Torec.a .onion Proxy Domain 2 (voooxrrw2wxnoyew)

This rule drops MOBILE_MALWARE Backdoor.AndroidOS.Torec.a.onion Proxy Domain 2 Lookup using TCP (voooxrrw2wxnoyew).

Enabled by defaultEvents per second (default = 1)
125000542System

DROP UDP TROJAN Linux/Tsunami DNS Request (updates.absentvodka.com)

This rule drops TROJAN
Linux/Tsunami DNS Request
using UDP (updates.absentvodka.com).		Enabled by defaultEvents per second (default = 1)
125000543System

DROP TCP TROJAN Linux/Tsunami DNS Request (updates.absentvodka.com)

This rule drops TROJAN
Linux/Tsunami DNS Request
using TCP (updates.absentvodka.com).		Enabled by defaultEvents per second (default = 1)
125000544SystemDROP UDP TROJAN Linux/Tsunami DNS Request (updates.mintylinux.com)This rule drops TROJAN Linux/Tsunami DNS Request using UDP (updates.mintylinux.com).Enabled by defaultEvents per second (default = 1)
125000545SystemDROP TCP TROJAN Linux/Tsunami DNS Request (updates.mintylinux.com)This rule drops TROJAN Linux/Tsunami DNS Request using TCP (updates.mintylinux.com).Enabled by defaultEvents per second (default = 1)
125000546SystemDROP UDP TROJAN Linux/Tsunami DNS Request (eggstrawdinarry.mylittl
erepo.com)

This rule drops TROJAN Linux/Tsunami DNS Request using UDP (eggstrawdinarry.mylittlerepo.com).

Enabled by defaultEvents per second (default = 1)
125000547SystemDROP TCP TROJAN Linux/Tsunami DNS Request (eggstrawdinarry.mylittl
erepo.com)

This rule drops TROJAN Linux/Tsunami DNS Request using TCP (eggstrawdinarry.mylittlerepo.com).

Enabled by defaultEvents per second (default = 1)
125000548System

DROP UDP TROJAN Linux/Tsunami DNS Request (linuxmint.kernel-org.org)

This rule drops TROJAN Linux/Tsunami DNS Request using UDP (linuxmint.kernel-org.org).Enabled by defaultEvents per second (default = 1)
125000549SystemDROP TCP TROJAN Linux/Tsunami DNS Request (linuxmint.kernel-org.org)This rule drops TROJAN Linux/Tsunami DNS Request using TCP (linuxmint.kernel-org.org).Enabled by defaultEvents per second (default = 1)
125000550SystemDROP UDP TROJAN FrameworkPOS Covert DNS CnC Initial Check In (grp)This rule drops TROJAN FrameworkPOS Covert DNS CnC Initial Check In using UDP (grp).Enabled by defaultEvents per second (default = 1)
125000551System

DROP TCP TROJAN FrameworkPOS Covert DNS CnC Initial Check In (grp)

This rule drops TROJAN FrameworkPOS Covert DNS CnC Initial Check In using TCP (grp).Enabled by defaultEvents per second (default = 1)
125000552System

DROP UDP TROJAN Ransomware Locky.onion Payment Domain (twbers4hmi6dx65f)

This rule drops TROJAN Ransomware Locky .onion Payment Domain using UDP (twbers4hmi6dx65f).

Enabled by defaultEvents per second (default = 1)
125000553System

DROP TCP TROJAN Ransomware Locky.onion Payment Domain (twbers4hmi6dx65f)

This rule drops TROJAN Ransomware Locky .onion Payment Domain using TCP (twbers4hmi6dx65f).

Enabled by defaultEvents per second (default = 1)
125000554System

DROP UDP TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (xlowfznrg4wf7dli)

This rule drops TROJAN TeslaCrypt/AlphaCrypt Variant.onion Payment Domain using UDP (xlowfznrg4wf7dli).

Enabled by defaultEvents per second (default = 1)
125000555System

DROP TCP TROJAN TeslaCrypt/AlphaCrypt Variant .onion Payment Domain (xlowfznrg4wf7dli)

This rule drops TROJAN TeslaCrypt/AlphaCrypt Variant.onion Payment Domain using TCP (xlowfznrg4wf7dli).

Enabled by defaultEvents per second (default = 1)
125000556System

DROP UDP TROJAN PadCrypt .onion Payment Domain (gnkltbsaeq35rejl)

This rule drops TROJAN PadCrypt .onion Payment Domain using UDP (gnkltbsaeq35rejl).

Enabled by defaultEvents per second (default = 1)
125000557System

DROP TCP TROJAN PadCrypt .onion Payment Domain (gnkltbsaeq35rejl)

This rule drops TROJAN PadCrypt .onion Payment Domain using TCP (gnkltbsaeq35rejl).

Enabled by defaultEvents per second (default = 1)
125000558SystemDROP UDP POLICY DNS Query to.onion proxy Domain (newhost2tor.ch)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (newhost2tor.ch).Enabled by defaultEvents per second (default = 1)
125000559SystemDROP TCP POLICY DNS Query to.onion proxy Domain (newhost2tor.ch)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (newhost2tor.ch).Enabled by defaultEvents per second (default = 1)
125000560System

DROP UDP TROJAN Cryptolocker Variant.onion Proxy Domain (u6sep2pltvemcg5r)

This rule drops TROJAN Cryptolocker Variant .onion Proxy Domain Lookup using UDP (u6sep2pltvemcg5r).

Enabled by defaultEvents per second (default = 1)
125000561System

DROP TCP TROJAN Cryptolocker Variant.onion Proxy Domain (u6sep2pltvemcg5r)

This rule drops TROJAN Cryptolocker Variant .onion Proxy Domain Lookup using TCP (u6sep2pltvemcg5r).

Enabled by defaultEvents per second (default = 1)
125000562System

DROP UDP TROJAN Qadars 2.0 Onion Domain UDP Lookup (e4vcpcfrnqh6sfz6)

This rule drops TROJAN Qadars 2.0 Onion Domain Lookup using UDP (e4vcpcfrnqh6sfz6).

Enabled by defaultEvents per second (default = 1)
125000563System

DROP TCP TROJAN Qadars 2.0 Onion Domain TCP Lookup (e4vcpcfrnqh6sfz6)

This rule drops TROJAN Qadars 2.0 Onion Domain Lookup using TCP (e4vcpcfrnqh6sfz6).

Enabled by defaultEvents per second (default = 1)
125000564SystemDROP UDP TROJAN Qadars 2.0 CnC DNS UDP Lookup (kakaja24.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using UDP (kakaja24.com).Enabled by defaultEvents per second (default = 1)
125000565SystemDROP TCP TROJAN Qadars 2.0 CnC DNS TCP Lookup (kakaja24.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using TCP (kakaja24.com).Enabled by defaultEvents per second (default = 1)
125000566SystemDROP UDP TROJAN Qadars 2.0 CnC DNS UDP Lookup (halopov.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using UDP (halopov.com).Enabled by defaultEvents per second (default = 1)
125000567SystemDROP TCP TROJAN Qadars 2.0 CnC DNS TCP Lookup (halopov.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using TCP (halopov.com).Enabled by defaultEvents per second (default = 1)
125000568SystemDROP UDP TROJAN Qadars 2.0 CnC DNS UDP Lookup (kisliy.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using UDP (kisliy.com).Enabled by defaultEvents per second (default = 1)
125000569SystemDROP TCP TROJAN Qadars 2.0 CnC DNS TCP Lookup (kisliy.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using TCP (kisliy.com).Enabled by defaultEvents per second (default = 1)
125000570SystemDROP UDP TROJAN Qadars 2.0 CnC DNS UDP Lookup (angela127.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using UDP (angela127.com).Enabled by defaultEvents per second (default = 1)
125000571SystemDROP TCP TROJAN Qadars 2.0 CnC DNS TCP Lookup (angela127.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using TCP (angela127.com).Enabled by defaultEvents per second (default = 1)
125000572SystemDROP UDP TROJAN Qadars 2.0 CnC DNS UDP Lookup (photo-a5.pw)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using UDP (photo-a5.pw).Enabled by defaultEvents per second (default = 1)
125000573SystemDROP TCP TROJAN Qadars 2.0 CnC DNS TCP Lookup (photo-a5.pw)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using TCP (photo-a5.pw).Enabled by defaultEvents per second (default = 1)
125000574SystemDROP UDP TROJAN Qadars 2.0 CnC DNS UDP Lookup (koktail24.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using UDP (koktail24.com).Enabled by defaultEvents per second (default = 1)
125000575SystemDROP TCP TROJAN Qadars 2.0 CnC DNS TCP Lookup (koktail24.com)This rule drops TROJAN Qadars 2.0 CnC DNS Lookup using TCP (koktail24.com).Enabled by defaultEvents per second (default = 1)
125000576SystemDROP UDP TROJAN Qadars 2.0 Injects DNS UDP Lookup (ssldigic3rt.com)This rule drops TROJAN Qadars 2.0 Injects DNS Lookup using UDP (ssldigic3rt.com).Enabled by defaultEvents per second (default = 1)
125000577SystemDROP TCP TROJAN Qadars 2.0 Injects DNS TCP Lookup (ssldigic3rt.com)This rule drops TROJAN Qadars 2.0 Injects DNS Lookup using TCP (ssldigic3rt.com).Enabled by defaultEvents per second (default = 1)
125000578SystemDROP UDP TROJAN Qadars 2.0 Injects DNS UDP Lookup (digidetectsys.com)This rule drops TROJAN Qadars 2.0 Injects DNS Lookup using UDP (digidetectsys.com).Enabled by defaultEvents per second (default = 1)
125000579SystemDROP TCP TROJAN Qadars 2.0 Injects DNS TCP Lookup (digidetectsys.com)This rule drops TROJAN Qadars 2.0 Injects DNS Lookup using TCP (digidetectsys.com).Enabled by defaultEvents per second (default = 1)
125000580SystemDROP UDP TROJAN Ransomware Locky.onion Payment Domain (i3ezlvkoi7fwyood)This rule drops TROJAN Ransomware Locky .onion
Payment Domain using UDP		Enabled by defaultEvents per second (default = 1)
125000581SystemDROP TCP TROJAN Ransomware Locky.onion Payment Domain
(i3ezlvkoi7fwyood)		This rule drops TROJAN Ransomware Locky .onion
Payment Domain using TCP (i3ezlvkoi7fwyood)		Enabled by defaultEvents per second (default = 1)
125000582SystemDROP UDP TROJAN Ransomware Locky.onion Payment Domain
(lpholfnvwbukqwye)		This rule drops TROJAN Ransomware Locky .onion
Payment Domain using UDP (lpholfnvwbukqwye)		Enabled by defaultEvents per second (default = 1)
125000583SystemDROP TCP TROJAN Ransomware Locky.onion Payment Domain
(lpholfnvwbukqwye)		This rule drops TROJAN Ransomware Locky .onion
Payment Domain using TCP (lpholfnvwbukqwye)		Enabled by defaultEvents per second (default = 1)
125000584SystemDROP UDP POLICY DNS Query to a (fagdns.com)This rule drops POLICY DNS Query to a using UDP
(fagdns.com)		Enabled by defaultEvents per second (default = 1)
125000585SystemDROP TCP POLICY DNS Query to a (fagdns.com)This rule drops POLICY DNS Query to a using TCP
(fagdns.com)		Enabled by defaultEvents per second (default = 1)
125000586SystemDROP UDP POLICY Incog-Neato.onion
Proxy Domain (incogugncmfkib6s)		This rule drops POLICY Incog-Neato.onion Proxy
Domain Lookup using UDP (incogugncmfkib6s)		Enabled by defaultEvents per second (default = 1)
125000587SystemDROP TCP POLICY Incog-Neato.onion
Proxy Domain (incogugncmfkib6s)		This rule drops POLICY Incog-Neato.onion Proxy
Domain Lookup using TCP (incogugncmfkib6s)		Enabled by defaultEvents per second (default = 1)
125000588SystemDROP UDP TROJAN Ransomware Troyano.onion Domain (333e45lpjqrebknr)This rule drops TROJAN Ransomware Troyano .onion Domain using UDP (333e45lpjqrebknr)Enabled by defaultEvents per second (default = 1)
125000589SystemDROP TCP TROJAN Ransomware Troyano.onion Domain (333e45lpjqrebknr)This rule drops TROJAN Ransomware Troyano.onion Domain using TCP (333e45lpjqrebknr)Enabled by defaultEvents per second (default = 1)
125000590SystemDROP UDP TROJAN Ransomware/Poshcoder Onion Domain UDP Lookup (v2aahgcan6ed564p)This rule drops TROJAN Ransomware/Poshcoder
Onion Domain Lookup using UDP (v2aahgcan6ed564p)		Enabled by defaultEvents per second (default = 1)
125000591SystemDROP TCP TROJAN Ransomware/Poshcoder Onion Domain TCP Lookup (v2aahgcan6ed564p)This rule drops TROJAN Ransomware/Poshcoder
Onion Domain Lookup using TCP (v2aahgcan6ed564p)		Enabled by defaultEvents per second (default = 1)
125000592SystemDROP UDP TROJAN OSX/KeRanger
Ransomware CnC DNS Request
(lclebb6kvohlkcml)		This rule drops TROJAN OSX/KeRanger Ransomware CnC DNS Request using UDP
(lclebb6kvohlkcml)		Enabled by defaultEvents per second (default = 1)
125000593SystemDROP TCP TROJAN OSX/KeRanger
Ransomware CnC DNS Request
(lclebb6kvohlkcml)		This rule drops TROJAN OSX/KeRanger Ransomware CnC DNS Request using TCP
(lclebb6kvohlkcml)		Enabled by defaultEvents per second (default = 1)
125000594SystemDROP UDP TROJAN OSX/KeRanger
Ransomware CnC DNS Request
(bmacyzmea723xyaz)		This rule drops TROJAN OSX/KeRanger Ransomware CnC DNS Request using UDP
(bmacyzmea723xyaz)		Enabled by defaultEvents per second (default = 1)
125000595SystemDROP TCP TROJAN OSX/KeRanger
Ransomware CnC DNS Request
(bmacyzmea723xyaz)		This rule drops TROJAN OSX/KeRanger Ransomware CnC DNS Request using TCP
(bmacyzmea723xyaz)		Enabled by defaultEvents per second (default = 1)
125000596SystemDROP UDP TROJAN OSX/KeRanger
Ransomware CnC DNS Request
(nejdtkok7oz5kjoc)		This rule drops TROJAN OSX/KeRanger Ransomware CnC DNS Request using UDP
(nejdtkok7oz5kjoc)		Enabled by defaultEvents per second (default = 1)
125000597SystemDROP TCP TROJAN OSX/KeRanger
Ransomware CnC DNS Request
(nejdtkok7oz5kjoc)		This rule drops TROJAN OSX/KeRanger Ransomware CnC DNS Request using TCP
(nejdtkok7oz5kjoc)		Enabled by defaultEvents per second (default = 1)
125000598SystemDROP UDP TROJAN OSX/KeRanger
Ransomware CnC DNS Request
(fiwf4kwysm4dpw5l)		This rule drops TROJAN OSX/KeRanger Ransomware CnC DNS Request using UDP
(fiwf4kwysm4dpw5l)		Enabled by defaultEvents per second (default = 1)
125000599SystemDROP TCP TROJAN OSX/KeRanger
Ransomware CnC DNS Request
(fiwf4kwysm4dpw5l)		This rule drops TROJAN OSX/KeRanger Ransomware CnC DNS Request using TCP
(fiwf4kwysm4dpw5l)		Enabled by defaultEvents per second (default = 1)
125000600SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (tally.myfirewall.org)This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (tally.myfirewall.org)Enabled by defaultEvents per second (default = 1)
125000601SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (tally.myfirewall.org)This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (tally.myfirewall.org)Enabled by defaultEvents per second (default = 1)
125000602SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (accountgoogle.firewall
-gateway.com)		This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (accountgoogle.firewall-gateway.com)Enabled by defaultEvents per second (default = 1)
125000603SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (accountgoogle.firewall
-gateway.com)		This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (accountgoogle.firewall-gateway.com)Enabled by defaultEvents per second (default = 1)
125000604SystemDROP UDP TROJAN Scarlet Mimic DNS UDP Lookup (filegoogle.firewall-gate
way.com)		This rule drops TROJAN Scarlet Mimic DNS Lookup using UDP (filegoogle.firewall-gateway.com)Enabled by defaultEvents per second (default = 1)
125000605SystemDROP TCP TROJAN Scarlet Mimic DNS TCP Lookup (filegoogle.firewall-gate
way.com)		This rule drops TROJAN Scarlet Mimic DNS Lookup using TCP (filegoogle.firewall-gateway.com)Enabled by defaultEvents per second (default = 1)
125000606SystemDROP UDP POLICY DNS Query to.onion proxy Domain (0npzm6.top)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (0npzm6.top)Enabled by defaultEvents per second (default = 1)
125000607SystemDROP TCP POLICY DNS Query to.onion proxy Domain (0npzm6.top)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (0npzm6.top)Enabled by defaultEvents per second (default = 1)
125000608SystemDROP UDP POLICY DNS Query to.onion proxy Domain (0vgu64.top)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (0vgu64.top)Enabled by defaultEvents per second (default = 1)
125000609SystemDROP TCP POLICY DNS Query to.onion proxy Domain (0vgu64.top)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (0vgu64.top)Enabled by defaultEvents per second (default = 1)
125000610SystemDROP UDP POLICY DNS Query to.onion proxy Domain (143h2a.top)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (143h2a.top)Enabled by defaultEvents per second (default = 1)
125000611SystemDROP TCP POLICY DNS Query to.onion proxy Domain (143h2a.top)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (143h2a.top)Enabled by defaultEvents per second (default = 1)
125000612SystemDROP UDP POLICY DNS Query to.onion proxy Domain (1bipa9.top)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (1bipa9.top)Enabled by defaultEvents per second (default = 1)
125000613SystemDROP TCP POLICY DNS Query to.onion proxy Domain (1bipa9.top)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (1bipa9.top)Enabled by defaultEvents per second (default = 1)
125000614SystemDROP UDP POLICY DNS Query to.onion proxy Domain (1de02r.top)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (1de02r.top)Enabled by defaultEvents per second (default = 1)
125000615SystemDROP TCP POLICY DNSQuery to.onion proxy Domain (1de02r.top)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (1de02r.top)Enabled by defaultEvents per second (default = 1)
125000616SystemDROP UDP POLICY DNS Query to.onion proxy Domain (1o49wi.top)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (1o49wi.top)Enabled by defaultEvents per second (default = 1)
125000617SystemDROP TCP POLICY DNS Query to.onion proxy Domain (1o49wi.top)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (1o49wi.top)Enabled by defaultEvents per second (default = 1)
125000618SystemDROP UDP POLICY DNS Query to.onion proxy Domain (2agglf.top)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (2agglf.top)Enabled by defaultEvents per second (default = 1)
125000619System

DROP TCP POLICY DNSQuery to.onion proxy Domain (2agglf.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (2agglf.top)

Enabled by defaultEvents per second (default = 1)
125000620System

DROP UDP POLICY DNS Query to.onion proxy Domain (308an1.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (308an1.top)

Enabled by defaultEvents per second (default = 1)
125000621System

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (308an1.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (308an1.top)

Enabled by defaultEvents per second (default = 1)
125000622System

DROP UDP POLICY DNS Query to.onion proxy Domain (36xxk1.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (36xxk1.top)

Enabled by defaultEvents per second (default = 1)
125000623System

DROP TCP POLICY DNS Query to.onion proxy Domain (36xxk1.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (36xxk1.top)

Enabled by defaultEvents per second (default = 1)
125000624System

DROP UDP POLICY DNS Query to.onion proxy Domain (3di24a.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (3di24a.top)

Enabled by defaultEvents per second (default = 1)
125000625System

DROP TCP POLICY DNS Query to.onion proxy Domain (3di24a.top)

 This rule drops POLICY DNS Query to.onion proxy Domain using TCP (3di24a.top)

Enabled by defaultEvents per second (default = 1)
125000626System

DROP UDP POLICY DNS Query to.onion proxy Domain (3odvfb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (3odvfb.top)

Enabled by defaultEvents per second (default = 1)
125000627System

DROP TCP POLICY DNS Query to.onion proxy Domain (3odvfb.top

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (3odvfb.top)

Enabled by defaultEvents per second (default = 1)
125000628System

DROP UDP POLICY DNS Query to.onion proxy Domain (43wjor.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (43wjor.top)

Enabled by defaultEvents per second (default = 1)
125000629System

DROP TCP POLICY DNS Query to.onion proxy Domain (43wjor.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (43wjor.top)

Enabled by defaultEvents per second (default = 1)
125000630System

DROP UDP POLICY DNS Query to.onion proxy Domain (4ynpjd.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (4ynpjd.top)

Enabled by defaultEvents per second (default = 1)
125000631System

DROP TCP POLICY DNS Query to.onion proxy Domain (4ynpjd.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (4ynpjd.top)

Enabled by defaultEvents per second (default = 1)
125000632System

DROP UDP POLICY DNS Query to.onion proxy Domain (62er3d.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (62er3d.top)

Enabled by defaultEvents per second (default = 1)
125000633System

DROP TCP POLICY DNS Query to.onion proxy Domain (62er3d.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (62er3d.top)

Enabled by defaultEvents per second (default = 1)
125000634System

DROP UDP POLICY DNS Query to.onion proxy Domain (67j6ht.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (67j6ht.top)

Enabled by defaultEvents per second (default = 1)
125000635System

DROP TCP POLICY DNS Query to.onion proxy Domain (67j6ht.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (67j6ht.top)

Enabled by defaultEvents per second (default = 1)
125000636System

DROP UDP POLICY DNS Query to.onion proxy Domain (6ntrb6.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (6ntrb6.top)

Enabled by defaultEvents per second (default = 1)
125000637System

DROP TCP POLICY DNS Query to.onion proxy Domain (6ntrb6.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (6ntrb6.top)

Enabled by defaultEvents per second (default = 1)
125000638System

DROP UDP POLICY DNS Query to.onion proxy Domain (7u8b59.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (7u8b59.top)

Enabled by defaultEvents per second (default = 1)
125000639System

DROP TCP POLICY DNS Query to.onion proxy Domain (7u8b59.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (7u8b59.top)

Enabled by defaultEvents per second (default = 1)
125000640System

DROP UDP POLICY DNS Query to.onion proxy Domain (a4coac.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (a4coac.top)

Enabled by defaultEvents per second (default = 1)
125000641System

DROP TCP POLICY DNS Query to.onion proxy Domain (a4coac.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (a4coac.top)

Enabled by defaultEvents per second (default = 1)
125000642System

DROP UDP POLICY DNS Query to.onion proxy Domain (ageshere.club)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (ageshere.club)

Enabled by defaultEvents per second (default = 1)
125000643System

DROP TCP POLICY DNS Query to.onion proxy Domain (ageshere.club)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (ageshere.club)

Enabled by defaultEvents per second (default = 1)
125000644System

DROP UDP POLICY DNS Query to.onion proxy Domain (anypicked.red)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (anypicked.red)

Enabled by defaultEvents per second (default = 1)
125000645System

DROP TCP POLICY DNS Query to.onion proxy Domain (anypicked.red)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (anypicked.red)

Enabled by defaultEvents per second (default = 1)
125000646System

DROP UDP POLICY DNS Query to.onion proxy Domain (apwzbe.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (apwzbe.top)

Enabled by defaultEvents per second (default = 1)
125000647System

DROP TCP POLICY DNS Query to.onion proxy Domain (apwzbe.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (apwzbe.top)

Enabled by defaultEvents per second (default = 1)
125000648System

DROP UDP POLICY DNS Query to.onion proxy Domain (ar8msb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (ar8msb.top)

Enabled by defaultEvents per second (default = 1)
125000649System

DROP TCP POLICY DNS Query to.onion proxy Domain (ar8msb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (ar8msb.top)

Enabled by defaultEvents per second (default = 1)
125000650System

DROP UDP POLICY DNS Query to.onion proxy Domain (aredark.mobi)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (aredark.mobi)

Enabled by defaultEvents per second (default = 1)
125000651System

DROP TCP POLICY DNS Query to.onion proxy Domain (aredark.mobi)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (aredark.mobi)

Enabled by defaultEvents per second (default = 1)
125000652System

DROP UDP POLICY DNS Query to.onion proxy Domain (barberryshin.casa)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (barberryshin.casa)

Enabled by defaultEvents per second (default = 1)
125000653System

DROP TCP POLICY DNS Query to.onion proxy Domain (barberryshin.casa)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (barberryshin.casa)

Enabled by defaultEvents per second (default = 1)
125000654System

DROP UDP POLICY DNS Query to.onion proxy Domain (biologyup.date)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (biologyup.date)

Enabled by defaultEvents per second (default = 1)
125000655System

DROP TCP POLICY DNS Query to.onion proxy Domain (biologyup.date)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (biologyup.date)

Enabled by defaultEvents per second (default = 1)
125000656System

DROP UDP POLICY DNS Query to.onion proxy Domain (bnctf6.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (bnctf6.top)

Enabled by defaultEvents per second (default = 1)
125000657System

DROP TCP POLICY DNS Query to.onion proxy Domain (bnctf6.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (bnctf6.top)

Enabled by defaultEvents per second (default = 1)
125000658SystemDROP UDP POLICY DNS Query to.onion proxy Domain
(bookjumps.us)		This rule drops POLICY DNS Query to.onion proxy Domain using UDP (bookjumps.us)Enabled by defaultEvents per second (default = 1)
125000659SystemDROP TCP POLICY DNS Query to.onion proxy Domain (bookjumps.us)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (bookjumps.us)Enabled by defaultEvents per second (default = 1)
125000660System

DROP UDP POLICY DNS Query to.onion proxy Domain (boxsame.kim)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (boxsame.kim)

Enabled by defaultEvents per second (default = 1)
125000661System

DROP TCP POLICY DNS Query to.onion proxy Domain (boxsame.kim)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (boxsame.kim)

Enabled by defaultEvents per second (default = 1)
125000662System

DROP UDP POLICY DNS Query to.onion proxy Domain (cgf59i.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (cgf59i.top)

Enabled by defaultEvents per second (default = 1)
125000663System

DROP TCP POLICY DNS Query to.onion proxy Domain (cgf59i.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (cgf59i.top)

Enabled by defaultEvents per second (default = 1)
125000664System

DROP UDP POLICY DNS Query to.onion proxy Domain (clockhate.loan)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (clockhate.loan)

Enabled by defaultEvents per second (default = 1)
125000665System

DROP TCP POLICY DNS Query to.onion proxy Domain (clockhate.loan)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (clockhate.loan)

Enabled by defaultEvents per second (default = 1)
125000666SystemDROP UDP POLICY DNS Query to.onion proxy Domain (costlady.pw)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (costlady.pw)Enabled by defaultEvents per second (default = 1)
125000667SystemDROP TCP POLICY DNS Query to.onion proxy Domain (costlady.pw)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (costlady.pw)Enabled by defaultEvents per second (default = 1)
125000668System

DROP UDP POLICY DNS Query to.onion proxy Domain (crispkey.mobi)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (crispkey.mobi)

Enabled by defaultEvents per second (default = 1)
125000669System

DROP TCP POLICY DNS Query to.onion proxy Domain (crispkey.mobi)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (crispkey.mobi)

Enabled by defaultEvents per second (default = 1)
125000670System

DROP UDP POLICY DNS Query to.onion proxy Domain (csj0k5.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (csj0k5.top)

Enabled by defaultEvents per second (default = 1)
125000671System

DROP TCP POLICY DNS Query to.onion proxy Domain (csj0k5.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (csj0k5.top)

Enabled by defaultEvents per second (default = 1)
125000672System

DROP UDP POLICY DNS Query to.onion proxy Domain (daigy0.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (daigy0.top)

Enabled by defaultEvents per second (default = 1)
125000673System

DROP TCP POLICY DNS Query to.onion proxy Domain (daigy0.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (daigy0.top)

Enabled by defaultEvents per second (default = 1)
125000674System

DROP UDP POLICY DNS Query to.onion proxy Domain (dd4xo3.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (dd4xo3.top)

Enabled by defaultEvents per second (default = 1)
125000675System

DROP TCP POLICY DNS Query to.onion proxy Domain (dd4xo3.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (dd4xo3.top)

Enabled by defaultEvents per second (default = 1)
125000676System

DROP UDP POLICY DNS Query to.onion proxy Domain (dkrie7.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (dkrie7.top)

Enabled by defaultEvents per second (default = 1)
125000677System

DROP TCP POLICY DNS Query to.onion proxy Domain (dkrie7.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (dkrie7.top)

Enabled by defaultEvents per second (default = 1)
125000678System

DROP UDP POLICY DNS Query to.onion proxy Domain (dkro3u.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (dkro3u.top)

Enabled by defaultEvents per second (default = 1)
125000679System

DROP TCP POLICY DNS Query to.onion proxy Domain (dkro3u.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (dkro3u.top)

Enabled by defaultEvents per second (default = 1)
125000680System

DROP UDP POLICY DNS Query to.onion proxy Domain (doggain.mobi)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (doggain.mobi)

Enabled by defaultEvents per second (default = 1)
125000681System

DROP TCP POLICY DNS Query to.onion proxy Domain (doggain.mobi)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (doggain.mobi)

Enabled by defaultEvents per second (default = 1)
125000682System

DROP UDP POLICY DNS Query to.onion proxy Domain (dozensby.loan)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (dozensby.loan)

Enabled by defaultEvents per second (default = 1)
125000683System

DROP TCP POLICY DNS Query to.onion proxy Domain (dozensby.loan)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (dozensby.loan)

Enabled by defaultEvents per second (default = 1)
125000684System

DROP UDP POLICY DNS Query to.onion proxy Domain (eatsdeal.black)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (eatsdeal.black)

Enabled by defaultEvents per second (default = 1)
125000685System

DROP TCP POLICY DNS Query to.onion proxy Domain (eatsdeal.black)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (eatsdeal.black)

Enabled by defaultEvents per second (default = 1)
125000686System

DROP UDP POLICY DNS Query to.onion proxy Domain (fewbreaks.club)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (fewbreaks.club)

Enabled by defaultEvents per second (default = 1)
125000687System

DROP TCP POLICY DNS Query to.onion proxy Domain (fewbreaks.club)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (fewbreaks.club)

Enabled by defaultEvents per second (default = 1)
125000688System

DROP UDP POLICY DNS Query to.onion proxy Domain (fishtotal.bid)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (fishtotal.bid)

Enabled by defaultEvents per second (default = 1)
125000689System

DROP TCP POLICY DNS Query to.onion proxy Domain (fishtotal.bid)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (fishtotal.bid)

Enabled by defaultEvents per second (default = 1)
125000690System

DROP UDP POLICY DNS Query to.onion proxy Domain (flewleast.link)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (flewleast.link)

Enabled by defaultEvents per second (default = 1)
125000691System

DROP TCP POLICY DNS Query to.onion proxy Domain (flewleast.link)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (flewleast.link)

Enabled by defaultEvents per second (default = 1)
125000692System

DROP UDP POLICY DNS Query to.onion proxy Domain (flyingsix.red)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (flyingsix.red)

Enabled by defaultEvents per second (default = 1)
125000693System

DROP TCP POLICY DNS Query to.onion proxy Domain (flyingsix.red)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (flyingsix.red)

Enabled by defaultEvents per second (default = 1)
125000694System

DROP UDP POLICY DNS Query to.onion proxy Domain (folkturns.date)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (folkturns.date)

Enabled by defaultEvents per second (default = 1)
125000695System

DROP TCP POLICY DNS Query to.onion proxy Domain (folkturns.date)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (folkturns.date)

Enabled by defaultEvents per second (default = 1)
125000696System

DROP UDP POLICY DNS Query to.onion proxy Domain (g9tneb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (g9tneb.top)

Enabled by defaultEvents per second (default = 1)
125000697System

DROP TCP POLICY DNS Query to.onion proxy Domain (g9tneb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (g9tneb.top)

Enabled by defaultEvents per second (default = 1)
125000698System

DROP UDP POLICY DNS Query to.onion proxy Domain (gameswarm.loan)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (gameswarm.loan)

Enabled by defaultEvents per second (default = 1)
125000699System

DROP TCP POLICY DNS Query to.onion proxy Domain (gameswarm.loan)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (gameswarm.loan)

Enabled by defaultEvents per second (default = 1)
125000700System

DROP UDP POLICY DNS Query to.onion proxy Domain (gc4n2c.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (gc4n2c.top)

Enabled by defaultEvents per second (default = 1)
125000701System

DROP TCP POLICY DNS Query to.onion proxy Domain (gc4n2c.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (gc4n2c.top)

Enabled by defaultEvents per second (default = 1)
125000702System

DROP UDP POLICY DNS Query to.onion proxy Domain (gnee6i.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (gnee6i.top)

Enabled by defaultEvents per second (default = 1)
125000703System

DROP TCP POLICY DNS Query to.onion proxy Domain (gnee6i.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (gnee6i.top)

Enabled by defaultEvents per second (default = 1)
125000704System

DROP UDP POLICY DNS Query to.onion proxy Domain (gonesolve.lol)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (gonesolve.lol)

Enabled by defaultEvents per second (default = 1)
125000705System

DROP TCP POLICY DNS Query to.onion proxy Domain (gonesolve.lol)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (gonesolve.lol)

Enabled by defaultEvents per second (default = 1)
125000706System

DROP UDP POLICY DNS Query to.onion proxy Domain (gpy3tc.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (gpy3tc.top)

Enabled by defaultEvents per second (default = 1)
125000707System

DROP TCP POLICY DNS Query to.onion proxy Domain (gpy3tc.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (gpy3tc.top)

Enabled by defaultEvents per second (default = 1)
125000708SystemDROP UDP POLICY DNS Query to.onion proxy Domain (groupline.info)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (groupline.info)Enabled by defaultEvents per second (default = 1)
125000709SystemDROP TCP POLICY DNS Query to.onion proxy Domain (groupline.info)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (groupline.info)Enabled by defaultEvents per second (default = 1)
125000710System

DROP UDP POLICY DNS Query to.onion proxy Domain (gtnfgj.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (gtnfgj.top)

Enabled by defaultEvents per second (default = 1)
125000711System

DROP TCP POLICY DNS Query to.onion proxy Domain (gtnfgj.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (gtnfgj.top)

Enabled by defaultEvents per second (default = 1)
125000712System

DROP UDP POLICY DNS Query to.onion proxy Domain (hf60kb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (hf60kb.top)

Enabled by defaultEvents per second (default = 1)
125000713System

DROP TCP POLICY DNS Query to.onion proxy Domain (hf60kb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (hf60kb.top)

Enabled by defaultEvents per second (default = 1)
125000714System

DROP UDP POLICY DNS Query to.onion proxy Domain (hw7o9w.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (hw7o9w.top)

Enabled by defaultEvents per second (default = 1)
125000715System

DROP TCP POLICY DNS Query to.onion proxy Domain (hw7o9w.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (hw7o9w.top)

Enabled by defaultEvents per second (default = 1)
125000716System

DROP UDP POLICY DNS Query to.onion proxy Domain (iixz3g.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (iixz3g.top)

Enabled by defaultEvents per second (default = 1)
125000717System

DROP TCP POLICY DNS Query to.onion proxy Domain (iixz3g.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (iixz3g.top)

Enabled by defaultEvents per second (default = 1)
125000718System

DROP UDP POLICY DNS Query to.onion proxy Domain (innerband.lol)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (innerband.lol)

Enabled by defaultEvents per second (default = 1)
125000719System

DROP TCP POLICY DNS Query to.onion proxy Domain (innerband.lol)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (innerband.lol)

Enabled by defaultEvents per second (default = 1)
125000720System

DROP UDP POLICY DNS Query to.onion proxy Domain (jn8ncm.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (jn8ncm.top)

Enabled by defaultEvents per second (default = 1)
125000721System

DROP TCP POLICY DNS Query to.onion proxy Domain (jn8ncm.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (jn8ncm.top)

Enabled by defaultEvents per second (default = 1)
125000722SystemDROP UDP POLICY DNS Query to.onion proxy Domain (jumplived.in)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (jumplived.in)Enabled by defaultEvents per second (default = 1)
125000723SystemDROP TCP POLICY DNS Query to.onion proxy Domain (jumplived.in)This rule drops POLICY DNS Query to.onion proxy Domain using TCP (jumplived.in)Enabled by defaultEvents per second (default = 1)
125000724System

DROP UDP POLICY DNS Query to.onion proxy Domain (k9z7pm.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (k9z7pm.top)

Enabled by defaultEvents per second (default = 1)
125000725System

DROP TCP POLICY DNS Query to.onion proxy Domain (k9z7pm.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (k9z7pm.top)

Enabled by defaultEvents per second (default = 1)
125000726SystemDROP UDP POLICY DNS Query to.onion proxy Domain (knowhands.us)This rule drops POLICY DNS Query to.onion proxy Domain using UDP (knowhands.us)Enabled by defaultEvents per second (default = 1)
125000727System

DROP TCP POLICY DNS Query to.onion proxy Domain (knowhands.us)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (knowhands.us)

Enabled by defaultEvents per second (default = 1)
125000728System

DROP UDP POLICY DNS Query to.onion proxy Domain (kswcuk.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (kswcuk.top)

Enabled by defaultEvents per second (default = 1)
125000729System

DROP TCP POLICY DNS Query to.onion proxy Domain (kswcuk.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (kswcuk.top)

Enabled by defaultEvents per second (default = 1)
125000730System

DROP UDP POLICY DNS Query to.onion proxy Domain (kzo8mc.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (kzo8mc.top)

Enabled by defaultEvents per second (default = 1)
125000731System

DROP TCP POLICY DNS Query to.onion proxy Domain (kzo8mc.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (kzo8mc.top)

Enabled by defaultEvents per second (default = 1)
125000732System

DROP UDP POLICY DNS Query to.onion proxy Domain (liescale.in)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (liescale.in)

Enabled by defaultEvents per second (default = 1)
125000733System

DROP TCP POLICY DNS Query to.onion proxy Domain (liescale.in)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (liescale.in)

Enabled by defaultEvents per second (default = 1)
125000734System

DROP UDP POLICY DNS Query to.onion proxy Domain (lorrydo.lol)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (lorrydo.lol)

Enabled by defaultEvents per second (default = 1)
125000735System

DROP TCP POLICY DNS Query to.onion proxy Domain (lorrydo.lol)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (lorrydo.lol)

Enabled by defaultEvents per second (default = 1)
125000736System

DROP UDP POLICY DNS Query to.onion proxy
Domain (lowallmoneypool.com)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (lowallmoneypool.com)

Enabled by defaultEvents per second (default = 1)
125000737System

DROP TCP POLICY DNS Query to.onion proxy
Domain (lowallmoneypool.com)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (lowallmoneypool.com)

Enabled by defaultEvents per second (default = 1)
125000738System

DROP UDP POLICY DNS Query to.onion proxy
Domain (metmet.win)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (metmet.win)

Enabled by defaultEvents per second (default = 1)
125000739System

DROP TCP POLICY DNS Query to.onion proxy
Domain (metmet.win)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (metmet.win)

Enabled by defaultEvents per second (default = 1)
125000740System

DROP UDP POLICY DNS Query to.onion proxy
Domain (mileslook.pro)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (mileslook.pro)

Enabled by defaultEvents per second (default = 1)
125000741System

DROP TCP POLICY DNS Query to.onion proxy
Domain (mileslook.pro)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (mileslook.pro)

Enabled by defaultEvents per second (default = 1)
125000742System

DROP UDP POLICY DNS Query to.onion proxy
Domain (msu96b.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (msu96b.top)

Enabled by defaultEvents per second (default = 1)
125000743System

DROP TCP POLICY DNS Query to.onion proxy
Domain (msu96b.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (msu96b.top)

Enabled by defaultEvents per second (default = 1)
125000744System

DROP UDP POLICY DNS Query to.onion proxy
Domain (n80yab.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (n80yab.top)

Enabled by defaultEvents per second (default = 1)
125000745System

DROP TCP POLICY DNS Query to.onion proxy
Domain (n80yab.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (n80yab.top)

Enabled by defaultEvents per second (default = 1)
125000746System

DROP UDP POLICY DNS Query to.onion proxy
Domain (nearlybut.us)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (nearlybut.us)

Enabled by defaultEvents per second (default = 1)
125000747System

DROP TCP POLICY DNS Query to.onion proxy
Domain (nearlybut.us)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (nearlybut.us)

Enabled by defaultEvents per second (default = 1)
125000748System

DROP UDP POLICY DNS Query to.onion proxy
Domain (needmight.win)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (needmight.win)

Enabled by defaultEvents per second (default = 1)
125000749System

DROP TCP POLICY DNS Query to.onion proxy
Domain (needmight.win)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (needmight.win)

Enabled by defaultEvents per second (default = 1)
125000750System

DROP UDP POLICY DNS Query to.onion proxy
Domain (nextask.loan)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (nextask.loan)

Enabled by defaultEvents per second (default = 1)
125000751System

DROP TCP POLICY DNS Query to.onion proxy
Domain (nextask.loan)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (nextask.loan)

Enabled by defaultEvents per second (default = 1)
125000752System

DROP UDP POLICY DNS Query to.onion proxy
Domain (nfgpeb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (nfgpeb.top)

Enabled by defaultEvents per second (default = 1)
125000753System

DROP TCP POLICY DNS Query to.onion proxy
Domain (nfgpeb.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (nfgpeb.top)

Enabled by defaultEvents per second (default = 1)
125000754System

DROP UDP POLICY DNS Query to.onion proxy
Domain (ninedraws.black)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (ninedraws.black)

Enabled by defaultEvents per second (default = 1)
125000755System

DROP TCP POLICY DNS Query to.onion proxy
Domain (ninedraws.black)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (ninedraws.black)

Enabled by defaultEvents per second (default = 1)
125000756System

DROP UDP POLICY DNS Query to.onion proxy
Domain (nowants.pw)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (nowants.pw)

Enabled by defaultEvents per second (default = 1)
125000757System

DROP TCP POLICY DNS Query to.onion proxy
Domain (nowants.pw)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (nowants.pw)

Enabled by defaultEvents per second (default = 1)
125000758System

DROP UDP POLICY DNS Query to.onion proxy
Domain (og5ezh.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (og5ezh.top)

Enabled by defaultEvents per second (default = 1)
125000759System

DROP TCP POLICY DNS Query to.onion proxy
Domain (og5ezh.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (og5ezh.top)

Enabled by defaultEvents per second (default = 1)
125000760System

DROP UDP POLICY DNS Query to.onion proxy
Domain (plambers.bid)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (plambers.bid)

Enabled by defaultEvents per second (default = 1)
125000761System

DROP TCP POLICY DNS Query to.onion proxy
Domain (plambers.bid)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (plambers.bid)

Enabled by defaultEvents per second (default = 1)
125000762System

DROP UDP POLICY DNS Query to.onion proxy
Domain (plotbet.gdn)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (plotbet.gdn)

Enabled by defaultEvents per second (default = 1)
125000763System

DROP TCP POLICY DNS Query to.onion proxy
Domain (plotbet.gdn)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (plotbet.gdn)

Enabled by defaultEvents per second (default = 1)
125000764System

DROP UDP POLICY DNS Query to.onion proxy
Domain (powersno.link)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (powersno.link)

Enabled by defaultEvents per second (default = 1)
125000765System

DROP TCP POLICY DNS Query to.onion proxy
Domain (powersno.link)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (powersno.link)

Enabled by defaultEvents per second (default = 1)
125000766System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2 (futnudxthoj.org)

This rule drops TROJAN Ransomware Domain Detected (TorrentLocker C2) using UDP (futnudxthoj.org)

Enabled by defaultEvents per second (default = 1)
125000767System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (futnudxthoj.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (futnudxthoj.org)

Enabled by defaultEvents per second (default = 1)
125000768System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (ashwrfieer.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (ashwrfieer.com)

Enabled by defaultEvents per second (default = 1)
125000769System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (ashwrfieer.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (ashwrfieer.com)

Enabled by defaultEvents per second (default = 1)
125000770System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (wrusojodx.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (wrusojodx.net)

Enabled by defaultEvents per second (default = 1)
125000771System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (wrusojodx.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (wrusojodx.net)

Enabled by defaultEvents per second (default = 1)
125000772System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (azkazdzoxomj.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (azkazdzoxomj.net)

Enabled by defaultEvents per second (default = 1)
125000773System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (azkazdzoxomj.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (azkazdzoxomj.net)

Enabled by defaultEvents per second (default = 1)
125000774System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (hejdress.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (hejdress.net)

Enabled by defaultEvents per second (default = 1)
125000775System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (hejdress.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (hejdress.net)

Enabled by defaultEvents per second (default = 1)
125000776System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (kruvbest.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (kruvbest.org)

Enabled by defaultEvents per second (default = 1)
125000777System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (kruvbest.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (kruvbest.org)

Enabled by defaultEvents per second (default = 1)
125000778System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (frecvuged.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (frecvuged.org)

Enabled by defaultEvents per second (default = 1)
125000779System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLockerC2) (frecvuged.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (frecvuged.org)

Enabled by defaultEvents per second (default = 1)
125000780System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLockerC2) (jetcoul.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (jetcoul.org)

Enabled by defaultEvents per second (default = 1)
125000781System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (jetcoul.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (jetcoul.org)

Enabled by defaultEvents per second (default = 1)
125000782System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (saveyxlk.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (saveyxlk.com)

Enabled by defaultEvents per second (default = 1)
125000783System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (saveyxlk.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2)  using TCP (saveyxlk.com)

Enabled by defaultEvents per second (default = 1)
125000784System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (cofvormzas.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (cofvormzas.net)

Enabled by defaultEvents per second (default = 1)
125000785System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (cofvormzas.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (cofvormzas.net)

Enabled by defaultEvents per second (default = 1)
125000786System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (goanfilter.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (goanfilter.net)

Enabled by defaultEvents per second (default = 1)
125000787System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (goanfilter.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (goanfilter.net)

Enabled by defaultEvents per second (default = 1)
125000788System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (kospulorepo.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (kospulorepo.com)

Enabled by defaultEvents per second (default = 1)
125000789System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (kospulorepo.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (kospulorepo.com)

Enabled by defaultEvents per second (default = 1)
125000790System

DROP UDP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (trackscars.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (trackscars.org)

Enabled by defaultEvents per second (default = 1)
125000791System

DROP TCP TROJAN Ransomware Domain
Detected (TorrentLockerC2) (trackscars.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (trackscars.org)

Enabled by defaultEvents per second (default = 1)
125000792System

DROP UDP TROJAN ABUSE.CH Ransomware
Domain Detected (gccxqpuuylioxoip)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using UDP (gccxqpuuylioxoip)

Enabled by defaultEvents per second (default = 1)
125000793System

DROP TCP TROJAN ABUSE.CH Ransomware
Domain Detected (gccxqpuuylioxoip)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using TCP (gccxqpuuylioxoip)

Enabled by defaultEvents per second (default = 1)
125000794System

DROP UDP TROJAN ABUSE.CH Ransomware
Domain Detected (kvyatmujksksbcgx)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using UDP (kvyatmujksksbcgx)

Enabled by defaultEvents per second (default = 1)
125000795System

DROP TCP TROJAN ABUSE.CH Ransomware
Domain Detected (kvyatmujksksbcgx)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using TCP (kvyatmujksksbcgx)

Enabled by defaultEvents per second (default = 1)
125000796System

DROP UDP TROJAN ABUSE.CH Ransomware
Domain Detected (mz7oyb3v32vshcvk)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using UDP (mz7oyb3v32vshcvk)

Enabled by defaultEvents per second (default = 1)
125000797System

DROP TCP TROJAN ABUSE.CH Ransomware
Domain Detected (mz7oyb3v32vshcvk)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using TCP (mz7oyb3v32vshcvk)

Enabled by defaultEvents per second (default = 1)
125000798System

DROP UDP TROJAN ABUSE.CH Ransomware
Domain Detected (xhrnfffaixawpuob)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using UDP (xhrnfffaixawpuob)

Enabled by defaultEvents per second (default = 1)
125000799System

DROP TCP TROJAN ABUSE.CH Ransomware
Domain Detected (xhrnfffaixawpuob)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using TCP (xhrnfffaixawpuob)

Enabled by defaultEvents per second (default = 1)
125000800System

DROP UDP TROJAN ABUSE.CH Ransomware
Domain Detected (yuysikankhqvdwdv)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using UDP (yuysikankhqvdwdv)

Enabled by defaultEvents per second (default = 1)
125000801System

DROP TCP TROJAN ABUSE.CH Ransomware
Domain Detected (yuysikankhqvdwdv)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using TCP (yuysikankhqvdwdv)

Enabled by defaultEvents per second (default = 1)
125000802System

DROP UDP TROJAN ABUSE.CH Ransomware
Domain Detected (zjfq4lnfbs7pncr5)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using UDP (zjfq4lnfbs7pncr5)

Enabled by defaultEvents per second (default = 1)
125000803System

DROP TCP TROJAN ABUSE.CH Ransomware
Domain Detected (zjfq4lnfbs7pncr5)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected using TCP (zjfq4lnfbs7pncr5)

Enabled by defaultEvents per second (default = 1)
125000804System

DROP UDP TROJAN ProjectSauron Remsec
DNS UDP Lookup (rapidcomments.com)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using UDP (rapidcomments.com)

Enabled by defaultEvents per second (default = 1)
125000805System

DROP TCP TROJAN ProjectSauron Remsec
DNS TCP Lookup (rapidcomments.com)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using TCP (rapidcomments.com)

Enabled by defaultEvents per second (default = 1)
125000806System

DROP UDP TROJAN ProjectSauron Remsec
DNS UDP Lookup (bikessport.com)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using UDP (bikessport.com)

Enabled by defaultEvents per second (default = 1)
125000807System

DROP TCP TROJAN ProjectSauron Remsec
DNS TCP Lookup (bikessport.com)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using TCP (bikessport.com)

Enabled by defaultEvents per second (default = 1)
125000808System

DROP UDP TROJAN ProjectSauron Remsec
DNS UDP Lookup (myhomemusic.com)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using UDP (myhomemusic.com)

Enabled by defaultEvents per second (default = 1)
125000809System

DROP TCP TROJAN ProjectSauron Remsec
DNS TCP Lookup (myhomemusic.com)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using TCP (myhomemusic.com)

Enabled by defaultEvents per second (default = 1)
125000810System

DROP UDP TROJAN ProjectSauron Remsec DNS UDP

Lookup (flowershop22.110mb.com)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using UDP (flowershop22.110mb.com)

Enabled by defaultEvents per second (default = 1)
125000811System

DROP TCP TROJAN ProjectSauron Remsec DNS TCP

Lookup (flowershop22.110mb.com)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using TCP (flowershop22.110mb.com)

Enabled by defaultEvents per second (default = 1)
125000812System

DROP UDP TROJAN ProjectSauron Remsec DNS UDP

Lookup (wildhorses.awardspace.info)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using UDP (wildhorses.awardspace.info)

Enabled by defaultEvents per second (default = 1)
125000813System

DROP TCP TROJAN ProjectSauron Remsec DNS TCP

Lookup (wildhorses.awardspace.info)

This rule drops TROJAN ProjectSauron Remsec DNS Lookup using TCP (wildhorses.awardspace.info)

Enabled by defaultEvents per second (default = 1)
125000814System

DROP UDP TROJAN ProjectSauron Remsec DNS UDP

Lookup (asrgd-uzX.weedns.com)

This rule drops TROJAN ProjectSauron Remsec DNS UDP Lookup (asrgd-uzX.weedns.com)

Enabled by defaultEvents per second (default = 1)
125000815System

DROP TCP TROJAN ProjectSauron Remsec DNS TCP

Lookup (asrgd-uzX.weedns.com)

This rule drops TROJAN ProjectSauron Remsec DNS TCP Lookup (asrgd-uzX.weedns.com)

Enabled by defaultEvents per second (default = 1)
125000816System

DROP UDP TROJAN ProjectSauron Remsec DNS UDP

Lookup (sx4-ws42.yi.org)

This rule drops TROJAN ProjectSauron Remsec DNS UDP Lookup (sx4-ws42.yi.org)

Enabled by defaultEvents per second (default = 1)
125000817System

DROP TCP TROJAN ProjectSauron Remsec DNS TCP

Lookup (sx4-ws42.yi.org)

This rule drops TROJAN ProjectSauron Remsec DNS TCP Lookup (sx4-ws42.yi.org)

Enabled by defaultEvents per second (default = 1)
125000818System

DROP UDP TROJAN ProjectSauron Remsec DNS UDP

Lookup (weX.q.tcow.eu)

This rule drops TROJAN ProjectSauron Remsec DNS UDP Lookup (weX.q.tcow.eu)

Enabled by defaultEvents per second (default = 1)
125000819System

DROP TCP TROJAN ProjectSauron Remsec DNS TCP

Lookup (weX.q.tcow.eu)

This rule drops TROJAN ProjectSauron Remsec DNS TCP Lookup (weX.q.tcow.eu)

Enabled by defaultEvents per second (default = 1)
125000820System

DROP UDP TROJAN DarkHotel DNS UDP
Lookup (apply-wsu.ebizx.net)

This rule drops TROJAN DarkHotel DNS Lookup using UDP (apply-wsu.ebizx.net)

Enabled by defaultEvents per second (default = 1)
125000821System

DROP TCP TROJAN DarkHotel DNS TCP
Lookup (apply-wsu.ebizx.net)

This rule drops TROJAN DarkHotel DNS Lookup using TCP (apply-wsu.ebizx.net)

Enabled by defaultEvents per second (default = 1)
125000822System

DROP UDP TROJAN DarkHotel DNS UDP
Lookup (apply.ebizx.net)

This rule drops TROJAN DarkHotel DNS Lookup using UDP (apply.ebizx.net)

Enabled by defaultEvents per second (default = 1)
125000823System

DROP TCP TROJAN DarkHotel DNS TCP
Lookup (apply.ebizx.net)

This rule drops TROJAN DarkHotel DNS Lookup using TCP (apply.ebizx.net)

Enabled by defaultEvents per second (default = 1)
125000824System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS UDP
Lookup (droidgrades.top)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using UDP (droidgrades.top)

Enabled by defaultEvents per second (default = 1)
125000825System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS TCP
Lookup (droidgrades.top)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using TCP (droidgrades.top)

Enabled by defaultEvents per second (default = 1)
125000826System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS UDP
Lookup (droidgrades.us)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using UDP (droidgrades.us)

Enabled by defaultEvents per second (default = 1)
125000827System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS TCP
Lookup (droidgrades.us)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using TCP (droidgrades.us)

Enabled by defaultEvents per second (default = 1)
125000828System

DROP UDP POLICY DNS Query to.onion proxy
Domain (redefined.click)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (redefined.click)

Enabled by defaultEvents per second (default = 1)
125000829System

DROP TCP POLICY DNS Query to.onion proxy
Domain (redefined.click)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (redefined.click)

Enabled by defaultEvents per second (default = 1)
125000830System

DROP UDP POLICY DNS Query to.onion proxy
Domain (relyleafs.click)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (relyleafs.click)

Enabled by defaultEvents per second (default = 1)
125000831System

DROP TCP POLICY DNS Query to.onion proxy Domain (relyleafs.click)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (relyleafs.click)

Enabled by defaultEvents per second (default = 1)
125000832System

DROP UDP POLICY DNS Query to.onion proxy
Domain (ridsimply.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (ridsimply.top)

Enabled by defaultEvents per second (default = 1)
125000833System

DROP TCP POLICY DNS Query to.onion proxy
Domain (ridsimply.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (ridsimply.top)

Enabled by defaultEvents per second (default = 1)
125000834System

DROP UDP POLICY DNS Query to.onion proxy
Domain (rl0bdw.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (rl0bdw.top)

Enabled by defaultEvents per second (default = 1)
125000835System

DROP TCP POLICY DNS Query to.onion proxy
Domain (rl0bdw.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (rl0bdw.top)

Enabled by defaultEvents per second (default = 1)
125000836System

DROP UDP POLICY DNS Query to.onion proxy
Domain (rnkj09.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (rnkj09.top)

Enabled by defaultEvents per second (default = 1)
125000837System

DROP TCP POLICY DNS Query to.onion proxy
Domain (rnkj09.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (rnkj09.top)

Enabled by defaultEvents per second (default = 1)
125000838System

DROP UDP POLICY DNS Query to.onion proxy
Domain (sayssales.bid)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (sayssales.bid)

Enabled by defaultEvents per second (default = 1)
125000839System

DROP TCP POLICY DNS Query to.onion proxy
Domain (sayssales.bid)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (sayssales.bid)

Enabled by defaultEvents per second (default = 1)
125000840System

DROP UDP POLICY DNS Query to.onion proxy
Domain (seenmust.pro)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (seenmust.pro)

Enabled by defaultEvents per second (default = 1)
125000841System

DROP TCP POLICY DNS Query to.onion proxy
Domain (seenmust.pro)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (seenmust.pro)

Enabled by defaultEvents per second (default = 1)
125000842System

DROP UDP POLICY DNS Query to.onion proxy
Domain (sk8r54.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (sk8r54.top)

Enabled by defaultEvents per second (default = 1)
125000843System

DROP TCP POLICY DNS Query to.onion proxy
Domain (sk8r54.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (sk8r54.top)

Enabled by defaultEvents per second (default = 1)
125000844System

DROP UDP POLICY DNS Query to.onion proxy
Domain (ssd5gt.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (ssd5gt.top)

Enabled by defaultEvents per second (default = 1)
125000845System

DROP TCP POLICY DNS Query to.onion proxy
Domain (ssd5gt.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (ssd5gt.top)

Enabled by defaultEvents per second (default = 1)
125000846System

DROP UDP POLICY DNS Query to.onion proxy
Domain (stopsage.gdn)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (stopsage.gdn)

Enabled by defaultEvents per second (default = 1)
125000847System

DROP TCP POLICY DNS Query to.onion proxy
Domain (stopsage.gdn)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (stopsage.gdn)

Enabled by defaultEvents per second (default = 1)
125000848System

DROP UDP POLICY DNS Query to.onion proxy
Domain (thanreal.link)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (thanreal.link)

Enabled by defaultEvents per second (default = 1)
125000849System

DROP TCP POLICY DNS Query to.onion proxy
Domain (thanreal.link)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (thanreal.link)

Enabled by defaultEvents per second (default = 1)
125000850System

DROP UDP POLICY DNS Query to.onion proxy
Domain (themevery.win)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (themevery.win)

Enabled by defaultEvents per second (default = 1)
125000851System

DROP TCP POLICY DNS Query to.onion proxy
Domain (themevery.win)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (themevery.win)

Enabled by defaultEvents per second (default = 1)
125000852System

DROP UDP POLICY DNS Query to.onion proxy
Domain (topicside.club)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (topicside.club)

Enabled by defaultEvents per second (default = 1)
125000853System

DROP TCP POLICY DNS Query to.onion proxy
Domain (topicside.club)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (topicside.club)

Enabled by defaultEvents per second (default = 1)
125000854System

DROP UDP POLICY DNS Query to.onion proxy
Domain (v11z5e.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (v11z5e.top)

Enabled by defaultEvents per second (default = 1)
125000855System

DROP TCP POLICY DNS Query to.onion proxy
Domain (v11z5e.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (v11z5e.top)

Enabled by defaultEvents per second (default = 1)
125000856System

DROP UDP POLICY DNS Query to.onion proxy
Domain (variedtax.kim)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (variedtax.kim)

Enabled by defaultEvents per second (default = 1)
125000857System

DROP TCP POLICY DNS Query to.onion proxy
Domain (variedtax.kim)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (variedtax.kim)

Enabled by defaultEvents per second (default = 1)
125000858System

DROP UDP POLICY DNS Query to.onion proxy
Domain (vkm4l6.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (vkm4l6.top)

Enabled by defaultEvents per second (default = 1)
125000859System

DROP TCP POLICY DNS Query to.onion proxy
Domain (vkm4l6.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (vkm4l6.top)

Enabled by defaultEvents per second (default = 1)
125000860System

DROP UDP POLICY DNS Query to.onion proxy
Domain (wht5py.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (wht5py.top)

Enabled by defaultEvents per second (default = 1)
125000861System

DROP TCP POLICY DNS Query to.onion proxy
Domain (wht5py.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (wht5py.top)

Enabled by defaultEvents per second (default = 1)
125000862System

DROP UDP POLICY DNS Query to.onion proxy
Domain (wishsends.mobi)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (wishsends.mobi)

Enabled by defaultEvents per second (default = 1)
125000863System

DROP TCP POLICY DNS Query to.onion proxy
Domain (wishsends.mobi)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (wishsends.mobi)

Enabled by defaultEvents per second (default = 1)
125000864System

DROP UDP POLICY DNS Query to.onion proxy
Domain (wonrough.in)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (wonrough.in)

Enabled by defaultEvents per second (default = 1)
125000865System

DROP TCP POLICY DNS Query to.onion proxy
Domain (wonrough.in)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (wonrough.in)

Enabled by defaultEvents per second (default = 1)
125000866System

DROP UDP POLICY DNS Query to.onion proxy
Domain (worsemine.pro)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (worsemine.pro)

Enabled by defaultEvents per second (default = 1)
125000867System

DROP TCP POLICY DNS Query to.onion proxy
Domain (worsemine.pro)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (worsemine.pro)

Enabled by defaultEvents per second (default = 1)
125000868System

DROP UDP POLICY DNS Query to.onion proxy
Domain (wz139z.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (wz139z.top)

Enabled by defaultEvents per second (default = 1)
125000869System

DROP TCP POLICY DNS Query to.onion proxy
Domain (wz139z.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (wz139z.top)

Enabled by defaultEvents per second (default = 1)
125000870System

DROP UDP POLICY DNS Query to.onion proxy
Domain (xab7m0.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (xab7m0.top)

Enabled by defaultEvents per second (default = 1)
125000871System

DROP TCP POLICY DNS Query to.onion proxy
Domain (xab7m0.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (xab7m0.top)

Enabled by defaultEvents per second (default = 1)
125000872System

DROP UDP POLICY DNS Query to.onion proxy
Domain (y721yz.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (y721yz.top)

Enabled by defaultEvents per second (default = 1)
125000873System

DROP TCP POLICY DNS Query to.onion proxy
Domain (y721yz.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (y721yz.top)

Enabled by defaultEvents per second (default = 1)
125000874System

DROP UDP POLICY DNS Query to.onion proxy
Domain (yw4629.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (yw4629.top)

Enabled by defaultEvents per second (default = 1)
125000875System

DROP TCP POLICY DNS Query to.onion proxy
Domain (yw4629.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (yw4629.top)

Enabled by defaultEvents per second (default = 1)
125000876System

DROP UDP POLICY DNS Query to.onion proxy
Domain (z7ud98.top)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (z7ud98.top)

Enabled by defaultEvents per second (default = 1)
125000877System

DROP TCP POLICY DNS Query to.onion proxy
Domain (z7ud98.top)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (z7ud98.top)

Enabled by defaultEvents per second (default = 1)
125000878System

DROP UDP TROJAN Unknown .onion Proxy
Domain (stohavlirqmkz5te)

This rule drops TROJAN Unknown .onion Proxy Domain Lookup using UDP (stohavlirqmkz5te)

Enabled by defaultEvents per second (default = 1)
125000879System

DROP TCP TROJAN Unknown .onion Proxy
Domain (stohavlirqmkz5te)

This rule drops TROJAN Unknown .onion Proxy Domain Lookup using TCP (stohavlirqmkz5te)

Enabled by defaultEvents per second (default = 1)
125000880System

DROP UDP TROJAN Python/SupAgent
.onion Proxy

Domain (lrcyuawm7ifaqqhp)

This rule drops TROJAN Python/SupAgent .onion
Proxy Domain Lookup using UDP (lrcyuawm7ifaqqhp)

Enabled by defaultEvents per second (default = 1)
125000881System

DROP TCP TROJAN Python/SupAgent.onion Proxy

Domain (lrcyuawm7ifaqqhp)

This rule drops TROJAN Python/SupAgent .onion
Proxy Domain Lookup using TCP (lrcyuawm7ifaqqhp)

Enabled by defaultEvents per second (default = 1)
125000882System

DROP UDP INFO DYNAMIC_DNS Query to a Suspicious now-ip
Domain (now-ip.net)

This rule drops INFO DYNAMIC_DNS Query to a
Suspicious now-ip Domain using UDP (now-ip.net)

Enabled by defaultEvents per second (default = 1)
125000883System

DROP TCP INFO DYNAMIC_DNS Query to a Suspicious now-ip
Domain (now-ip.net)

This rule drops INFO DYNAMIC_DNS Query to a
Suspicious now-ip Domain using TCP (now-ip.net)

Enabled by defaultEvents per second (default = 1)
125000884System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS UDP
Lookup (droidsg.pw)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using UDP (droidsg.pw)

Enabled by defaultEvents per second (default = 1)
125000885System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS TCP
Lookup (droidsg.pw)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using TCP (droidsg.pw)

Enabled by defaultEvents per second (default = 1)
125000886System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS UDP
Lookup (novojogo.at)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using UDP (novojogo.at)

Enabled by defaultEvents per second (default = 1)
125000887System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS TCP
Lookup (novojogo.at)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using TCP (novojogo.at)

Enabled by defaultEvents per second (default = 1)
125000888System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS UDP
Lookup (stockmart.at)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using UDP (stockmart.at)

Enabled by defaultEvents per second (default = 1)
125000889System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS TCP
Lookup (stockmart.at)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using TCP (stockmart.at)

Enabled by defaultEvents per second (default = 1)
125000890System

DROP UDP TROJAN Ransomware/Cerber Onion Domain UDP
Lookup (bqyjebfh25oellur)

This rule drops TROJAN Ransomware/Cerber Onion Domain Lookup using UDP (bqyjebfh25oellur)

Enabled by defaultEvents per second (default = 1)
125000891System

DROP TCP TROJAN Ransomware/Cerber Onion Domain TCP
Lookup (bqyjebfh25oellur)

This rule drops TROJAN Ransomware/Cerber Onion Domain Lookup using TCP (bqyjebfh25oellur)

Enabled by defaultEvents per second (default = 1)
125000892System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher.l DNS UDP
Lookup (arfonia.xyz)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using UDP (arfonia.xyz)

Enabled by defaultEvents per second (default = 1)
125000893System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.l DNS TCP
Lookup (arfonia.xyz)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup using TCP (arfonia.xyz)

Enabled by defaultEvents per second (default = 1)
125000894System

DROP UDP TROJAN Ransomware Alma
Locker .onion Proxy
Domain (jjuwnj2ejjmafg74)

This rule drops TROJAN Ransomware Alma Locker.onion Proxy Domain

Lookup using UDP (jjuwnj2ejjmafg74)

Enabled by defaultEvents per second (default = 1)
125000895System

DROP TCP TROJAN Ransomware Alma
Locker .onion Proxy
Domain (jjuwnj2ejjmafg74)

This rule drops TROJAN Ransomware Alma Locker.onion Proxy Domain

Lookup using TCP (jjuwnj2ejjmafg74)

Enabled by defaultEvents per second (default = 1
125000896System

DROP UDP TROJAN Cerber .onion Proxy
Domain (wjtqjleommc4z46i)

This rule drops TROJAN Cerber.onion Proxy Domain

Lookup using UDP (wjtqjleommc4z46i)

Enabled by defaultEvents per second (default = 1)
125000897System

DROP TCP TROJAN Cerber .onion Proxy
Domain (wjtqjleommc4z46i)

This rule drops TROJAN Cerber.onion Proxy Domain

Lookup using TCP (wjtqjleommc4z46i)

Enabled by defaultEvents per second (default = 1)
125000898System

DROP UDP TROJAN Sefnit .onion Proxy
Domain (kushibsf64sn5bxp)

This rule drops TROJAN Sefnit.onion Proxy Domain

Lookup using UDP (kushibsf64sn5bxp)

Enabled by defaultEvents per second (default = 1)
125000899System

DROP TCP TROJAN Sefnit .onion Proxy
Domain (kushibsf64sn5bxp)

This rule drops TROJAN Sefnit.onion Proxy Domain

Lookup using TCP (kushibsf64sn5bxp)

Enabled by defaultEvents per second (default = 1)
125000900System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLockerC2) (dakegihufiq.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (dakegihufiq.org)

Enabled by defaultEvents per second (default = 1)
125000901System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLockerC2) (dakegihufiq.org)

This rule drops TROJAN Ransomware

DomainDetected (TorrentLocker C2)
using TCP (dakegihufiq.org)

Enabled by defaultEvents per second (default = 1)
125000902System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLockerC2) (kadhyzyi.net)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2)
using UDP (kadhyzyi.net)

Enabled by defaultEvents per second (default = 1)
125000903System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLockerC2) (kadhyzyi.net)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2)
using TCP (kadhyzyi.net)

Enabled by defaultEvents per second (default = 1)
125000904System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLockerC2)
(kwahitacowwe.org)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2)
using UDP (kwahitacowwe.org)

Enabled by defaultEvents per second (default = 1)
125000905System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLockerC2)
(kwahitacowwe.org)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2)
using TCP (kwahitacowwe.org)

Enabled by defaultEvents per second (default = 1)
125000906System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLockerC2) (biolendt.com)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2)
using UDP (biolendt.com)

Enabled by defaultEvents per second (default = 1)
125000907System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (biolendt.com)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2)
using TCP (biolendt.com)

Enabled by defaultEvents per second (default = 1)
125000908System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLockerC2) (gorvekt.biz)

This rule drops TROJAN Ransomware

Domain
Detected (TorrentLocker C2) using UDP (gorvekt.biz)

Enabled by defaultEvents per second (default = 1)
125000909System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLockerC2) (gorvekt.biz)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2)
using TCP (gorvekt.biz)

Enabled by defaultEvents per second (default = 1)
125000910System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLockerC2) (coalfud.net)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2) using UDP (coalfud.net)

Enabled by defaultEvents per second (default = 1)
125000911System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLockerC2) (coalfud.net)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2) using TCP (coalfud.net)

Enabled by defaultEvents per second (default = 1)
125000912System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLockerC2) (jyhedkoper.net)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2) using UDP (jyhedkoper.net)

Enabled by defaultEvents per second (default = 1)
125000913System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLockerC2) (jyhedkoper.net)

This rule drops TROJAN Ransomware

Domain Detected (TorrentLocker C2) using TCP (jyhedkoper.net)

Enabled by defaultEvents per second (default = 1)
125000914System

DROP UDP TROJAN Ransomware
CTB-Locker .onion Proxy
Domain (rd7v7mhidgrulwqg)

This rule drops TROJAN Ransomware CTB-Locker
.onion Proxy Domain

Lookup using UDP (rd7v7mhidgrulwqg)

Enabled by defaultEvents per second (default = 1)
125000915System

DROP TCP TROJAN Ransomware
CTB-Locker .onion Proxy
Domain (rd7v7mhidgrulwqg)

This rule drops TROJAN Ransomware CTB-Locker.onion Proxy Domain

Lookup using TCP (rd7v7mhidgrulwqg)

Enabled by defaultEvents per second (default = 1)
125000916System

DROP UDP TROJAN Ransomware Locky.onion Payment

Domain (5n7y4yihirccftc5)

This rule drops TROJAN Ransomware Locky .onion
Payment

Domain using UDP (5n7y4yihirccftc5)

Enabled by defaultEvents per second (default = 1)
125000917System

DROP TCP TROJAN Ransomware Locky
.onion Payment

Domain (5n7y4yihirccftc5)

This rule drops TROJAN Ransomware Locky .onion
Payment Domain using TCP (5n7y4yihirccftc5)

Enabled by defaultEvents per second (default = 1)
125000918System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (aalaan.tv)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (aalaan.tv)

Enabled by defaultEvents per second (default = 1)
125000919System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (aalaan.tv)

This rule drops TROJAN
Possible Pegasus Related DNS
Lookup using TCP (aalaan.tv)

Enabled by defaultEvents per second (default = 1)
125000920System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (accounts.mx)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (accounts.mx)

Enabled by defaultEvents per second (default = 1)
125000921System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (accounts.mx)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (accounts.mx)

Enabled by defaultEvents per second (default = 1)
125000922System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (adjust-local-settings.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (adjust-local-settings.com)

Enabled by defaultEvents per second (default = 1)
125000923System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (adjust-local-settings.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (adjust-local-settings.com)

Enabled by defaultEvents per second (default = 1)
125000924System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (alawaeltech.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (alawaeltech.com)

Enabled by defaultEvents per second (default = 1)
125000925System

DROP TCP TROJAN Possible Pegasus Related DNS TCP
Lookup (alawaeltech.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (alawaeltech.com)

Enabled by defaultEvents per second (default = 1)
125000926System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (alljazeera.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (alljazeera.co)

Enabled by defaultEvents per second (default = 1)
125000927System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (alljazeera.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (alljazeera.co)

Enabled by defaultEvents per second (default = 1)
125000928System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (asrararabiya.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (asrararabiya.co)

Enabled by defaultEvents per second (default = 1)
125000929System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (asrararabiya.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (asrararabiya.co)

Enabled by defaultEvents per second (default = 1)
125000930System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (asrararablya.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (asrararablya.com)

Enabled by defaultEvents per second (default = 1)
125000931System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (asrararablya.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (asrararablya.com)

Enabled by defaultEvents per second (default = 1)
125000932System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (asrarrarabiya.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (asrarrarabiya.com)

Enabled by defaultEvents per second (default = 1)
125000933System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (asrarrarabiya.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (asrarrarabiya.com)

Enabled by defaultEvents per second (default = 1)
125000934System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (bahrainsms.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (bahrainsms.co)

Enabled by defaultEvents per second (default = 1)
125000935System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (bahrainsms.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (bahrainsms.co)

Enabled by defaultEvents per second (default = 1)
125000936System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (bbc-africa.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (bbc-africa.com)

Enabled by defaultEvents per second (default = 1)
125000937System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (bbc-africa.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (bbc-africa.com)

Enabled by defaultEvents per second (default = 1)
125000938System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (bulbazaur.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (bulbazaur.com)

Enabled by defaultEvents per second (default = 1)
125000939System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (bulbazaur.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (bulbazaur.com)

Enabled by defaultEvents per second (default = 1)
125000940System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (checkinonlinehere.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (checkinonlinehere.com)

Enabled by defaultEvents per second (default = 1)
125000941System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (checkinonlinehere.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (checkinonlinehere.com)

Enabled by defaultEvents per second (default = 1)
125000942System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (cnn-africa.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (cnn-africa.co)

Enabled by defaultEvents per second (default = 1)
125000943System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (cnn-africa.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (cnn-africa.co)

Enabled by defaultEvents per second (default = 1)
125000944System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (damanhealth.online)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (damanhealth.online)

Enabled by defaultEvents per second (default = 1)
125000945System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (damanhealth.online)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (damanhealth.online)

Enabled by defaultEvents per second (default = 1)
125000946System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (emiratesfoundation.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (emiratesfoundation.net)

Enabled by defaultEvents per second (default = 1)
125000947System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (emiratesfoundation.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (emiratesfoundation.net)

Enabled by defaultEvents per second (default = 1)
125000948System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (fb-accounts.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (fb-accounts.com)

Enabled by defaultEvents per second (default = 1)
125000949System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (fb-accounts.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (fb-accounts.com)

Enabled by defaultEvents per second (default = 1)
125000950System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (googleplay-store.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (googleplay-store.com)

Enabled by defaultEvents per second (default = 1)
125000951System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (googleplay-store.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (googleplay-store.com)

Enabled by defaultEvents per second (default = 1)
125000952System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (icloudcacher.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (icloudcacher.com)

Enabled by defaultEvents per second (default = 1)
125000953System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (icloudcacher.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (icloudcacher.com)

Enabled by defaultEvents per second (default = 1)
125000954System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (icrcworld.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (icrcworld.com)

Enabled by defaultEvents per second (default = 1)
125000955System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (icrcworld.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (icrcworld.com)

Enabled by defaultEvents per second (default = 1)
125000956System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (manoraonline.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (manoraonline.net)

Enabled by defaultEvents per second (default = 1)
125000957System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (manoraonline.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (manoraonline.net)

Enabled by defaultEvents per second (default = 1)
125000958System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (mz-vodacom.info)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (mz-vodacom.info)

Enabled by defaultEvents per second (default = 1)
125000959

System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (mz-vodacom.info)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (mz-vodacom.info)

Enabled by defaultEvents per second (default = 1)
125000960

System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (newtarrifs.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (newtarrifs.net)

Enabled by defaultEvents per second (default = 1)
125000961

System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (newtarrifs.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (newtarrifs.net)

Enabled by defaultEvents per second (default = 1)
125000962

System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (ooredoodeals.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (ooredoodeals.com)

Enabled by defaultEvents per second (default = 1)
125000963System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (ooredoodeals.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (ooredoodeals.com)

Enabled by defaultEvents per second (default = 1)

125000964

System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (pickuchu.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (pickuchu.com)

Enabled by defaultEvents per second (default = 1)
125000965System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (pickuchu.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (pickuchu.com)

Enabled by defaultEvents per second (default = 1)
125000966System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (redcrossworld.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (redcrossworld.com)

Enabled by defaultEvents per second (default = 1)
125000967System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (redcrossworld.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (redcrossworld.com)

Enabled by defaultEvents per second (default = 1)
125000968System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (sabafon.info)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (sabafon.info)

Enabled by defaultEvents per second (default = 1)
125000969System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (sabafon.info)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (sabafon.info)

Enabled by defaultEvents per second (default = 1)
125000970System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (smser.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (smser.net)

Enabled by defaultEvents per second (default = 1)
125000971System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (smser.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (smser.net)

Enabled by defaultEvents per second (default = 1)
125000972System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (sms.webadv.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (sms.webadv.co)

Enabled by defaultEvents per second (default = 1)
125000973System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (sms.webadv.co)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (sms.webadv.co)

Enabled by defaultEvents per second (default = 1)
125000974System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (topcontactco.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (topcontactco.com)

Enabled by defaultEvents per second (default = 1)
125000975System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (topcontactco.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (topcontactco.com)

Enabled by defaultEvents per second (default = 1)
125000976System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (tpcontact.co.uk)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (tpcontact.co.uk)

Enabled by defaultEvents per second (default = 1)
125000977System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (tpcontact.co.uk)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (tpcontact.co.uk)

Enabled by defaultEvents per second (default = 1)

125000978

System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (track-your-fedex-package.org)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (track-your-fedex-package.org)

Enabled by defaultEvents per second (default = 1)
125000979System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (track-your-fedex-package.org)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (track-your-fedex-package.orG)

Enabled by defaultEvents per second (default = 1)
125000980System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup
(turkeynewsupdates.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (turkeynewsupdates.com)

Enabled by defaultEvents per second (default = 1)
125000981System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (turkeynewsupdates.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (turkeynewsupdates.com)

Enabled by defaultEvents per second (default = 1)
125000982System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (turkishairines.info)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (turkishairines.info)

Enabled by defaultEvents per second (default = 1)
125000983System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (turkishairines.info)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (turkishairines.info)

Enabled by defaultEvents per second (default = 1)
125000984System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (uaenews.online)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (uaenews.online)

Enabled by defaultEvents per second (default = 1)
125000985System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (uaenews.online)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (uaenews.online)

Enabled by defaultEvents per second (default = 1)
125000986System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (univision.click)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (univision.click)

Enabled by defaultEvents per second (default = 1)
125000987System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (univision.click)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (univision.click)

Enabled by defaultEvents per second (default = 1)
125000988System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (unonoticias.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (unonoticias.net)

Enabled by defaultEvents per second (default = 1)
125000989System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (unonoticias.net)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (unonoticias.net)

Enabled by defaultEvents per second (default = 1)
125000990System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (whatsapp-app.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (whatsapp-app.com)

Enabled by defaultEvents per second (default = 1)

125000991

System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (whatsapp-app.com)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (whatsapp-app.com)

Enabled by defaultEvents per second (default = 1)
125000992System

DROP UDP TROJAN Possible Pegasus
Related DNS UDP
Lookup (y0utube.com.mx)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using UDP (y0utube.com.mx)

Enabled by defaultEvents per second (default = 1)
125000993System

DROP TCP TROJAN Possible Pegasus
Related DNS TCP
Lookup (y0utube.com.mx)

This rule drops TROJAN Possible Pegasus Related DNS
Lookup using TCP (y0utube.com.mx)

Enabled by defaultEvents per second (default = 1)
125000994System

DROP UDP POLICY DNS Query to.onion proxy Domain (onion.my)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (onion.my)

Enabled by defaultEvents per second (default = 1)
125000995System

DROP TCP POLICY DNS Query to.onion proxy Domain (onion.my)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (onion.my)

Enabled by defaultEvents per second (default = 1)
125000996System

DROP UDP POLICY DNS Query to.onion proxy Domain (onion.tech)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (onion.tech)

Enabled by defaultEvents per second (default = 1)
125000997System

DROP TCP POLICY DNS Query to.onion proxy Domain (onion.tech)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (onion.tech)

Enabled by defaultEvents per second (default = 1)
125000998System

DROP UDP POLICY DNS Query to.onion proxy Domain (hiddenservice.net)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (hiddenservice.net)

Enabled by defaultEvents per second (default = 1)
125000999System

DROP TCP POLICY DNS Query to.onion proxy Domain (hiddenservice.net)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (hiddenservice.net)

Enabled by defaultEvents per second (default = 1)
125001000System

DROP UDP POLICY DNS Query to.onion proxy Domain (onion.cl)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (onion.cl)

Enabled by defaultEvents per second (default = 1)
125001001System

DROP TCP POLICY DNS Query to.onion proxy Domain (onion.cl)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (onion.cl)

Enabled by defaultEvents per second (default = 1)
125001002System

DROP UDP POLICY DNS Query to.onion proxy Domain (onion.it)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (onion.it)

Enabled by defaultEvents per second (default = 1)
125001003System

DROP TCP POLICY DNS Query to.onion proxy Domain (onion.it)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (onion.it)

Enabled by defaultEvents per second (default = 1)
125001004System

DROP UDP POLICY DNS Query to.onion proxy Domain (onion.ink)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (onion.ink)

Enabled by defaultEvents per second (default = 1)
125001005System

DROP TCP POLICY DNS Query to.onion proxy Domain (onion.ink)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (onion.ink)

Enabled by defaultEvents per second (default = 1)
125001006System

DROP UDP POLICY DNS Query to.onion proxy Domain (onion.live)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (onion.live)

Enabled by defaultEvents per second (default = 1)
125001007System

DROP TCP POLICY DNS Query to.onion proxy Domain (onion.live)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (onion.live)

Enabled by defaultEvents per second (default = 1)
125001008System

DROP UDP POLICY DNS Query to.onion proxy Domain (torlink.co)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (torlink.co)

Enabled by defaultEvents per second (default = 1)

125001009

System

DROP TCP POLICY DNS Query to.onion proxy Domain (torlink.co)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (torlink.co)

Enabled by defaultEvents per second (default = 1)
125001010System

DROP UDP POLICY DNS Query to.onion proxy Domain (tor2.club)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (tor2.club)

Enabled by defaultEvents per second (default = 1)
125001011System

DROP TCP POLICY DNS Query to.onion proxy Domain (tor2.club)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (tor2.club)

Enabled by defaultEvents per second (default = 1)
125001012System

DROP UDP POLICY DNS Query to.onion proxy Domain (onion.co)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (onion.co)

Enabled by defaultEvents per second (default = 1)
125001013System

DROP TCP POLICY DNS Query to.onion proxy Domain (onion.co)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (onion.co)

Enabled by defaultEvents per second (default = 1)
125001014System

DROP UDP TROJAN ReverseShell Download.onion Proxy Domain
(6deuyi43pdjs5ngw)

This rule drops TROJAN ReverseShell Download .onion Proxy Domain

Lookup using UDP (6deuyi43pdjs5ngw)

Enabled by defaultEvents per second (default = 1)
125001015System

DROP TCP TROJAN ReverseShell Download.onion Proxy Domain
(6deuyi43pdjs5ngw)

This rule drops TROJAN ReverseShell Download .onion Proxy Domain

Lookup using TCP (6deuyi43pdjs5ngw)

Enabled by defaultEvents per second (default = 1)
125001016System

DROP UDP TROJAN Meterpreter .onion
Proxy Domain (iv4vxs6plynght7x)

This rule drops TROJAN Meterpreter .onion Proxy Domain

Lookup using UDP (iv4vxs6plynght7x)

Enabled by defaultEvents per second (default = 1)
125001017System

DROP TCP TROJAN Meterpreter .onion
Proxy Domain (iv4vxs6plynght7x)

This rule drops TROJAN Meterpreter .onion Proxy
Domain

Lookup using TCP (iv4vxs6plynght7x)

Enabled by defaultEvents per second (default = 1)
125001018System

DROP UDP TROJAN Ransomware/Cerber Onion Domain UDP
Lookup (6liso4fbnupevqsn)

This rule drops TROJAN Ransomware/Cerber Onion
Domain

Lookup using UDP (6liso4fbnupevqsn)

Enabled by defaultEvents per second (default = 1)
125001019System

DROP TCP TROJAN Ransomware/Cerber Onion Domain TCP
Lookup (6liso4fbnupevqsn)

This rule drops TROJAN Ransomware/Cerber Onion
Domain

Lookup using TCP (6liso4fbnupevqsn)

Enabled by defaultEvents per second (default = 1)
125001020System

DROP UDP TROJAN TorrentLocker DNS UDP
Lookup (bigcrashcar.net)

This rule drops TROJAN TorrentLocker DNS Lookup using UDP (bigcrashcar.net)

Enabled by defaultEvents per second (default = 1)
125001021System

DROP TCP TROJAN TorrentLocker DNS TCP
Lookup (bigcrashcar.net)

This rule drops TROJAN TorrentLocker DNS Lookup using TCP (bigcrashcar.net)

Enabled by defaultEvents per second (default = 1)
125001022System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.n DNS UDP
Lookup (wellssecuritypass.com)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.n DNS

Lookup using UDP (wellssecuritypass.com)

Enabled by defaultEvents per second (default = 1)
125001023System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.n DNS TCP
Lookup (wellssecuritypass.com)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.n DNS

Lookup using TCP (wellssecuritypass.com)

Enabled by defaultEvents per second (default = 1)

125001024

System

DROP UDP TROJAN Cry Ransomware Onion
Domain UDP Lookup (neutx2117kh7h7zt)

This rule drops TROJAN Cry Ransomware Onion Domain
Lookup using UDP (neutx2117kh7h7zt)

Enabled by defaultEvents per second (default = 1)
125001025System

DROP TCP TROJAN Cry Ransomware Onion
Domain TCP Lookup (neutx2117kh7h7zt)

This rule drops TROJAN Cry Ransomware Onion Domain
Lookup using TCP (neutx2117kh7h7zt)

Enabled by defaultEvents per second (default = 1)
125001026System

DROP UDP TROJAN Ransomware/Poshcoder Onion Domain UDP
Lookup (5uizfldf7k7kot5d)

This rule drops TROJAN Ransomware/Poshcoder
Onion Domain Lookup using UDP (5uizfldf7k7kot5d)

Enabled by defaultEvents per second (default = 1)
125001027System

DROP TCP TROJAN Ransomware/Poshcoder Onion Domain TCP
Lookup (5uizfldf7k7kot5d)

This rule drops TROJAN Ransomware/Poshcoder
Onion Domain Lookup using TCP (5uizfldf7k7kot5d)

Enabled by defaultEvents per second (default = 1)
125001028System

DROP UDP TROJAN Possible APT3 DNS UDP
Lookup (ste.mullanclan.com)

This rule drops TROJAN Possible APT3 DNS Lookup using UDP (ste.mullanclan.com)

Enabled by defaultEvents per second (default = 1)
125001029System

DROP TCP TROJAN Possible APT3 DNS TCP
Lookup (ste.mullanclan.com)

This rule drops TROJAN Possible APT3 DNS Lookup using TCP (ste.mullanclan.com)

Enabled by defaultEvents per second (default = 1)
125001030System

DROP UDP TROJAN Possible APT3 DNS UDP
Lookup (ptr.holmessupply.com)

This rule drops TROJAN Possible APT3 DNS Lookup using UDP (ptr.holmessupply.com)

Enabled by defaultEvents per second (default = 1)
125001031System

DROP TCP TROJAN Possible APT3 DNS TCP
Lookup (ptr.holmessupply.com)

This rule drops TROJAN Possible APT3 DNS Lookup using TCP (ptr.holmessupply.com)

Enabled by defaultEvents per second (default = 1)
125001032System

DROP UDP TROJAN Possible APT3 DNS UDP
Lookup (lite.ultralitedesigns.com)

This rule drops TROJAN Possible APT3 DNS Lookup using UDP (lite.ultralitedesigns.com)

Enabled by defaultEvents per second (default = 1)
125001033System

DROP TCP TROJAN Possible APT3 DNS TCP
Lookup (lite.ultralitedesigns.com)

This rule drops TROJAN Possible APT3 DNS Lookup using TCP (lite.ultralitedesigns.com)

Enabled by defaultEvents per second (default = 1)
125001034System

DROP UDP TROJAN Possible APT3 DNS UDP
Lookup
(parent.kaapagrains.com)

This rule drops TROJAN Possible APT3 DNS Lookup using UDP (parent.kaapagrains.com)

Enabled by defaultEvents per second (default = 1)
125001035System

DROP TCP TROJAN Possible APT3 DNS TCP
Lookup (parent.kaapagrains.com)

This rule drops TROJAN Possible APT3 DNS Lookup using TCP (parent.kaapagrains.com)

Enabled by defaultEvents per second (default = 1)
125001036System

DROP UDP DNS Query to Ebay Phishing
Domain (107sbtd9cbhsbtd5d80)

This rule drops DNS Query to Ebay Phishing Domain using UDP (107sbtd9cbhsbtd5d80)

Enabled by defaultEvents per second (default = 1)
125001037System

DROP TCP DNS Query to Ebay Phishing Domain (107sbtd9cbhsbtd5d80)

This rule drops DNS Query to Ebay Phishing Domain using TCP (107sbtd9cbhsbtd5d80)

Enabled by defaultEvents per second (default = 1)
125001038System

DROP UDP TROJAN BartCrypt Payment DNS Query to.onion proxy
Domain (s3clm4lufbmfhmeb)

This rule drops TROJAN BartCrypt Payment DNS Queryto.onion proxy Domain using
UDP (s3clm4lufbmfhmeb)

Enabled by defaultEvents per second (default = 1)

125001039

System

DROP TCP TROJAN BartCrypt Payment DNS Query to.onion proxy
Domain (s3clm4lufbmfhmeb)

This rule drops TROJAN BartCrypt Payment DNS Queryto.onion proxy Domain using
TCP (s3clm4lufbmfhmeb)

Enabled by defaultEvents per second (default = 1)
125001040System

DROP UDP TROJAN ABUSE.CH Ransomware Domain Detected
(Locky C2) (fpashgkepwtoqdjg)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected (Locky C2) using UDP (fpashgkepwtoqdjg)

Enabled by defaultEvents per second (default = 1)
125001041System

DROP TCP TROJAN ABUSE.CH Ransomware Domain Detected
(Locky C2) (fpashgkepwtoqdjg)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected (Locky C2) using TCP (fpashgkepwtoqdjg)

Enabled by defaultEvents per second (default = 1)
125001042System

DROP UDP TROJAN ABUSE.CH Ransomware Domain Detected
(TorrentLocker C2) (vrympoqs5ra34nfo)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected (TorrentLocker C2) using UDP
(vrympoqs5ra34nfo)

Enabled by defaultEvents per second (default = 1)
125001043System

DROP TCP TROJAN ABUSE.CH Ransomware Domain Detected
(TorrentLocker C2) (vrympoqs5ra34nfo)

This rule drops TROJAN ABUSE.CH Ransomware
Domain Detected (TorrentLocker C2) using TCP
(vrympoqs5ra34nfo)

Enabled by defaultEvents per second (default = 1)
125001044System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.q DNS UDP
Lookup (bastebirk.com)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.q DNS

Lookup using UDP (bastebirk.com)

Enabled by defaultEvents per second (default = 1)
125001045System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.q DNS TCP
Lookup (bastebirk.com)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.q DNS

Lookup using TCP (bastebirk.com)

Enabled by defaultEvents per second (default = 1)
125001046System

DROP UDP TROJAN Likely APT28 DNS UDP
Lookup
(worldpostjournal.com)

This rule drops TROJAN Likely
APT28 DNS Lookup using UDP
(worldpostjournal.com)

Enabled by defaultEvents per second (default = 1)
125001047System

DROP TCP TROJAN Likely APT28 DNS TCP

Lookup (worldpostjournal.com)

This rule drops TROJAN Likely APT28 DNS Lookup using TCP (worldpostjournal.com)

Enabled by defaultEvents per second (default = 1)
125001048System

DROP UDP TROJAN Possible Remcos/Remvio DNS UDP

Lookup (maxsen.ddns.net)

This rule drops TROJAN Possible Remcos/Remvio DNS
Lookup using UDP (maxsen.ddns.net)

Enabled by defaultEvents per second (default = 1)
125001049System

DROP TCP TROJAN Possible
Remcos/Remvio DNS TCP

Lookup (maxsen.ddns.net)

This rule drops TROJAN Possible Remcos/Remvio DNS
Lookup using TCP (maxsen.ddns.net)

Enabled by defaultEvents per second (default = 1)
125001050System

DROP UDP TROJAN Possible
Remcos/Remvio DNS UDP

Lookup (maxten.serveftp.com)

This rule drops TROJAN Possible Remcos/Remvio DNS
Lookup using UDP (maxten.serveftp.com)

Enabled by defaultEvents per second (default = 1)
125001051System

DROP TCP TROJAN Possible Remcos/Remvio DNS TCP

Lookup (maxten.serveftp.com)

This rule drops TROJAN Possible Remcos/Remvio DNS
Lookup using TCP (maxten.serveftp.com)

Enabled by defaultEvents per second (default = 1)

125001052

System

DROP UDP TROJAN Possible
Remcos/Remvio DNS UDP

Lookup (maxxven.serveftp.com)

This rule drops TROJAN Possible Remcos/Remvio DNS
Lookup using UDP (maxxven.serveftp.com)

Enabled by defaultEvents per second (default = 1)
125001053System

DROP TCP TROJAN Possible
Remcos/Remvio DNS TCP

Lookup (maxxven.serveftp.com)

This rule drops TROJAN Possible Remcos/Remvio DNS
Lookup using TCP (maxxven.serveftp.com)

Enabled by defaultEvents per second (default = 1)
125001054System

DROP UDP TROJAN Win32/Agent.XTP.onion Proxy Domain (7bmbjgr4kufcslej)

This rule drops TROJAN Win32/Agent.XTP .onion Proxy Domain

Lookup using UDP (7bmbjgr4kufcslej)

Enabled by defaultEvents per second (default = 1)
125001055System

DROP TCP TROJAN Win32/Agent.XTP
.onion Proxy Domain (7bmbjgr4kufcslej)

This rule drops TROJAN Win32/Agent.XTP .onion Proxy
Domain Lookup using TCP (7bmbjgr4kufcslej)

Enabled by defaultEvents per second (default = 1)
125001056System

DROP UDP TROJAN Ransomware Locky.onion Payment Domain
(f5xraa2y2ybtrefz)

This rule drops TROJAN Ransomware Locky .onion
Payment

Domain using UDP (f5xraa2y2ybtrefz

Enabled by defaultEvents per second (default = 1)
125001057System

DROP TCP TROJAN Ransomware Locky
.onion Payment Domain (f5xraa2y2ybtrefz)

This rule drops TROJAN Ransomware Locky .onion
Payment Domain using TCP (f5xraa2y2ybtrefz)

Enabled by defaultEvents per second (default = 1)
125001058System

DROP UDP WEB_SERVER DNS
Query for Suspicious 33db9538.com Domain- Anuna Checkin -Compromised PHP Site

This rule drops WEB_SERVER DNS Query for Suspicious 33db9538.com Domain - Anuna Checkin - Compromised PHP Site using UDP

Enabled by defaultEvents per second (default = 1)
125001059System

DROP TCP WEB_SERVER DNS Query for Suspicious 33db9538.com Domain
- Anuna Checkin -Compromised PHP Site

This rule drops WEB_SERVER DNS Query for Suspicious 33db9538.com Domain - Anuna Checkin - Compromised PHP Site using TCP

Enabled by defaultEvents per second (default = 1)
125001060System

DROP UDP WEB_SERVER DNS
Query for Suspicious 9507c4e8.com Domain- Anuna Checkin -Compromised PHP Site

This rule drops WEB_SERVER DNS Query for Suspicious 9507c4e8.com Domain -Anuna Checkin - Compromised PHP Site using UDP

Enabled by defaultEvents per second (default = 1)
125001061System

DROP TCP WEB_SERVER DNS Query for Suspicious 9507c4e8.com Domain
- Anuna Checkin -Compromised PHP Site

This rule drops WEB_SERVER DNS Query for Suspicious 9507c4e8.com Domain - Anuna Checkin - Compromised PHP Site using TCP

Enabled by defaultEvents per second (default = 1)
125001062System

DROP UDP WEB_SERVER DNS
Query for Suspicious e5b57288.com Domain- Anuna Checkin -Compromised PHP Site

This rule drops WEB_SERVER DNS Query for Suspicious e5b57288.com Domain - Anuna Checkin - Compromised PHP Site using UDP

Enabled by defaultEvents per second (default = 1)
125001063System

DROP TCP WEB_SERVER DNS Query for Suspicious e5b57288.com Domain
- Anuna Checkin - Compromised PHP Site

This rule drops WEB_SERVER DNS Query for Suspicious e5b57288.com Domain -
Anuna Checkin - Compromised
PHP Site using TCP

Enabled by defaultEvents per second (default = 1)

125001064

System

DROP UDP WEB_SERVER DNS
Query for Suspicious 54dfa1cb.com Domain -Anuna Checkin -Compromised PHP Site

This rule drops WEB_SERVER DNS Query for Suspicious 54dfa1cb.com Domain - Anuna Checkin - Compromised PHP Site using UDP

Enabled by defaultEvents per second (default = 1)
125001065System

DROP TCP WEB_SERVER DNS Query for Suspicious 54dfa1cb.com Domain -
Anuna Checkin - Compromised PHP Site

This rule drops WEB_SERVER DNS Query for Suspicious 54dfa1cb.com Domain - Anuna Checkin - Compromised PHP Site using TCP

Enabled by defaultEvents per second (default = 1)
125001066System

DROP UDP MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.p DNS UDP
Lookup (int-estate.eu)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.p DNS

Lookup using UDP (int-estate.eu)

Enabled by defaultEvents per second (default = 1)
125001067System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.p DNS TCP
Lookup (int-estate.eu)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher.p DNS

Lookup using TCP (int-estate.eu)

Enabled by defaultEvents per second (default = 1)
125001068System

DROP UDP TROJAN APT28 XAgent DNS UDP
Lookup (officeupdater.com))

This rule drops TROJAN APT28 XAgent DNS Lookup using UDP (officeupdater.com)

Enabled by defaultEvents per second (default = 1)
125001069System

DROP TCP TROJAN APT28 XAgent DNS TCP
Lookup (officeupdater.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using TCP (officeupdater.com)

Enabled by defaultEvents per second (default = 1)
125001070System

DROP UDP TROJAN APT28 XAgent DNS UDP
Lookup (windowsxupdate.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using UDP (windowsxupdate.com)

Enabled by defaultEvents per second (default = 1)
125001071System

DROP TCP TROJAN APT28 XAgent DNS TCP
Lookup (windowsxupdate.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using TCP (windowsxupdate.com)

Enabled by defaultEvents per second (default = 1)
125001072System

DROP UDP TROJAN Zbot!CI .onion Proxy
Domain (qf7ck3kj3nps4n3n)

This rule drops TROJAN Zbot!CI.onion Proxy Domain

Lookup using UDP (qf7ck3kj3nps4n3n)

Enabled by defaultEvents per second (default = 1)
125001073System

DROP TCP TROJAN Zbot!CI .onion Proxy
Domain (qf7ck3kj3nps4n3n)

This rule drops TROJAN Zbot!CI.onion Proxy Domain

Lookup using TCP (qf7ck3kj3nps4n3n)

Enabled by defaultEvents per second (default = 1)
125001074System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (bigestcity.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (bigestcity.com)

Enabled by defaultEvents per second (default = 1)
125001075System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (bigestcity.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (bigestcity.com)

Enabled by defaultEvents per second (default = 1)
125001076System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (commingtoday.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (commingtoday.net)

Enabled by defaultEvents per second (default = 1)
125001077System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (commingtoday.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (commingtoday.net)

Enabled by defaultEvents per second (default = 1)

125001078

System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (blowjek.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (blowjek.org)

Enabled by defaultEvents per second (default = 1)
125001079System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (blowjek.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (blowjek.org)

Enabled by defaultEvents per second (default = 1)
125001080System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (hoecred.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (hoecred.com)

Enabled by defaultEvents per second (default = 1)
125001081System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (hoecred.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (hoecred.com)

Enabled by defaultEvents per second (default = 1)
125001082System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker
C2) (kolergt.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (kolergt.net)

Enabled by defaultEvents per second (default = 1)
125001083System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (kolergt.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (kolergt.net)

Enabled by defaultEvents per second (default = 1)
125001084System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (oneklick.biz)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (oneklick.biz)

Enabled by defaultEvents per second (default = 1)
125001085System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (oneklick.biz)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (oneklick.biz)

Enabled by defaultEvents per second (default = 1)
125001086System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (gostavs.biz)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (gostavs.biz)

Enabled by defaultEvents per second (default = 1)
125001087System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (gostavs.biz)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (gostavs.biz)

Enabled by defaultEvents per second (default = 1)
125001088System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (artsteb.com)

This rule drops TROJAN Ransomware Domain Detected (TorrentLocker C2) using UDP (artsteb.com)

Enabled by defaultEvents per second (default = 1)
125001089System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (artsteb.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (artsteb.com)

Enabled by defaultEvents per second (default = 1)
125001090System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (miobrand.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (miobrand.net)

Enabled by defaultEvents per second (default = 1)
125001091System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (miobrand.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (miobrand.net)

Enabled by defaultEvents per second (default = 1)
125001092System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (borndorn.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (borndorn.net)

Enabled by defaultEvents per second (default = 1)
125001093System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (borndorn.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (borndorn.net)

Enabled by defaultEvents per second (default = 1)

125001094

System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (pozocejuca.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (pozocejuca.org)

Enabled by defaultEvents per second (default = 1)
125001095System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (pozocejuca.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (pozocejuca.org)

Enabled by defaultEvents per second (default = 1)
125001096System

DROP UDP TROJAN
APT28 Stage1 Uploader
DNS UDP Lookup
(dowssys.com)

This rule drops TROJAN APT28
Stage1 Uploader DNS Lookup
using UDP (dowssys.com)

Enabled by defaultEvents per second (default = 1)
125001097System

DROP TCP TROJAN
APT28 Stage1 Uploader
DNS TCP Lookup
(dowssys.com)

This rule drops TROJAN APT28
Stage1 Uploader DNS Lookup
using TCP (dowssys.com)

Enabled by defaultEvents per second (default = 1)
125001098System

DROP UDP TROJAN
APT28 Stage1 Uploader
DNS UDP Lookup
(windystem.com)

This rule drops TROJAN APT28
Stage1 Uploader DNS Lookup
using UDP (windystem.com)

Enabled by defaultEvents per second (default = 1)
125001099System

DROP TCP TROJAN
APT28 Stage1 Uploader
DNS TCP Lookup
(windystem.com)

This rule drops TROJAN APT28 Stage1 Uploader DNS

Lookup using TCP (windystem.com)

Enabled by defaultEvents per second (default = 1)
125001100System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (jetfrost.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (jetfrost.com)

Enabled by defaultEvents per second (default = 1)
125001101System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (jetfrost.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (jetfrost.com)

Enabled by defaultEvents per second (default = 1)
125001102System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (lubcebupip.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (lubcebupip.com)

Enabled by defaultEvents per second (default = 1)
125001103System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (lubcebupip.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (lubcebupip.com)

Enabled by defaultEvents per second (default = 1)
125001104System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (pinkdragons.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (pinkdragons.net)

Enabled by defaultEvents per second (default = 1)
125001105System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (pinkdragons.net)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (pinkdragons.net)

Enabled by defaultEvents per second (default = 1)
125001106System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (fregset.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (fregset.com)

Enabled by defaultEvents per second (default = 1)
125001107System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (fregset.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (fregset.com)

Enabled by defaultEvents per second (default = 1)
125001108System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (leckagraz.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (leckagraz.com)

Enabled by defaultEvents per second (default = 1)
125001109System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (leckagraz.com)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (leckagraz.com)

Enabled by defaultEvents per second (default = 1)

125001110

System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (knakclak.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (knakclak.org)

Enabled by defaultEvents per second (default = 1)
125001111System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (knakclak.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (knakclak.org)

Enabled by defaultEvents per second (default = 1)
125001112System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (giondow.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (giondow.org)

Enabled by defaultEvents per second (default = 1)
125001113System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (giondow.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (giondow.org)

Enabled by defaultEvents per second (default = 1)
125001116System

DROP UDP TROJAN
ABUSE.CH TorrenLocker
Payment Domain
Detected
(4w5wihkwyhsav2ha)

This rule drops TROJAN ABUSE.CH TorrenLocker
Payment Domain Detected using UDP
(4w5wihkwyhsav2ha)

Enabled by defaultEvents per second (default = 1)
125001117System

DROP TCP TROJAN
ABUSE.CH TorrenLocker
Payment Domain
Detected
(4w5wihkwyhsav2ha)

This rule drops TROJAN ABUSE.CH TorrenLocker
Payment Domain Detected using TCP
(4w5wihkwyhsav2ha)

Enabled by defaultEvents per second (default = 1)
125001118System

DROP UDP TROJAN
ABUSE.CH TorrenLocker
Payment Domain
Detected
(anbqjdoyw6wkmpeu)

This rule drops TROJAN ABUSE.CH TorrenLocker
Payment Domain Detected using UDP
(anbqjdoyw6wkmpeu)

Enabled by defaultEvents per second (default = 1)
125001119System

DROP TCP TROJAN
ABUSE.CH TorrenLocker
Payment Domain
Detected
(anbqjdoyw6wkmpeu)

This rule drops TROJAN ABUSE.CH TorrenLocker
Payment Domain Detected using TCP (anbqjdoyw6wkmpeu)

Enabled by defaultEvents per second (default = 1)
125001120System

DROP UDP TROJAN
ABUSE.CH Locky
Payment Domain
Detected
(jhomitevd2abj3fk)

This rule drops TROJAN ABUSE.CH Locky Payment Domain Detected using UDP (jhomitevd2abj3fk)

Enabled by defaultEvents per second (default = 1)
125001121System

DROP TCP TROJAN
ABUSE.CH Locky
Payment Domain
Detected
(jhomitevd2abj3fk)

This rule drops TROJAN ABUSE.CH Locky Payment Domain Detected using TCP
(jhomitevd2abj3fk)

Enabled by defaultEvents per second (default = 1)
125001122System

DROP UDP TROJAN
CryptoWall/TeslaCrypt
Payment Domain
(aterdunst.com)

This rule drops TROJAN CryptoWall/TeslaCrypt
Payment Domain using UDP (aterdunst.com)

Enabled by defaultEvents per second (default = 1)
125001123System

DROP TCP TROJAN
CryptoWall/TeslaCrypt
Payment Domain
(aterdunst.com)

This rule drops TROJAN CryptoWall/TeslaCrypt
Payment Domain using TCP (aterdunst.com)

Enabled by defaultEvents per second (default = 1)
125001124System

DROP UDP TROJAN
CryptoWall/TeslaCrypt
Payment Domain
(bonmawp.at)

This rule drops TROJAN CryptoWall/TeslaCrypt
Payment Domain using UDP (bonmawp.at)

Enabled by defaultEvents per second (default = 1)
125001125System

DROP TCP TROJAN
CryptoWall/TeslaCrypt
Payment Domain
(bonmawp.at)

This rule drops TROJAN CryptoWall/TeslaCrypt
Payment Domain using TCP (bonmawp.at)

Enabled by defaultEvents per second (default = 1)
125001126System

DROP UDP TROJAN
CryptoWall/TeslaCrypt
Payment Domain
(wallymac.com)

This rule drops TROJAN CryptoWall/TeslaCrypt
Payment Domain using UDP (wallymac.com)

Enabled by defaultEvents per second (default = 1)

125001127

System

DROP TCP TROJAN
CryptoWall/TeslaCrypt
Payment Domain
(wallymac.com)

This rule drops TROJAN CryptoWall/TeslaCrypt
Payment Domain using TCP (wallymac.com)

Enabled by defaultEvents per second (default = 1)
125001128System

DROP UDP EXPLOIT
BIND9 msg->reserved
Assertion DoS Packet
Inbound

This rule drops EXPLOIT BIND9 msg->reserved Assertion DoS Packet Inbound using UDP

Enabled by defaultEvents per second (default = 1)
125001129System

DROP TCP EXPLOIT
BIND9 msg->reserved
Assertion DoS Packet
Inbound

This rule drops EXPLOIT BIND9 msg->reserved Assertion DoS Packet Inbound using TCP

Enabled by defaultEvents per second (default = 1)
125001130System

DROP UDP
MOBILE_MALWARE
Backdoor.AndroidOS.Ri
ttew.a DNS UDP Lookup
(dvosower.ru)

This rule drops MOBILE_MALWARE Backdoor.AndroidOS.Rittew.a DNS Lookup using UDP (dvosower.ru)

Enabled by defaultEvents per second (default = 1)
125001131System

DROP TCP
MOBILE_MALWARE
Backdoor.AndroidOS.Ri
ttew.a DNS TCP Lookup
(dvosower.ru)

This rule drops MOBILE_MALWARE Backdoor.AndroidOS.Rittew.a DNS Lookup using TCP (dvosower.ru)

Enabled by defaultEvents per second (default = 1)
125001132System

DROP UDP MOBILE_MALWARE
Backdoor.AndroidOS.Ri ttew.a DNS UDP Lookup (5vekta.ru)

This rule drops MOBILE_MALWARE Backdoor.AndroidOS.Rittew.a DNS Lookup using UDP (5vekta.ru)

Enabled by defaultEvents per second (default = 1)
125001133System

DROP TCP MOBILE_MALWARE Backdoor.AndroidOS.Ri ttew.a DNS TCP Lookup (5vekta.ru)

This rule drops MOBILE_MALWARE
Backdoor.AndroidOS.Rittew.a DNS Lookup using TCP (5vekta.ru)

Enabled by defaultEvents per second (default = 1)
125001134System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher DNS UDP Lookup (erotical4all.org)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Mar cher DNS Lookup using UDP (erotical4all.org)

Enabled by defaultEvents per second (default = 1)
125001135System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher DNS TCP Lookup (erotical4all.org)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Mar cher DNS Lookup using TCP (erotical4all.org)

Enabled by defaultEvents per second (default = 1)
125001136System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.pac DNS UDP Lookup (sdfsdfy57nn.ru)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar cher.pac DNS Lookup using UDP (sdfsdfy57nn.ru)

Enabled by defaultEvents per second (default = 1)
125001137System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.pac DNS TCP Lookup (sdfsdfy57nn.ru)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Mar cher.pac DNS Lookup using
TCP (sdfsdfy57nn.ru)

Enabled by defaultEvents per second (default = 1)
125001138System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.q DNS UDP Lookup (propsyours.com)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar cher.q DNS Lookup using UDP (propsyours.com)

Enabled by defaultEvents per second (default = 1)
125001139System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher.q DNS TCP Lookup (propsyours.com)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Mar cher.q DNS Lookup using TCP (propsyours.com)

Enabled by defaultEvents per second (default = 1)

125001140

System

DROP UDP TROJAN APT28 XAgent DNS UDP Lookup (akamaichecker.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using UDP (akamaichecker.com)

Enabled by defaultEvents per second (default = 1)
125001141System

DROP TCP TROJAN APT28 XAgent DNS TCP Lookup (akamaichecker.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using TCP (akamaichecker.com)

Enabled by defaultEvents per second (default = 1)
125001142System

DROP UDP TROJAN Ransomware Domain Detected (TorrentLocker C2) (ordest.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using UDP (ordest.org)

Enabled by defaultEvents per second (default = 1)
125001143System

DROP TCP TROJAN Ransomware Domain Detected (TorrentLocker C2) (ordest.org)

This rule drops TROJAN Ransomware Domain
Detected (TorrentLocker C2) using TCP (ordest.org)

Enabled by defaultEvents per second (default = 1)
125001144System

DROP UDP TROJAN DNS Query to Cerber Domain (u2r7tm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (u2r7tm.bid)

Enabled by defaultEvents per second (default = 1)
125001145System

DROP TCP TROJAN DNS Query to Cerber Domain (u2r7tm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (u2r7tm.bid)

Enabled by defaultEvents per second (default = 1)
125001146System

DROP UDP TROJAN DNS Query to Cerber Domain (gvoafg.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (gvoafg.bid)

Enabled by defaultEvents per second (default = 1)
125001147System

DROP TCP TROJAN DNS Query to Cerber Domain (gvoafg.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (gvoafg.bid)

Enabled by defaultEvents per second (default = 1)
125001148System

DROP UDP TROJAN DNS Query to Cerber Domain (zbj2kc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zbj2kc.bid)

Enabled by defaultEvents per second (default = 1)
125001149System

DROP TCP TROJAN DNS Query to Cerber Domain (zbj2kc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zbj2kc.bid)

Enabled by defaultEvents per second (default = 1)
125001150System

DROP UDP TROJAN DNS Query to Cerber Domain (2y4t6f.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (2y4t6f.bid)

Enabled by defaultEvents per second (default = 1)
125001151System

DROP TCP TROJAN DNS Query to Cerber Domain (2y4t6f.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (2y4t6f.bid)

Enabled by defaultEvents per second (default = 1)
125001152System

DROP UDP TROJAN DNS Query to Cerber Domain (w6sj06.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (w6sj06.bid)

Enabled by defaultEvents per second (default = 1)
125001153System

DROP TCP TROJAN DNS Query to Cerber Domain (w6sj06.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (w6sj06.bid)

Enabled by defaultEvents per second (default = 1)
125001154System

DROP UDP TROJAN DNS Query to Cerber Domain (8zi4pf.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (8zi4pf.bid)

Enabled by defaultEvents per second (default = 1)
125001155System

DROP TCP TROJAN DNS Query to Cerber Domain (8zi4pf.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (8zi4pf.bid)

Enabled by defaultEvents per second (default = 1)
125001156System

DROP UDP TROJAN DNS Query to Cerber Domain (tauunm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (tauunm.bid)

Enabled by defaultEvents per second (default = 1)
125001157System

DROP TCP TROJAN DNS Query to Cerber Domain (tauunm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (tauunm.bid)

Enabled by defaultEvents per second (default = 1)
125001158System

DROP UDP TROJAN DNS Query to Cerber Domain (56185u.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (56185u.top)

Enabled by defaultEvents per second (default = 1)

125001159

System

DROP TCP TROJAN DNS Query to Cerber Domain (56185u.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (56185u.top)

Enabled by defaultEvents per second (default = 1)
125001160System

DROP UDP TROJAN DNS Query to Cerber Domain (vmotsf.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (vmotsf.bid)

Enabled by defaultEvents per second (default = 1)
125001161System

DROP TCP TROJAN DNS Query to Cerber Domain (vmotsf.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (vmotsf.bid)

Enabled by defaultEvents per second (default = 1)
125001162System

DROP UDP TROJAN DNS Query to Cerber Domain (drawsif.loan)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (drawsif.loan)

Enabled by defaultEvents per second (default = 1)
125001163System

DROP TCP TROJAN DNS Query to Cerber Domain (drawsif.loan)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (drawsif.loan)

Enabled by defaultEvents per second (default = 1)
125001164System

DROP UDP TROJAN DNS Query to Cerber Domain (bipnnp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (bipnnp.bid)

Enabled by defaultEvents per second (default = 1)
125001165System

DROP TCP TROJAN DNS Query to Cerber Domain (bipnnp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (bipnnp.bid)

Enabled by defaultEvents per second (default = 1)
125001166System

DROP UDP TROJAN DNS Query to Cerber Domain (y12acl.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (y12acl.bid)

Enabled by defaultEvents per second (default = 1)
125001167System

DROP TCP TROJAN DNS Query to Cerber Domain (y12acl.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (y12acl.bid)

Enabled by defaultEvents per second (default = 1)
125001168System

DROP UDP TROJAN DNS Query to Cerber Domain (whomate.red)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (whomate.red)

Enabled by defaultEvents per second (default = 1)
125001169System

DROP TCP TROJAN DNS Query to Cerber Domain (whomate.red)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (whomate.red)

Enabled by defaultEvents per second (default = 1)
125001170System

DROP UDP TROJAN DNS Query to Cerber Domain (samesizes.asia)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (samesizes.asia)

Enabled by defaultEvents per second (default = 1)
125001171System

DROP TCP TROJAN DNS Query to Cerber Domain (samesizes.asia)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (samesizes.asia)

Enabled by defaultEvents per second (default = 1)
125001172System

DROP UDP TROJAN DNS Query to Cerber Domain (outpolicy.men)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (outpolicy.men)

Enabled by defaultEvents per second (default = 1)
125001173System

DROP TCP TROJAN DNS Query to Cerber Domain (outpolicy.men)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (outpolicy.men)

Enabled by defaultEvents per second (default = 1)
125001174System

DROP UDP TROJAN DNS Query to Cerber Domain (easyits.black)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (easyits.black)

Enabled by defaultEvents per second (default = 1)
125001175System

DROP TCP TROJAN DNS Query to Cerber Domain (easyits.black)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (easyits.black)

Enabled by defaultEvents per second (default = 1)
125001176System

DROP UDP TROJAN DNS Query to Cerber Domain (5ctoeb.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (5ctoeb.bid)

Enabled by defaultEvents per second (default = 1)
125001177System

DROP TCP TROJAN DNS Query to Cerber Domain (5ctoeb.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (5ctoeb.bid)

Enabled by defaultEvents per second (default = 1)
125001178System

DROP UDP TROJAN DNS Query to Cerber Domain (g948g1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (g948g1.bid)

Enabled by defaultEvents per second (default = 1)
125001179System

DROP TCP TROJAN DNS Query to Cerber Domain (g948g1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (g948g1.bid)

Enabled by defaultEvents per second (default = 1)
125001180System

DROP UDP TROJAN DNS Query to Cerber Domain (rexjyp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (rexjyp.bid)

Enabled by defaultEvents per second (default = 1)
125001181System

DROP TCP TROJAN DNS Query to Cerber Domain (rexjyp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (rexjyp.bid)

Enabled by defaultEvents per second (default = 1)
125001182System

DROP UDP TROJAN DNS Query to Cerber Domain (fx4wz2.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (fx4wz2.top)

Enabled by defaultEvents per second (default = 1)
125001183System

DROP TCP TROJAN DNS Query to Cerber Domain (fx4wz2.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (fx4wz2.top)

Enabled by defaultEvents per second (default = 1)
125001184System

DROP UDP MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher DNS UDP
Lookup (curlyhair.at)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(curlyhair.at)

Enabled by defaultEvents per second (default = 1)
125001185System

DROP TCP MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher DNS TCP
Lookup (curlyhair.at)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(curlyhair.at)

Enabled by defaultEvents per second (default = 1)
125001186System

DROP UDP MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher DNS UDP
Lookup (securitybitches3.at)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(securitybitches3.at)

Enabled by defaultEvents per second (default = 1)
125001187System

DROP TCP MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher DNS TCP
Lookup (securitybitches3.at)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(securitybitches3.at)

Enabled by defaultEvents per second (default = 1)
125001188System

DROP UDP MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher DNS UDP
Lookup (ausrusot.net)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(ausrusot.net)

Enabled by defaultEvents per second (default = 1)
125001189System

DROP TCP MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher DNS TCP
Lookup (ausrusot.net)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(ausrusot.net)

Enabled by defaultEvents per second (default = 1)
125001190System

DROP UDP TROJAN DNS Query to Cerber Domain (kb6051.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (kb6051.bid)

Enabled by defaultEvents per second (default = 1)
125001191System

DROP TCP TROJAN DNS Query to Cerber Domain (kb6051.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (kb6051.bid)

Enabled by defaultEvents per second (default = 1)
125001192System

DROP UDP TROJAN DNS Query to Cerber Domain (oldboxs.red)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (oldboxs.red)

Enabled by defaultEvents per second (default = 1)
125001193System

DROP TCP TROJAN DNS Query to Cerber Domain (oldboxs.red)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (oldboxs.red)

Enabled by defaultEvents per second (default = 1)
125001194System

DROP UDP TROJAN DNS Query to Cerber Domain (hhc366.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (hhc366.bid)

Enabled by defaultEvents per second (default = 1)
125001195System

DROP TCP TROJAN DNS Query to Cerber Domain (hhc366.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (hhc366.bid)

Enabled by defaultEvents per second (default = 1)
125001196System

DROP UDP TROJAN DNS Query to Cerber Domain (ev99ln.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ev99ln.bid)

Enabled by defaultEvents per second (default = 1)
125001197System

DROP TCP TROJAN DNS Query to Cerber Domain (ev99ln.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ev99ln.bid)

Enabled by defaultEvents per second (default = 1)
125001198System

DROP UDP TROJAN DNS Query to Cerber Domain (homehuge.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (homehuge.top)

Enabled by defaultEvents per second (default = 1)
125001199System

DROP TCP TROJAN DNS Query to Cerber Domain (homehuge.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (homehuge.top)

Enabled by defaultEvents per second (default = 1)
125001200System

DROP UDP TROJAN DNS Query to Cerber Domain (flowpoint.black)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (flowpoint.black)

Enabled by defaultEvents per second (default = 1)
125001201System

DROP TCP TROJAN DNS Query to Cerber Domain (flowpoint.black)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (flowpoint.black)

Enabled by defaultEvents per second (default = 1)
125001202System

DROP UDP TROJAN DNS Query to Cerber Domain (onlyprove.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (onlyprove.top)

Enabled by defaultEvents per second (default = 1)
125001203System

DROP TCP TROJAN DNS Query to Cerber Domain (onlyprove.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (onlyprove.top)

Enabled by defaultEvents per second (default = 1)
125001204System

DROP UDP TROJAN DNS Query to Cerber Domain (uwckha.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (uwckha.top)

Enabled by defaultEvents per second (default = 1)
125001205System

DROP TCP TROJAN DNS Query to Cerber Domain (uwckha.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (uwckha.top)

Enabled by defaultEvents per second (default = 1)
125001206System

DROP UDP TROJAN DNS Query to Cerber Domain (249isv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (249isv.bid)

Enabled by defaultEvents per second (default = 1)
125001207System

DROP TCP TROJAN DNS Query to Cerber Domain (249isv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (249isv.bid)

Enabled by defaultEvents per second (default = 1)
125001208System

DROP UDP TROJAN DNS Query to Cerber Domain (pfija1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (pfija1.bid)

Enabled by defaultEvents per second (default = 1)
125001209System

DROP TCP TROJAN DNS Query to Cerber Domain (pfija1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (pfija1.bid)

Enabled by defaultEvents per second (default = 1)
125001210System

DROP UDP TROJAN DNS Query to Cerber Domain (io9ygi.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (io9ygi.bid)

Enabled by defaultEvents per second (default = 1)
125001211System

DROP TCP TROJAN DNS Query to Cerber Domain (io9ygi.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (io9ygi.bid)

Enabled by defaultEvents per second (default = 1)
125001212System

DROP UDP TROJAN DNS Query to Cerber Domain (tolgens.black)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (tolgens.black)

Enabled by defaultEvents per second (default = 1)
125001213System

DROP TCP TROJAN DNS Query to Cerber Domain (tolgens.black)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (tolgens.black)

Enabled by defaultEvents per second (default = 1)
125001214SystemDROP UDP TROJAN DNS Query to Cerber Domain (wheelball.black)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (wheelball.black)

Enabled by defaultEvents per second (default = 1)
125001215System

DROP TCP TROJAN DNS Query to Cerber Domain (wheelball.black)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (wheelball.black)

Enabled by defaultEvents per second (default = 1)
125001216System

DROP UDP TROJAN DNS Query to Cerber Domain (vpsj40.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (vpsj40.top)

Enabled by defaultEvents per second (default = 1)
125001217System

DROP TCP TROJAN DNS Query to Cerber Domain (vpsj40.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (vpsj40.top)

Enabled by defaultEvents per second (default = 1)
125001218System

DROP UDP TROJAN DNS Query to Cerber Domain (yoursdoor.lol)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (yoursdoor.lol)

Enabled by defaultEvents per second (default = 1)
125001219System

DROP TCP TROJAN DNS Query to Cerber Domain (yoursdoor.lol)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (yoursdoor.lol)

Enabled by defaultEvents per second (default = 1)
125001220System

DROP UDP TROJAN DNS Query to Cerber Domain (patchmans.gdn)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (patchmans.gdn)

Enabled by defaultEvents per second (default = 1)
125001221System

DROP TCP TROJAN DNS Query to Cerber Domain (patchmans.gdn)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (patchmans.gdn)

Enabled by defaultEvents per second (default = 1)
125001222System

DROP UDP TROJAN DNS Query to Cerber Domain (065ism.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (065ism.bid)

Enabled by defaultEvents per second (default = 1)
125001223System

DROP TCP TROJAN DNS Query to Cerber Domain (065ism.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (065ism.bid)

Enabled by defaultEvents per second (default = 1)
125001224System

DROP UDP TROJAN DNS Query to Cerber Domain (getsbug.kim)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (getsbug.kim)

Enabled by defaultEvents per second (default = 1)
125001225System

DROP TCP TROJAN DNS Query to Cerber Domain (getsbug.kim)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (getsbug.kim)

Enabled by defaultEvents per second (default = 1)
125001226System

DROP UDP TROJAN DNS Query to Cerber Domain (stageend.link)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (stageend.link)

Enabled by defaultEvents per second (default = 1)
125001227System

DROP TCP TROJAN DNS Query to Cerber Domain (stageend.link)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (stageend.link)

Enabled by defaultEvents per second (default = 1)
125001228System

DROP UDP TROJAN DNS Query to Cerber Domain (hotcopies.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (hotcopies.bid)

Enabled by defaultEvents per second (default = 1)
125001229System

DROP TCP TROJAN DNS Query to Cerber Domain (hotcopies.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (hotcopies.bid)

Enabled by defaultEvents per second (default = 1)
125001230System

DROP UDP TROJAN DNS Query to Cerber Domain (2ym6om.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (2ym6om.bid)

Enabled by defaultEvents per second (default = 1)
125001231System

DROP TCP TROJAN DNS Query to Cerber Domain (2ym6om.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (2ym6om.bid)

Enabled by defaultEvents per second (default = 1)
125001232System

DROP UDP TROJAN DNS Query to Cerber Domain (06boy8.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (06boy8.bid)

Enabled by defaultEvents per second (default = 1)
125001233System

DROP TCP TROJAN DNS Query to Cerber Domain (06boy8.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (06boy8.bid)

Enabled by defaultEvents per second (default = 1)
125001234System

DROP UDP TROJAN DNS Query to Cerber Domain (zmfhjr.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zmfhjr.top)

Enabled by defaultEvents per second (default = 1)
125001235System

DROP TCP TROJAN DNS Query to Cerber Domain (zmfhjr.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zmfhjr.top)

Enabled by defaultEvents per second (default = 1)
125001236System

DROP UDP TROJAN DNS Query to Cerber Domain (holescase.pw)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (holescase.pw)

Enabled by defaultEvents per second (default = 1)
125001237System

DROP TCP TROJAN DNS Query to Cerber Domain (holescase.pw)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (holescase.pw)

Enabled by defaultEvents per second (default = 1)
125001238System

DROP UDP TROJAN DNS Query to Cerber Domain (tankplain.date)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (tankplain.date)

Enabled by defaultEvents per second (default = 1)
125001239System

DROP TCP TROJAN DNS Query to Cerber Domain (tankplain.date)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (tankplain.date)

Enabled by defaultEvents per second (default = 1)
125001240System

DROP UDP TROJAN DNS Query to Cerber Domain (n41n1a.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (n41n1a.top)

Enabled by defaultEvents per second (default = 1)
125001241System

DROP TCP TROJAN DNS Query to Cerber Domain (n41n1a.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (n41n1a.top)

Enabled by defaultEvents per second (default = 1)
125001242System

DROP UDP TROJAN DNS Query to Cerber Domain (storingus.gdn)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (storingus.gdn)

Enabled by defaultEvents per second (default = 1)
125001243System

DROP TCP TROJAN DNS Query to Cerber Domain (storingus.gdn)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (storingus.gdn)

Enabled by defaultEvents per second (default = 1)
125001244System

DROP UDP TROJAN DNS Query to Cerber Domain (piitem.in)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (piitem.in)

Enabled by defaultEvents per second (default = 1)
125001245System

DROP TCP TROJAN DNS Query to Cerber Domain (piitem.in)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (piitem.in)

Enabled by defaultEvents per second (default = 1)
125001246System

DROP UDP TROJAN DNS Query to Cerber Domain (jvrh8g.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (jvrh8g.bid)

Enabled by defaultEvents per second (default = 1)
125001247System

DROP TCP TROJAN DNS Query to Cerber Domain (jvrh8g.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (jvrh8g.bid)

Enabled by defaultEvents per second (default = 1)
125001248System

DROP UDP TROJAN DNS Query to Cerber Domain (laterugly.win)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (laterugly.win)

Enabled by defaultEvents per second (default = 1)
125001249System

DROP TCP TROJAN DNS Query to Cerber Domain (laterugly.win)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (laterugly.win)

Enabled by defaultEvents per second (default = 1)
125001250System

DROP UDP TROJAN DNS Query to Cerber Domain (eventeach.gdn)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (eventeach.gdn)

Enabled by defaultEvents per second (default = 1)
125001251System

DROP TCP TROJAN DNS Query to Cerber Domain (eventeach.gdn)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (eventeach.gdn)

Enabled by defaultEvents per second (default = 1)
125001252System

DROP UDP TROJAN DNS
Query to Cerber Domain
(gg4dgp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (gg4dgp.bid)

Enabled by defaultEvents per second (default = 1)
125001253System

DROP TCP TROJAN DNS
Query to Cerber Domain
(gg4dgp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (gg4dgp.bid)

Enabled by defaultEvents per second (default = 1)
125001254System

DROP UDP TROJAN DNS
Query to Cerber Domain
(dsv023.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (dsv023.bid)

Enabled by defaultEvents per second (default = 1)
125001255System

DROP TCP TROJAN DNS
Query to Cerber Domain
(dsv023.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (dsv023.bid)

Enabled by defaultEvents per second (default = 1)
125001256System

DROP UDP TROJAN DNS
Query to Cerber Domain
(uwckha.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (uwckha.bid)

Enabled by defaultEvents per second (default = 1)
125001257System

DROP TCP TROJAN DNS
Query to Cerber Domain
(uwckha.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (uwckha.bid)

Enabled by defaultEvents per second (default = 1)
125001258System

DROP UDP TROJAN DNS
Query to Cerber Domain
(metpast.date)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (metpast.date)

Enabled by defaultEvents per second (default = 1)
125001259System

DROP TCP TROJAN DNS
Query to Cerber Domain
(metpast.date)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (metpast.date)

Enabled by defaultEvents per second (default = 1)
125001260System

DROP UDP TROJAN DNS
Query to Cerber Domain
(phasetied.pw)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (phasetied.pw)

Enabled by defaultEvents per second (default = 1)
125001261System

DROP TCP TROJAN DNS
Query to Cerber Domain
(phasetied.pw)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (phasetied.pw)

Enabled by defaultEvents per second (default = 1)
125001262System

DROP UDP TROJAN DNS
Query to Cerber Domain
(gnuvaw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (gnuvaw.bid)

Enabled by defaultEvents per second (default = 1)
125001263System

DROP TCP TROJAN DNS
Query to Cerber Domain
(gnuvaw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (gnuvaw.bid)

Enabled by defaultEvents per second (default = 1)
125001264System

DROP UDP TROJAN DNS
Query to Cerber Domain
(shiftany.date)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (shiftany.date)

Enabled by defaultEvents per second (default = 1)
125001265System

DROP TCP TROJAN DNS
Query to Cerber Domain
(shiftany.date)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (shiftany.date)

Enabled by defaultEvents per second (default = 1)
125001266System

DROP UDP TROJAN DNS
Query to Cerber Domain
(choiceher.win)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (choiceher.win)

Enabled by defaultEvents per second (default = 1)
125001267System

DROP TCP TROJAN DNS
Query to Cerber Domain
(choiceher.win)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (choiceher.win)

Enabled by defaultEvents per second (default = 1)
125001268System

DROP UDP TROJAN DNS
Query to Cerber Domain
(9tftgh.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (9tftgh.bid)

Enabled by defaultEvents per second (default = 1)
125001269System

DROP TCP TROJAN DNS
Query to Cerber Domain
(9tftgh.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (9tftgh.bid)

Enabled by defaultEvents per second (default = 1)
125001270System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (fteykoley.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (fteykoley.org)

Enabled by defaultEvents per second (default = 1)
125001271System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (fteykoley.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (fteykoley.org)

Enabled by defaultEvents per second (default = 1)
125001272System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (vilkset.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (vilkset.net)

Enabled by defaultEvents per second (default = 1)
125001273System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (vilkset.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (vilkset.net)

Enabled by defaultEvents per second (default = 1)
125001274System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (duitrek.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (duitrek.org)

Enabled by defaultEvents per second (default = 1)
125001275System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (duitrek.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (duitrek.org)

Enabled by defaultEvents per second (default = 1)
125001276System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ledreject.pw)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ledreject.pw)

Enabled by defaultEvents per second (default = 1)
125001277System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ledreject.pw)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ledreject.pw)

Enabled by defaultEvents per second (default = 1)
125001278System

DROP UDP TROJAN DNS
Query to Cerber Domain
(7j6htz.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (7j6htz.bid)

Enabled by defaultEvents per second (default = 1)
125001279System

DROP TCP TROJAN DNS
Query to Cerber Domain
(7j6htz.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (7j6htz.bid)

Enabled by defaultEvents per second (default = 1)
125001280System

DROP UDP TROJAN DNS
Query to Cerber Domain
(sitcalls.us)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (sitcalls.us)

Enabled by defaultEvents per second (default = 1)
125001281System

DROP TCP TROJAN DNS
Query to Cerber Domain
(sitcalls.us)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (sitcalls.us)

Enabled by defaultEvents per second (default = 1)
125001282System

DROP UDP TROJAN DNS
Query to Cerber Domain
(8a0sf6.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (8a0sf6.top)

Enabled by defaultEvents per second (default = 1)
125001283System

DROP TCP TROJAN DNS
Query to Cerber Domain
(8a0sf6.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (8a0sf6.top)

Enabled by defaultEvents per second (default = 1)
125001284System

DROP UDP TROJAN DNS
Query to Cerber Domain
(lesstree.info)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (lesstree.info)

Enabled by defaultEvents per second (default = 1)
125001285System

DROP TCP TROJAN DNS
Query to Cerber Domain
(lesstree.info)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (lesstree.info)

Enabled by defaultEvents per second (default = 1)
125001286System

DROP UDP TROJAN DNS
Query to Cerber Domain
(w0ii21.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (w0ii21.bid)

Enabled by defaultEvents per second (default = 1)
125001287System

DROP TCP TROJAN DNS
Query to Cerber Domain
(w0ii21.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (w0ii21.bid)

Enabled by defaultEvents per second (default = 1)
125001288System

DROP UDP TROJAN DNS
Query to Cerber Domain
(en3oyw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (en3oyw.bid)

Enabled by defaultEvents per second (default = 1)
125001289System

DROP TCP TROJAN DNS
Query to Cerber Domain
(en3oyw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (en3oyw.bid)

Enabled by defaultEvents per second (default = 1)
125001290System

DROP UDP TROJAN DNS
Query to Cerber Domain
(apreserve.asia)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (apreserve.asia)

Enabled by defaultEvents per second (default = 1)
125001291System

DROP TCP TROJAN DNS
Query to Cerber Domain
(apreserve.asia)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (apreserve.asia)

Enabled by defaultEvents per second (default = 1)
125001292System

DROP UDP TROJAN DNS
Query to Cerber Domain
(t01jw0.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (t01jw0.bid)

Enabled by defaultEvents per second (default = 1)
125001293System

DROP TCP TROJAN DNS
Query to Cerber Domain
(t01jw0.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (t01jw0.bid)

Enabled by defaultEvents per second (default = 1)
125001294System

DROP UDP TROJAN DNS
Query to Cerber Domain
(xvstbw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (xvstbw.bid)

Enabled by defaultEvents per second (default = 1)
125001295System

DROP TCP TROJAN DNS
Query to Cerber Domain
(xvstbw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (xvstbw.bid)

Enabled by defaultEvents per second (default = 1)
125001296System

DROP UDP
MOBILE_MALWARE
AndroRAT Bitter DNS
UDP Lookup
(info2t.com)

This rule drops
MOBILE_MALWARE AndroRAT
Bitter DNS Lookup using UDP
(info2t.com)

Enabled by defaultEvents per second (default = 1)
125001297System

DROP TCP
MOBILE_MALWARE
AndroRAT Bitter DNS
UDP Lookup
(info2t.com)

This rule drops
MOBILE_MALWARE AndroRAT
Bitter DNS Lookup using TCP
(info2t.com)

Enabled by defaultEvents per second (default = 1)
125001298System

DROP UDP TROJAN
APT28 DealersChoice.B
DNS UDP Lookup
(appexsrv.net)

This rule drops TROJAN APT28
DealersChoice.B DNS Lookup
using UDP (appexsrv.net)

Enabled by defaultEvents per second (default = 1)
125001299System

DROP TCP TROJAN
APT28 DealersChoice.B
DNS TCP Lookup
(appexsrv.net)

This rule drops TROJAN APT28
DealersChoice.B DNS Lookup
using TCP (appexsrv.net)

Enabled by defaultEvents per second (default = 1)
125001300System

DROP UDP TROJAN
Observed AgentTesla
Domain Request
(agenttesla.com)

This rule drops TROJAN
Observed AgentTesla Domain
Request using UDP
(agenttesla.com)

Enabled by defaultEvents per second (default = 1)
125001301System

DROP TCP TROJAN
Observed AgentTesla
Domain Request
(agenttesla.com)

This rule drops TROJAN
Observed AgentTesla Domain
Request using TCP
(agenttesla.com)

Enabled by defaultEvents per second (default = 1)
125001302System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(microsoftsupp.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(microsoftsupp.com)

Enabled by defaultEvents per second (default = 1)
125001303System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(microsoftsupp.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(microsoftsupp.com)

Enabled by defaultEvents per second (default = 1)
125001304System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(aljazeera-news.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(aljazeera-news.com)

Enabled by defaultEvents per second (default = 1)
125001305System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(aljazeera-news.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(aljazeera-news.com)

Enabled by defaultEvents per second (default = 1)
125001306System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(ausameetings.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(ausameetings.com)

Enabled by defaultEvents per second (default = 1)
125001307System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(ausameetings.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(ausameetings.com)

Enabled by defaultEvents per second (default = 1)
125001308System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup (bbc-press.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (bbc-press.org)

Enabled by defaultEvents per second (default = 1)
125001309System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup (bbc-press.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (bbc-press.org)

Enabled by defaultEvents per second (default = 1)
125001310System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup (cnnpolitics.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (cnnpolitics.eu)

Enabled by defaultEvents per second (default = 1)
125001311System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup (cnnpolitics.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (cnnpolitics.eu)

Enabled by defaultEvents per second (default = 1)
125001312System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(dailyforeignnews.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(dailyforeignnews.com)

Enabled by defaultEvents per second (default = 1)
125001313System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(dailyforeignnews.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(dailyforeignnews.com)

Enabled by defaultEvents per second (default = 1)
125001314System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(dailypoliticsnews.com
)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(dailypoliticsnews.com)

Enabled by defaultEvents per second (default = 1)
125001315System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(dailypoliticsnews.com
)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(dailypoliticsnews.com)

Enabled by defaultEvents per second (default = 1)
125001316System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup (defenceiq.us)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (defenceiq.us)

Enabled by defaultEvents per second (default = 1)
125001317System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup (defenceiq.us)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (defenceiq.us)

Enabled by defaultEvents per second (default = 1)
125001318System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(defencereview.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (defencereview.eu)

Enabled by defaultEvents per second (default = 1)
125001319System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(defencereview.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (defencereview.eu)

Enabled by defaultEvents per second (default = 1)
125001320System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(diplomatnews.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (diplomatnews.org)

Enabled by defaultEvents per second (default = 1)
125001321System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(diplomatnews.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (diplomatnews.org)

Enabled by defaultEvents per second (default = 1)
125001322System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(euronews24.info)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (euronews24.info)

Enabled by defaultEvents per second (default = 1)
125001323System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(euronews24.info)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (euronews24.info)

Enabled by defaultEvents per second (default = 1)
125001324System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(euroreport24.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (euroreport24.com)

Enabled by defaultEvents per second (default = 1)
125001325System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(euroreport24.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (euroreport24.com)

Enabled by defaultEvents per second (default = 1)
125001326System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup (kg-news.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (kg-news.org)

Enabled by defaultEvents per second (default = 1)
125001327System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup (kg-news.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (kg-news.org)

Enabled by defaultEvents per second (default = 1)
125001328System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(military-info.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (military-info.eu)

Enabled by defaultEvents per second (default = 1)
125001329System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(military-info.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (military-info.eu)

Enabled by defaultEvents per second (default = 1)
125001330System

DROP UDP TROJAN
APT28/Sednit DNS UDP
Lookup
(militaryadviser.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(militaryadviser.org)

Enabled by defaultEvents per second (default = 1)
125001331System

DROP TCP TROJAN
APT28/Sednit DNS TCP
Lookup
(militaryadviser.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (militaryadviser.org)

Enabled by defaultEvents per second (default = 1)
125001332System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (militaryobserver.net)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(militaryobserver.net)

Enabled by defaultEvents per second (default = 1)
125001333System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (militaryobserver.net)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(militaryobserver.net)

Enabled by defaultEvents per second (default = 1)
125001334System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (nato-hq.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (nato-hq.com)

Enabled by defaultEvents per second (default = 1)
125001335System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (nato-hq.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (nato-hq.com)

Enabled by defaultEvents per second (default = 1)
125001336System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (nato-news.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (nato-news.com)

Enabled by defaultEvents per second (default = 1)
125001337System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (nato-news.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (nato-news.com)

Enabled by defaultEvents per second (default = 1)
125001338System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (natoint.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (natoint.com)

Enabled by defaultEvents per second (default = 1)
125001339System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (natoint.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (natoint.com)

Enabled by defaultEvents per second (default = 1)
125001340System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (natopress.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (natopress.com)

Enabled by defaultEvents per second (default = 1)
125001341System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (natopress.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (natopress.com)

Enabled by defaultEvents per second (default = 1)
125001342System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (osce-info.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (osce-info.com)

Enabled by defaultEvents per second (default = 1)
125001343System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (osce-info.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (osce-info.com)

Enabled by defaultEvents per second (default = 1)
125001344System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (osce-press.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (osce-press.org)

Enabled by defaultEvents per second (default = 1)
125001345System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (osce-press.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (osce-press.org)

Enabled by defaultEvents per second (default = 1)
125001346System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (pakistan-mofa.net)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(pakistan-mofa.net)

Enabled by defaultEvents per second (default = 1)
125001347System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (pakistan-mofa.net)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (pakistan-mofa.net)

Enabled by defaultEvents per second (default = 1)
125001348System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (politicalreview.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (politicalreview.eu)

Enabled by defaultEvents per second (default = 1)
125001349System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (politicalreview.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (politicalreview.eu)

Enabled by defaultEvents per second (default = 1)
125001350System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (politicsinform.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(politicsinform.com)

Enabled by defaultEvents per second (default = 1)
125001351System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (politicsinform.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (politicsinform.com)

Enabled by defaultEvents per second (default = 1)
125001352System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (reuters-press.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (reuters-press.com)

Enabled by defaultEvents per second (default = 1)
125001353System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (reuters-press.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (reuters-press.com)

Enabled by defaultEvents per second (default = 1)
125001354System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (shurl.biz)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (shurl.biz)

Enabled by defaultEvents per second (default = 1)
125001355System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (shurl.biz)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (shurl.biz)

Enabled by defaultEvents per second (default = 1)
125001356System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (stratforglobal.net)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (stratforglobal.net)

Enabled by defaultEvents per second (default = 1)
125001357System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (stratforglobal.net)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (stratforglobal.net)

Enabled by defaultEvents per second (default = 1)
125001358System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (thediplomat-press.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(thediplomat-press.com)

Enabled by defaultEvents per second (default = 1)
125001359System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (thediplomat-press.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(thediplomat-press.com)

Enabled by defaultEvents per second (default = 1)
125001360System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (theguardiannews.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(theguardiannews.org)

Enabled by defaultEvents per second (default = 1)
125001361System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (theguardiannews.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(theguardiannews.org)

Enabled by defaultEvents per second (default = 1)
125001362System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (trend-news.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (trend-news.org)

Enabled by defaultEvents per second (default = 1)
125001363System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (trend-news.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (trend-news.org)

Enabled by defaultEvents per second (default = 1)
125001364System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (unian-news.info)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (unian-news.info)

Enabled by defaultEvents per second (default = 1)
125001365System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (unian-news.info)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (unian-news.info)

Enabled by defaultEvents per second (default = 1)
125001366System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (unitednationsnews.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(unitednationsnews.eu)

Enabled by defaultEvents per second (default = 1)
125001367System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (unitednationsnews.eu)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(unitednationsnews.eu)

Enabled by defaultEvents per second (default = 1)
125001368System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (virusdefender.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (virusdefender.org)

Enabled by defaultEvents per second (default = 1)
125001369System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (virusdefender.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (virusdefender.org)

Enabled by defaultEvents per second (default = 1)
125001370System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (worldmilitarynews.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(worldmilitarynews.org)

Enabled by defaultEvents per second (default = 1)
125001371System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (worldmilitarynews.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(worldmilitarynews.org)

Enabled by defaultEvents per second (default = 1)
125001372System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (worldpoliticsnews.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(worldpoliticsnews.org)

Enabled by defaultEvents per second (default = 1)
125001373System

DROP TCP TROJAN APT28/Sednit DNS TCP
Lookup (worldpoliticsnews.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(worldpoliticsnews.org)

Enabled by defaultEvents per second (default = 1)
125001374System

DROP UDP TROJAN APT28/Sednit DNS UDP
Lookup (capisp.com)

This rule drops TROJAN APT28/Sednit DNS Lookup
using UDP (capisp.com)

Enabled by defaultEvents per second (default = 1)
125001375System

DROP TCP TROJAN APT28/Sednit DNS TCP Lookup (capisp.com)

This rule drops TROJAN APT28/Sednit DNS Lookup
using TCP (capisp.com)

Enabled by defaultEvents per second (default = 1)
125001376System

DROP UDP TROJAN APT28/Sednit DNS UDP Lookup (dataclen.org)

This rule drops TROJAN APT28/Sednit DNS Lookup
using UDP (dataclen.org)

Enabled by defaultEvents per second (default = 1)
125001377System

DROP TCP TROJAN APT28/Sednit DNS TCP Lookup (dataclen.org)

This rule drops TROJAN APT28/Sednit DNS Lookup
using TCP (dataclen.org)

Enabled by defaultEvents per second (default = 1)
125001378System

DROP UDP TROJAN APT28/Sednit DNS UDP Lookup (mscoresvw.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (mscoresvw.com)

Enabled by defaultEvents per second (default = 1)
125001379System

DROP TCP TROJAN APT28/Sednit DNS TCP Lookup (mscoresvw.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (mscoresvw.com)

Enabled by defaultEvents per second (default = 1)
125001380System

DROP UDP TROJAN APT28/Sednit DNS UDP Lookup (windowscheckupdater.net)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP
(windowscheckupdater.net)

Enabled by defaultEvents per second (default = 1)
125001381System

DROP TCP TROJAN APT28/Sednit DNS TCP Lookup
(windowscheckupdater.net)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP
(windowscheckupdater.net)

Enabled by defaultEvents per second (default = 1)
125001382System

DROP UDP TROJAN APT28/Sednit DNS UDP Lookup (acledit.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (acledit.com)

Enabled by defaultEvents per second (default = 1)
125001383System

DROP TCP TROJAN APT28/Sednit DNS TCP Lookup (acledit.com)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (biocpl.org)

Enabled by defaultEvents per second (default = 1)
125001384System

DROP UDP TROJAN APT28/Sednit DNS UDP

Lookup (biocpl.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using UDP (biocpl.org)

Enabled by defaultEvents per second (default = 1)
125001385System

DROP TCP TROJAN APT28/Sednit DNS TCP Lookup (biocpl.org)

This rule drops TROJAN
APT28/Sednit DNS Lookup
using TCP (biocpl.org)

Enabled by defaultEvents per second (default = 1)
125001386System

DROP UDP TROJAN DNS Query to Cerber Domain (nxmu0x.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (nxmu0x.bid)

Enabled by defaultEvents per second (default = 1)
125001387System

DROP TCP TROJAN DNS Query to Cerber Domain (nxmu0x.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (nxmu0x.bid)

Enabled by defaultEvents per second (default = 1)
125001388System

DROP UDP TROJAN DNS
Query to Cerber Domain
(5r1sol.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (5r1sol.bid)

Enabled by defaultEvents per second (default = 1)
125001389System

DROP TCP TROJAN DNS
Query to Cerber Domain
(5r1sol.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (5r1sol.bid)

Enabled by defaultEvents per second (default = 1)
125001390System

DROP UDP TROJAN DNS
Query to Cerber Domain
(8hphyr.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (8hphyr.top)

Enabled by defaultEvents per second (default = 1)
125001391System

DROP TCP TROJAN DNS
Query to Cerber Domain
(8hphyr.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (8hphyr.top)

Enabled by defaultEvents per second (default = 1)
125001392System

DROP UDP TROJAN DNS
Query to Cerber Domain
(x43d02.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (x43d02.top)

Enabled by defaultEvents per second (default = 1)
125001393System

DROP TCP TROJAN DNS
Query to Cerber Domain
(x43d02.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (x43d02.top)

Enabled by defaultEvents per second (default = 1)
125001394System

DROP UDP TROJAN DNS
Query to Cerber Domain
(zmr4fn.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zmr4fn.bid)

Enabled by defaultEvents per second (default = 1)
125001395System

DROP TCP TROJAN DNS
Query to Cerber Domain
(zmr4fn.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zmr4fn.bid)

Enabled by defaultEvents per second (default = 1)
125001396System

DROP UDP TROJAN DNS
Query to Cerber Domain
(y5j7e6.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (y5j7e6.top)

Enabled by defaultEvents per second (default = 1)
125001397System

DROP TCP TROJAN DNS
Query to Cerber Domain
(y5j7e6.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (y5j7e6.top)

Enabled by defaultEvents per second (default = 1)
125001398System

DROP UDP TROJAN DNS
Query to Cerber Domain
(packetair.us)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (packetair.us)

Enabled by defaultEvents per second (default = 1)
125001399System

DROP TCP TROJAN DNS
Query to Cerber Domain
(packetair.us)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (packetair.us)

Enabled by defaultEvents per second (default = 1)
125001400System

DROP UDP TROJAN DNS
Query to Cerber Domain
(boxmodern.date)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (boxmodern.date)

Enabled by defaultEvents per second (default = 1)
125001401System

DROP TCP TROJAN DNS
Query to Cerber Domain
(boxmodern.date)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (boxmodern.date)

Enabled by defaultEvents per second (default = 1)
125001402System

DROP UDP TROJAN DNS
Query to Cerber Domain
(7asel7.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (7asel7.top)

Enabled by defaultEvents per second (default = 1)
125001403System

DROP TCP TROJAN DNS
Query to Cerber Domain
(7asel7.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (7asel7.top)

Enabled by defaultEvents per second (default = 1)
125001404System

DROP UDP TROJAN DNS
Query to Cerber Domain
(iait3w.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (iait3w.bid)

Enabled by defaultEvents per second (default = 1)
125001405System

DROP TCP TROJAN DNS
Query to Cerber Domain
(iait3w.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (iait3w.bid)

Enabled by defaultEvents per second (default = 1)
125001406System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (ovwjubow.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (ovwjubow.net)

Enabled by defaultEvents per second (default = 1)
125001407System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (ovwjubow.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (ovwjubow.net)

Enabled by defaultEvents per second (default = 1)
125001408System

DROP UDP TROJAN DNS
Query to Cerber Domain
(3do9h1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (3do9h1.bid)

Enabled by defaultEvents per second (default = 1)
125001409System

DROP TCP TROJAN DNS
Query to Cerber Domain
(3do9h1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (3do9h1.bid)

Enabled by defaultEvents per second (default = 1)
125001410System

DROP UDP TROJAN DNS
Query to Cerber Domain
(whmykv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (whmykv.bid)

Enabled by defaultEvents per second (default = 1)
125001411System

DROP TCP TROJAN DNS
Query to Cerber Domain
(whmykv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (whmykv.bid)

Enabled by defaultEvents per second (default = 1)
125001412System

DROP UDP TROJAN DNS
Query to Cerber Domain
(cc0r87.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (cc0r87.bid)

Enabled by defaultEvents per second (default = 1)
125001413System

DROP TCP TROJAN DNS
Query to Cerber Domain
(cc0r87.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (cc0r87.bid)

Enabled by defaultEvents per second (default = 1)
125001414System

DROP UDP TROJAN DNS
Query to Cerber Domain
(4xiiup.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (4xiiup.bid)

Enabled by defaultEvents per second (default = 1)
125001415System

DROP TCP TROJAN DNS
Query to Cerber Domain
(4xiiup.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (4xiiup.bid)

Enabled by defaultEvents per second (default = 1)
125001416System

DROP UDP TROJAN DNS
Query to Cerber Domain
(wl52rt.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (wl52rt.bid)

Enabled by defaultEvents per second (default = 1)
125001417System

DROP TCP TROJAN DNS
Query to Cerber Domain
(wl52rt.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (wl52rt.bid)

Enabled by defaultEvents per second (default = 1)
125001418System

DROP UDP TROJAN DNS
Query to Cerber Domain
(x9le66.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (x9le66.top)

Enabled by defaultEvents per second (default = 1)
125001419System

DROP TCP TROJAN DNS
Query to Cerber Domain
(x9le66.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (x9le66.top)

Enabled by defaultEvents per second (default = 1)
125001420System

DROP UDP TROJAN DNS
Query to Cerber Domain
(endsdoubt.loan)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (endsdoubt.loan)

Enabled by defaultEvents per second (default = 1)
125001421System

DROP TCP TROJAN DNS
Query to Cerber Domain
(endsdoubt.loan)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (endsdoubt.loan)

Enabled by defaultEvents per second (default = 1)
125001422System

DROP UDP TROJAN DNS
Query to Cerber Domain
(childsten.site)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (childsten.site)

Enabled by defaultEvents per second (default = 1)
125001423System

DROP TCP TROJAN DNS
Query to Cerber Domain
(childsten.site)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (childsten.site)

Enabled by defaultEvents per second (default = 1)
125001424System

DROP UDP TROJAN DNS
Query to Cerber Domain
(myaddress.link)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (myaddress.link)

Enabled by defaultEvents per second (default = 1)
125001425System

DROP TCP TROJAN DNS
Query to Cerber Domain
(myaddress.link)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (myaddress.link)

Enabled by defaultEvents per second (default = 1)
125001426System

DROP UDP TROJAN DNS
Query to Cerber Domain
(56185u.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (56185u.bid)

Enabled by defaultEvents per second (default = 1)
125001427System

DROP TCP TROJAN DNS
Query to Cerber Domain
(56185u.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (56185u.bid)

Enabled by defaultEvents per second (default = 1)
125001428System

DROP UDP TROJAN
APT28 XAgent DNS UDP
Lookup
(corpsecurityprotecting
.org)

This rule drops TROJAN APT28
XAgent DNS Lookup using UDP
(corpsecurityprotecting.org)

Enabled by defaultEvents per second (default = 1)
125001429System

DROP TCP TROJAN
APT28 XAgent DNS TCP
Lookup
(corpsecurityprotecting
.org)

This rule drops TROJAN APT28
XAgent DNS Lookup using TCP
(corpsecurityprotecting.org)

Enabled by defaultEvents per second (default = 1)
125001430System

DROP UDP TROJAN
APT28 Unknown C2
DNS UDP Lookup
(microsoftsecurepolicy.
org)

This rule drops TROJAN APT28
Unknown C2 DNS Lookup
using UDP
(microsoftsecurepolicy.org)

Enabled by defaultEvents per second (default = 1)
125001431System

DROP TCP TROJAN
APT28 Unknown C2
DNS UDP Lookup
(microsoftsecurepolicy.
org)

This rule drops TROJAN APT28
Unknown C2 DNS Lookup
using TCP
(microsoftsecurepolicy.org)

Enabled by defaultEvents per second (default = 1)
125001432System

DROP UDP TROJAN
APT28 DealersChoice
DNS UDP Lookup
(securityprotectingcorp
.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using UDP
(securityprotectingcorp.com)

Enabled by defaultEvents per second (default = 1)
125001433System

DROP TCP TROJAN
APT28 DealersChoice
DNS TCP Lookup
(securityprotectingcorp
.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using TCP
(securityprotectingcorp.com)

Enabled by defaultEvents per second (default = 1)
125001434System

DROP UDP TROJAN DNS
Query to Cerber Domain
(j8873f.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (j8873f.bid)

Enabled by defaultEvents per second (default = 1)
125001435System

DROP TCP TROJAN DNS
Query to Cerber Domain
(j8873f.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (j8873f.bid)

Enabled by defaultEvents per second (default = 1)
125001436System

DROP UDP TROJAN DNS
Query to Cerber Domain
(rg51ik.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (rg51ik.bid)

Enabled by defaultEvents per second (default = 1)
125001437System

DROP TCP TROJAN DNS
Query to Cerber Domain
(rg51ik.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (rg51ik.bid)

Enabled by defaultEvents per second (default = 1)
125001438System

DROP UDP TROJAN DNS
Query to Cerber Domain
(eventsresg.info)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (eventsresg.info)

Enabled by defaultEvents per second (default = 1)
125001439System

DROP TCP TROJAN DNS
Query to Cerber Domain
(eventsresg.info)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (eventsresg.info)

Enabled by defaultEvents per second (default = 1)
125001440System

DROP UDP TROJAN DNS
Query to Cerber Domain
(hossy5.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (hossy5.bid)

Enabled by defaultEvents per second (default = 1)
125001441System

DROP TCP TROJAN DNS
Query to Cerber Domain
(hossy5.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (hossy5.bid)

Enabled by defaultEvents per second (default = 1)
125001442System

DROP UDP TROJAN DNS
Query to Cerber Domain
(31wkhu.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (31wkhu.top)

Enabled by defaultEvents per second (default = 1)
125001443System

DROP TCP TROJAN DNS
Query to Cerber Domain
(31wkhu.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (31wkhu.top)

Enabled by defaultEvents per second (default = 1)
125001444System

DROP UDP TROJAN DNS
Query to Cerber Domain
(gi49w8.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (gi49w8.bid)

Enabled by defaultEvents per second (default = 1)
125001445System

DROP TCP TROJAN DNS
Query to Cerber Domain
(gi49w8.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (gi49w8.bid)

Enabled by defaultEvents per second (default = 1)
125001446System

DROP UDP TROJAN DNS
Query to Cerber Domain
(7iups0.top

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (7iups0.top)

Enabled by defaultEvents per second (default = 1)
125001447System

DROP TCP TROJAN DNS
Query to Cerber Domain
(7iups0.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (7iups0.top)

Enabled by defaultEvents per second (default = 1)
125001448System

DROP UDP TROJAN DNS
Query to Cerber Domain
(pbpju9.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (pbpju9.bid)

Enabled by defaultEvents per second (default = 1)
125001449System

DROP TCP TROJAN DNS
Query to Cerber Domain
(pbpju9.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (pbpju9.bid)

Enabled by defaultEvents per second (default = 1)
125001450System

DROP UDP TROJAN DNS
Query to Cerber Domain
(r21wmw.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (r21wmw.top)

Enabled by defaultEvents per second (default = 1)
125001451System

DROP TCP TROJAN DNS
Query to Cerber Domain
(r21wmw.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (r21wmw.top)

Enabled by defaultEvents per second (default = 1)
125001452System

DROP UDP TROJAN DNS
Query to Cerber Domain
(dks71o.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (dks71o.bid)

Enabled by defaultEvents per second (default = 1)
125001453System

DROP TCP TROJAN DNS
Query to Cerber Domain
(dks71o.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (dks71o.bid)

Enabled by defaultEvents per second (default = 1)
125001454System

DROP UDP TROJAN
APT28 EK DNS UDP
Lookup
(pressservices.net)

This rule drops TROJAN APT28
EK DNS Lookup using UDP
(pressservices.net)

Enabled by defaultEvents per second (default = 1)
125001455System

DROP TCP TROJAN
APT28 EK DNS TCP
Lookup
(pressservices.net)

This rule drops TROJAN APT28
EK DNS Lookup using TCP
(pressservices.net)

Enabled by defaultEvents per second (default = 1)
125001456System

DROP UDP TROJAN
APT28 XAgent DNS UDP
Lookup (officefont.com)

This rule drops TROJAN APT28
XAgent DNS Lookup using UDP
(officefont.com)

Enabled by defaultEvents per second (default = 1)
125001457System

DROP TCP TROJAN
APT28 XAgent DNS TCP
Lookup (officefont.com)

This rule drops TROJAN APT28
XAgent DNS Lookup using TCP
(officefont.com)

Enabled by defaultEvents per second (default = 1)
125001458System

DROP UDP TROJAN
Ransomware Locky
.onion Payment Domain
(mwddgguaa5rj7b54)

This rule drops TROJAN
Ransomware Locky .onion
Payment Domain using UDP
(mwddgguaa5rj7b54)

Enabled by defaultEvents per second (default = 1)
125001459System

DROP TCP TROJAN
Ransomware Locky
.onion Payment Domain
(mwddgguaa5rj7b54)

This rule drops TROJAN
Ransomware Locky .onion
Payment Domain using TCP
(mwddgguaa5rj7b54)

Enabled by defaultEvents per second (default = 1)
125001460System

DROP UDP TROJAN
APT28 EK DNS UDP
Lookup
(defenceglobalnews.co
m)

This rule drops TROJAN APT28
EK DNS Lookup using UDP
(defenceglobalnews.com)

Enabled by defaultEvents per second (default = 1)
125001461System

DROP TCP TROJAN
APT28 EK DNS TCP
Lookup
(defenceglobalnews.co
m)

This rule drops TROJAN APT28
EK DNS Lookup using TCP
(defenceglobalnews.com)

Enabled by defaultEvents per second (default = 1)
125001462System

DROP UDP TROJAN
APT28 EK DNS UDP
Lookup
(globaldefencetalk.com
)

This rule drops TROJAN APT28
EK DNS Lookup using UDP
(globaldefencetalk.com)

Enabled by defaultEvents per second (default = 1)
125001463System

DROP TCP TROJAN
APT28 EK DNS TCP
Lookup
(globaldefencetalk.com
)

This rule drops TROJAN APT28
EK DNS Lookup using TCP
(globaldefencetalk.com)

Enabled by defaultEvents per second (default = 1)
125001464System

DROP UDP TROJAN DNS
Query to Cerber Domain
(sotn58.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (sotn58.top)

Enabled by defaultEvents per second (default = 1)
125001465System

DROP TCP TROJAN DNS
Query to Cerber Domain
(sotn58.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (sotn58.top)

Enabled by defaultEvents per second (default = 1)
125001466System

DROP UDP TROJAN DNS
Query to Cerber Domain
(d4u711.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (d4u711.bid)

Enabled by defaultEvents per second (default = 1)
125001467System

DROP TCP TROJAN DNS
Query to Cerber Domain
(d4u711.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (d4u711.bid)

Enabled by defaultEvents per second (default = 1)
125001468System

DROP UDP TROJAN DNS
Query to Cerber Domain
(js43vy.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (js43vy.bid)

Enabled by defaultEvents per second (default = 1)
125001469System

DROP TCP TROJAN DNS
Query to Cerber Domain
(js43vy.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (js43vy.bid)

Enabled by defaultEvents per second (default = 1)
125001470System

DROP UDP TROJAN DNS
Query to Cerber Domain
(bipa9k.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (bipa9k.top)

Enabled by defaultEvents per second (default = 1)
125001471System

DROP TCP TROJAN DNS
Query to Cerber Domain
(bipa9k.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (bipa9k.top)

Enabled by defaultEvents per second (default = 1)
125001472System

DROP UDP TROJAN DNS
Query to Cerber Domain
(rbrkng.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (rbrkng.bid)

Enabled by defaultEvents per second (default = 1)
125001473System

DROP TCP TROJAN DNS
Query to Cerber Domain
(rbrkng.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (rbrkng.bid)

Enabled by defaultEvents per second (default = 1)
125001474System

DROP UDP TROJAN DNS
Query to Cerber Domain
(gmnjzj.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (gmnjzj.bid)

Enabled by defaultEvents per second (default = 1)
125001475System

DROP TCP TROJAN DNS
Query to Cerber Domain
(gmnjzj.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (gmnjzj.bid)

Enabled by defaultEvents per second (default = 1)
125001476System

DROP UDP TROJAN DNS
Query to Cerber Domain
(liesshall.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (liesshall.bid)

Enabled by defaultEvents per second (default = 1)
125001477System

DROP TCP TROJAN DNS
Query to Cerber Domain
(liesshall.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (liesshall.bid)

Enabled by defaultEvents per second (default = 1)
125001478System

DROP UDP TROJAN DNS
Query to Cerber Domain
(cv3fdi.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (cv3fdi.bid)

Enabled by defaultEvents per second (default = 1)
125001479System

DROP TCP TROJAN DNS
Query to Cerber Domain
(cv3fdi.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (cv3fdi.bid)

Enabled by defaultEvents per second (default = 1)
125001480System

DROP UDP TROJAN DNS
Query to Cerber Domain
(unzcm1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (unzcm1.bid)

Enabled by defaultEvents per second (default = 1)
125001481System

DROP TCP TROJAN DNS
Query to Cerber Domain
(unzcm1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (unzcm1.bid)

Enabled by defaultEvents per second (default = 1)
125001482System

DROP UDP TROJAN DNS
Query to Cerber Domain
(vx5whc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (vx5whc.bid)

Enabled by defaultEvents per second (default = 1)
125001483System

DROP TCP TROJAN DNS
Query to Cerber Domain
(vx5whc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (vx5whc.bid)

Enabled by defaultEvents per second (default = 1)
125001484System

DROP UDP TROJAN DNS
Query to Cerber Domain
(itdrink.club)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (itdrink.club)

Enabled by defaultEvents per second (default = 1)
125001485System

DROP TCP TROJAN DNS
Query to Cerber Domain
(itdrink.club)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (itdrink.club)

Enabled by defaultEvents per second (default = 1)
125001486System

DROP UDP TROJAN DNS
Query to Cerber Domain
(jal9lk.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (jal9lk.bid)

Enabled by defaultEvents per second (default = 1)
125001487System

DROP TCP TROJAN DNS
Query to Cerber Domain
(jal9lk.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (jal9lk.bid)

Enabled by defaultEvents per second (default = 1)
125001488System

DROP UDP TROJAN DNS
Query to Cerber Domain
(0ndl3j.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (0ndl3j.bid)

Enabled by defaultEvents per second (default = 1)
125001489System

DROP TCP TROJAN DNS
Query to Cerber Domain
(0ndl3j.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (0ndl3j.bid)

Enabled by defaultEvents per second (default = 1)
125001490System

DROP UDP TROJAN DNS
Query to Cerber Domain
(t0su8p.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (t0su8p.bid)

Enabled by defaultEvents per second (default = 1)
125001491System

DROP TCP TROJAN DNS
Query to Cerber Domain
(t0su8p.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (t0su8p.bid)

Enabled by defaultEvents per second (default = 1)
125001492System

DROP UDP TROJAN DNS
Query to Cerber Domain
(yg767p.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (yg767p.bid)

Enabled by defaultEvents per second (default = 1)
125001493System

DROP TCP TROJAN DNS
Query to Cerber Domain
(yg767p.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (yg767p.bid)

Enabled by defaultEvents per second (default = 1)
125001494System

DROP UDP TROJAN DNS
Query to Cerber Domain
(goshare.red)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (goshare.red)

Enabled by defaultEvents per second (default = 1)
125001495System

DROP TCP TROJAN DNS
Query to Cerber Domain
(goshare.red)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (goshare.red)

Enabled by defaultEvents per second (default = 1)
125001496System

DROP UDP TROJAN DNS
Query to Cerber Domain
(fgzgvw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (fgzgvw.bid)

Enabled by defaultEvents per second (default = 1)
125001497System

DROP TCP TROJAN DNS
Query to Cerber Domain
(fgzgvw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (fgzgvw.bid)

Enabled by defaultEvents per second (default = 1)
125001498System

DROP UDP TROJAN DNS
Query to Cerber Domain
(bipa9k.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (bipa9k.bid)

Enabled by defaultEvents per second (default = 1)
125001499System

DROP TCP TROJAN DNS
Query to Cerber Domain
(bipa9k.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (bipa9k.bid)

Enabled by defaultEvents per second (default = 1)
125001500System

DROP UDP TROJAN DNS
Query to Cerber Domain
(9473jk.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (9473jk.top)

Enabled by defaultEvents per second (default = 1)
125001501System

DROP TCP TROJAN DNS
Query to Cerber Domain
(9473jk.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (9473jk.top)

Enabled by defaultEvents per second (default = 1)
125001502System

DROP UDP TROJAN DNS
Query to Cerber Domain
(69ju9u.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (69ju9u.bid)

Enabled by defaultEvents per second (default = 1)
125001503System

DROP TCP TROJAN DNS
Query to Cerber Domain
(69ju9u.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (69ju9u.bid)

Enabled by defaultEvents per second (default = 1)
125001504System

DROP UDP POLICY
OpenDNS IP UDP
Lookup
(myip.opendns.com)

This rule drops POLICY
OpenDNS IP Lookup using
UDP (myip.opendns.com)

Enabled by defaultEvents per second (default = 1)
125001505System

DROP TCP POLICY
OpenDNS IP UDP
Lookup
(myip.opendns.com)

This rule drops POLICY
OpenDNS IP Lookup using TCP
(myip.opendns.com)

Enabled by defaultEvents per second (default = 1)
125001506System

DROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup (cpsxz1.at)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(cpsxz1.at)

Enabled by defaultEvents per second (default = 1)
125001507System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup (cpsxz1.at)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(cpsxz1.at)

Enabled by defaultEvents per second (default = 1)
125001508System

DROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup
(f4iugfng344.ru)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(f4iugfng344.ru)

Enabled by defaultEvents per second (default = 1)
125001509System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup
(f4iugfng344.ru)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(f4iugfng344.ru)

Enabled by defaultEvents per second (default = 1)
125001510System

DROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup
(faffwefg.org.ru)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(faffwefg.org.ru)

Enabled by defaultEvents per second (default = 1)
125001511System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup
(faffwefg.org.ru)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(faffwefg.org.ru)

Enabled by defaultEvents per second (default = 1)
125001512System

DROP UDP TROJAN
Enigma Ransomware
Payment Domain
(75phevehanjt7cwa)

This rule drops TROJAN Enigma
Ransomware Payment Domain
using UDP
(75phevehanjt7cwa)

Enabled by defaultEvents per second (default = 1)
125001513System

DROP TCP TROJAN
Enigma Ransomware
Payment Domain
(75phevehanjt7cwa)

This rule drops TROJAN Enigma
Ransomware Payment Domain
using TCP
(75phevehanjt7cwa)

Enabled by defaultEvents per second (default = 1)
125001514System

DROP UDP TROJAN DNS
Query to Cerber Domain
(5tb8hy.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (5tb8hy.bid)

Enabled by defaultEvents per second (default = 1)
125001515System

DROP TCP TROJAN DNS
Query to Cerber Domain
(5tb8hy.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (5tb8hy.bid)

Enabled by defaultEvents per second (default = 1)
125001516System

DROP UDP TROJAN DNS
Query to Cerber Domain
(cto5ee.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (cto5ee.bid)

Enabled by defaultEvents per second (default = 1)
125001517System

DROP TCP TROJAN DNS
Query to Cerber Domain
(cto5ee.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (cto5ee.bid)

Enabled by defaultEvents per second (default = 1)
125001518System

DROP UDP TROJAN DNS
Query to Cerber Domain
(fvzhoo.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (fvzhoo.bid)

Enabled by defaultEvents per second (default = 1)
125001519System

DROP TCP TROJAN DNS
Query to Cerber Domain
(fvzhoo.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (fvzhoo.bid)

Enabled by defaultEvents per second (default = 1)
125001520System

DROP UDP TROJAN DNS
Query to Cerber Domain
(bj64gv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (bj64gv.bid)

Enabled by defaultEvents per second (default = 1)
125001521System

DROP TCP TROJAN DNS
Query to Cerber Domain
(bj64gv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (bj64gv.bid)

Enabled by defaultEvents per second (default = 1)
125001522System

DROP UDP TROJAN DNS
Query to Cerber Domain
(wasf56.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (wasf56.bid)

Enabled by defaultEvents per second (default = 1)
125001523System

DROP TCP TROJAN DNS
Query to Cerber Domain
(wasf56.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (wasf56.bid)

Enabled by defaultEvents per second (default = 1)
125001524System

DROP UDP TROJAN DNS
Query to Cerber Domain
(fundpoem.mobi)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (fundpoem.mobi)

Enabled by defaultEvents per second (default = 1)
125001525System

DROP TCP TROJAN DNS
Query to Cerber Domain
(fundpoem.mobi)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (fundpoem.mobi)

Enabled by defaultEvents per second (default = 1)
125001526System

DROP UDP TROJAN DNS
Query to Cerber Domain
(sotn58.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (sotn58.bid)

Enabled by defaultEvents per second (default = 1)
125001527System

DROP TCP TROJAN DNS
Query to Cerber Domain
(sotn58.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (sotn58.bid)

Enabled by defaultEvents per second (default = 1)
125001528System

DROP UDP TROJAN DNS
Query to Cerber Domain
(enanhb.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (enanhb.bid)

Enabled by defaultEvents per second (default = 1)
125001529System

DROP TCP TROJAN DNS
Query to Cerber Domain
(enanhb.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (enanhb.bid)

Enabled by defaultEvents per second (default = 1)
125001530System

DROP UDP TROJAN DNS
Query to Cerber Domain
(dierepair.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (dierepair.top)

Enabled by defaultEvents per second (default = 1)
125001531System

DROP TCP TROJAN DNS
Query to Cerber Domain
(dierepair.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (dierepair.top)

Enabled by defaultEvents per second (default = 1)
125001532System

DROP UDP TROJAN DNS
Query to Cerber Domain
(26ahte.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (26ahte.bid)

Enabled by defaultEvents per second (default = 1)
125001533System

DROP TCP TROJAN DNS
Query to Cerber Domain
(26ahte.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (26ahte.bid)

Enabled by defaultEvents per second (default = 1)
125001534System

DROP UDP TROJAN DNS
Query to Cerber Domain
(z6a7f1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (z6a7f1.bid)

Enabled by defaultEvents per second (default = 1)
125001535System

DROP TCP TROJAN DNS
Query to Cerber Domain
(z6a7f1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (z6a7f1.bid)

Enabled by defaultEvents per second (default = 1)
125001536System

DROP UDP TROJAN DNS
Query to Cerber Domain
(seemby.loan)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (seemby.loan)

Enabled by defaultEvents per second (default = 1)
125001537System

DROP TCP TROJAN DNS
Query to Cerber Domain
(seemby.loan)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (seemby.loan)

Enabled by defaultEvents per second (default = 1)
125001538System

DROP UDP TROJAN DNS
Query to Cerber Domain
(zn90h4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zn90h4.bid)

Enabled by defaultEvents per second (default = 1)
125001539System

DROP TCP TROJAN DNS
Query to Cerber Domain
(zn90h4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zn90h4.bid)

Enabled by defaultEvents per second (default = 1)
125001540System

DROP UDP TROJAN DNS
Query to Cerber Domain
(csv7o6.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (csv7o6.bid)

Enabled by defaultEvents per second (default = 1)
125001541System

DROP TCP TROJAN DNS
Query to Cerber Domain
(csv7o6.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (csv7o6.bid)

Enabled by defaultEvents per second (default = 1)
125001542System

DROP UDP TROJAN DNS
Query to Cerber Domain
(yjy5dr.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (yjy5dr.bid)

Enabled by defaultEvents per second (default = 1)
125001543System

DROP TCP TROJAN DNS
Query to Cerber Domain
(yjy5dr.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (yjy5dr.bid)

Enabled by defaultEvents per second (default = 1)
125001544System

DROP UDP TROJAN DNS
Query to Cerber Domain
(j0n83w.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (j0n83w.bid)

Enabled by defaultEvents per second (default = 1)
125001545System

DROP TCP TROJAN DNS
Query to Cerber Domain
(j0n83w.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (j0n83w.bid)

Enabled by defaultEvents per second (default = 1)
125001546System

DROP UDP TROJAN DNS
Query to Cerber Domain
(hlexdu.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (hlexdu.bid)

Enabled by defaultEvents per second (default = 1)
125001547System

DROP TCP TROJAN DNS
Query to Cerber Domain
(hlexdu.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (hlexdu.bid)

Enabled by defaultEvents per second (default = 1)
125001548System

DROP UDP TROJAN DNS
Query to Cerber Domain
(n20b1c.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (n20b1c.top)

Enabled by defaultEvents per second (default = 1)
125001549System

DROP TCP TROJAN DNS
Query to Cerber Domain
(n20b1c.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (n20b1c.top)

Enabled by defaultEvents per second (default = 1)
125001550System

DROP UDP TROJAN DNS
Query to Cerber Domain
(7barzc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (7barzc.bid)

Enabled by defaultEvents per second (default = 1)
125001551System

DROP TCP TROJAN DNS
Query to Cerber Domain
(7barzc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (7barzc.bid)

Enabled by defaultEvents per second (default = 1)
125001552System

DROP UDP TROJAN DNS
Query to Cerber Domain
(aclox4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (aclox4.bid)

Enabled by defaultEvents per second (default = 1)
125001553System

DROP TCP TROJAN DNS
Query to Cerber Domain
(aclox4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (aclox4.bid)

Enabled by defaultEvents per second (default = 1)
125001554System

DROP UDP TROJAN DNS
Query to Cerber Domain
(w8yolm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (w8yolm.bid)

Enabled by defaultEvents per second (default = 1)
125001555System

DROP TCP TROJAN DNS
Query to Cerber Domain
(w8yolm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (w8yolm.bid)

Enabled by defaultEvents per second (default = 1)
125001556System

DROP UDP TROJAN DNS
Query to Cerber Domain
(91006j.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (91006j.bid)

Enabled by defaultEvents per second (default = 1)
125001557System

DROP TCP TROJAN DNS
Query to Cerber Domain
(91006j.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (91006j.bid)

Enabled by defaultEvents per second (default = 1)
125001558System

DROP UDP TROJAN DNS
Query to Cerber Domain
(nh47ri.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (nh47ri.bid)

Enabled by defaultEvents per second (default = 1)
125001559System

DROP TCP TROJAN DNS
Query to Cerber Domain
(nh47ri.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (nh47ri.bid)

Enabled by defaultEvents per second (default = 1)
125001560System

DROP UDP TROJAN DNS
Query to Cerber Domain
(d3j2xd.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (d3j2xd.bid)

Enabled by defaultEvents per second (default = 1)
125001561System

DROP TCP TROJAN DNS
Query to Cerber Domain
(d3j2xd.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (d3j2xd.bid)

Enabled by defaultEvents per second (default = 1)
125001562System

DROP UDP TROJAN DNS
Query to Cerber Domain
(djintc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (djintc.bid)

Enabled by defaultEvents per second (default = 1)
125001563System

DROP TCP TROJAN DNS
Query to Cerber Domain
(djintc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (djintc.bid)

Enabled by defaultEvents per second (default = 1)
125001564System

DROP UDP TROJAN DNS
Query to Cerber Domain
(uhi7to.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (uhi7to.bid)

Enabled by defaultEvents per second (default = 1)
125001565System

DROP TCP TROJAN DNS
Query to Cerber Domain
(uhi7to.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (uhi7to.bid)

Enabled by defaultEvents per second (default = 1)
125001566System

DROP UDP TROJAN DNS
Query to Cerber Domain
(payours.men)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (payours.men)

Enabled by defaultEvents per second (default = 1)
125001567System

DROP TCP TROJAN DNS
Query to Cerber Domain
(payours.men)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (payours.men)

Enabled by defaultEvents per second (default = 1)
125001568System

DROP UDP TROJAN DNS
Query to Cerber Domain
(o8hpwj.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (o8hpwj.top)

Enabled by defaultEvents per second (default = 1)
125001569System

DROP TCP TROJAN DNS
Query to Cerber Domain
(o8hpwj.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (o8hpwj.top)

Enabled by defaultEvents per second (default = 1)
125001570System

DROP UDP TROJAN DNS
Query to Cerber Domain
(wf9li1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (wf9li1.bid)

Enabled by defaultEvents per second (default = 1)
125001571System

DROP TCP TROJAN DNS
Query to Cerber Domain
(wf9li1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (wf9li1.bid)

Enabled by defaultEvents per second (default = 1)
125001572System

DROP UDP TROJAN DNS
Query to Cerber Domain
(f0jlbj.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (f0jlbj.bid)

Enabled by defaultEvents per second (default = 1)
125001573System

DROP TCP TROJAN DNS
Query to Cerber Domain
(f0jlbj.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (f0jlbj.bid)

Enabled by defaultEvents per second (default = 1)
125001574System

DROP UDP TROJAN
Ransomware/Cerber
Onion Domain UDP
Lookup
(zutzt67dcxr6mxcn)

This rule drops TROJAN
Ransomware/Cerber Onion
Domain Lookup using UDP
(zutzt67dcxr6mxcn)

Enabled by defaultEvents per second (default = 1)
125001575System

DROP TCP TROJAN
Ransomware/Cerber
Onion Domain TCP
Lookup
(zutzt67dcxr6mxcn)

This rule drops TROJAN
Ransomware/Cerber Onion
Domain Lookup using TCP
(zutzt67dcxr6mxcn)

Enabled by defaultEvents per second (default = 1)
125001576System

DROP UDP TROJAN DNS
Query to Cerber Domain
(51a47u.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (51a47u.bid)

Enabled by defaultEvents per second (default = 1)
125001577System

DROP TCP TROJAN DNS
Query to Cerber Domain
(51a47u.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (51a47u.bid)

Enabled by defaultEvents per second (default = 1)
125001578System

DROP UDP TROJAN DNS
Query to Cerber Domain
(lpnef4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (lpnef4.bid)

Enabled by defaultEvents per second (default = 1)
125001579System

DROP TCP TROJAN DNS
Query to Cerber Domain
(lpnef4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (lpnef4.bid)

Enabled by defaultEvents per second (default = 1)
125001580System

DROP UDP TROJAN DNS
Query to Cerber Domain
(l6nhw7.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (l6nhw7.bid)

Enabled by defaultEvents per second (default = 1)
125001581System

DROP TCP TROJAN DNS
Query to Cerber Domain
(l6nhw7.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (l6nhw7.bid)

Enabled by defaultEvents per second (default = 1)
125001582System

DROP UDP TROJAN DNS
Query to Cerber Domain
(sx90yk.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (sx90yk.bid)

Enabled by defaultEvents per second (default = 1)
125001583System

DROP TCP TROJAN DNS
Query to Cerber Domain
(sx90yk.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (sx90yk.bid)

Enabled by defaultEvents per second (default = 1)
125001584System

DROP UDP TROJAN DNS
Query to Cerber Domain
(cm5ohx.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (cm5ohx.bid)

Enabled by defaultEvents per second (default = 1)
125001585System

DROP TCP TROJAN DNS
Query to Cerber Domain
(cm5ohx.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (cm5ohx.bid)

Enabled by defaultEvents per second (default = 1)
125001586System

DROP UDP TROJAN DNS
Query to Cerber Domain
(v9y6z8.bid

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (v9y6z8.bid)

Enabled by defaultEvents per second (default = 1)
125001587System

DROP TCP TROJAN DNS
Query to Cerber Domain
(v9y6z8.bid

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (v9y6z8.bid)

Enabled by defaultEvents per second (default = 1)
125001588System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ohpw50.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ohpw50.top)

Enabled by defaultEvents per second (default = 1)
125001589System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ohpw50.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ohpw50.top)

Enabled by defaultEvents per second (default = 1)
125001590System

DROP UDP TROJAN DNS
Query to Cerber Domain
(catfills.mobi)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (catfills.mobi)

Enabled by defaultEvents per second (default = 1)
125001591System

DROP TCP TROJAN DNS
Query to Cerber Domain
(catfills.mobi)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (catfills.mobi)

Enabled by defaultEvents per second (default = 1)
125001592System

DROP UDP TROJAN DNS
Query to Cerber Domain
(j5spvw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (j5spvw.bid)

Enabled by defaultEvents per second (default = 1)
125001593System

DROP TCP TROJAN DNS
Query to Cerber Domain
(j5spvw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (j5spvw.bid)

Enabled by defaultEvents per second (default = 1)
125001594System

DROP UDP TROJAN DNS
Query to Cerber Domain
(byeraser.lol)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (byeraser.lol)

Enabled by defaultEvents per second (default = 1)
125001595System

DROP TCP TROJAN DNS
Query to Cerber Domain
(byeraser.lol)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (byeraser.lol)

Enabled by defaultEvents per second (default = 1)
125001596System

DROP UDP TROJAN
APT28 XAgent DNS UDP
Lookup
(windowsofficeupdate.
com)

This rule drops TROJAN APT28
XAgent DNS Lookup using UDP
(windowsofficeupdate.com)

Enabled by defaultEvents per second (default = 1)
125001597System

DROP TCP TROJAN
APT28 XAgent DNS TCP
Lookup
(windowsofficeupdate.
com)

This rule drops TROJAN APT28
XAgent DNS Lookup using TCP
(windowsofficeupdate.com)

Enabled by defaultEvents per second (default = 1)
125001598System

DROP UDP TROJAN DNS
Query to Cerber Domain
(0ot7em.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (0ot7em.bid)

Enabled by defaultEvents per second (default = 1)
125001599System

DROP TCP TROJAN DNS
Query to Cerber Domain
(0ot7em.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (0ot7em.bid)

Enabled by defaultEvents per second (default = 1)
125001600System

DROP UDP TROJAN DNS
Query to Cerber Domain
(frr0od.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (frr0od.bid)

Enabled by defaultEvents per second (default = 1)
125001601System

DROP TCP TROJAN DNS
Query to Cerber Domain
(frr0od.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (frr0od.bid)

Enabled by defaultEvents per second (default = 1)
125001602System

DROP UDP TROJAN DNS
Query to Cerber Domain
(mpduf5.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (mpduf5.bid)

Enabled by defaultEvents per second (default = 1)
125001603System

DROP TCP TROJAN DNS
Query to Cerber Domain
(mpduf5.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (mpduf5.bid)

Enabled by defaultEvents per second (default = 1)
125001604System

DROP UDP TROJAN DNS
Query to Cerber Domain
(jmz94o.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (jmz94o.bid)

Enabled by defaultEvents per second (default = 1)
125001605System

DROP TCP TROJAN DNS
Query to Cerber Domain
(jmz94o.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (jmz94o.bid)

Enabled by defaultEvents per second (default = 1)
125001606System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ewfp5y.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ewfp5y.bid)

Enabled by defaultEvents per second (default = 1)
125001607System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ewfp5y.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ewfp5y.bid)

Enabled by defaultEvents per second (default = 1)
125001608System

DROP UDP TROJAN DNS
Query to Cerber Domain
(1pr9as.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (1pr9as.top)

Enabled by defaultEvents per second (default = 1)
125001609System

DROP TCP TROJAN DNS
Query to Cerber Domain
(1pr9as.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (1pr9as.top)

Enabled by defaultEvents per second (default = 1)
125001610System

DROP UDP TROJAN DNS
Query to Cerber Domain
(fp6fj6.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (fp6fj6.top)

Enabled by defaultEvents per second (default = 1)
125001611System

DROP TCP TROJAN DNS
Query to Cerber Domain
(fp6fj6.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (fp6fj6.top)

Enabled by defaultEvents per second (default = 1)
125001612System

DROP UDP TROJAN DNS
Query to Cerber Domain
(le2brr.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (le2brr.bid)

Enabled by defaultEvents per second (default = 1)
125001613System

DROP TCP TROJAN DNS
Query to Cerber Domain
(le2brr.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (le2brr.bid)

Enabled by defaultEvents per second (default = 1)
125001614System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ab4dix.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ab4dix.bid)

Enabled by defaultEvents per second (default = 1)
125001615System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ab4dix.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ab4dix.bid)

Enabled by defaultEvents per second (default = 1)
125001616System

DROP UDP TROJAN DNS
Query to Cerber Domain
(4c71wg.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (4c71wg.bid)

Enabled by defaultEvents per second (default = 1)
125001617System

DROP TCP TROJAN DNS
Query to Cerber Domain
(4c71wg.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (4c71wg.bid)

Enabled by defaultEvents per second (default = 1)
125001618System

DROP UDP TROJAN DNS
Query to Cerber Domain
(nnb83b.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (nnb83b.bid)

Enabled by defaultEvents per second (default = 1)
125001619System

DROP TCP TROJAN DNS
Query to Cerber Domain
(nnb83b.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (nnb83b.bid)

Enabled by defaultEvents per second (default = 1)
125001620System

DROP UDP TROJAN DNS
Query to Cerber Domain
(2eu9zl.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (2eu9zl.bid)

Enabled by defaultEvents per second (default = 1)
125001621System

DROP TCP TROJAN DNS
Query to Cerber Domain
(2eu9zl.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (2eu9zl.bid)

Enabled by defaultEvents per second (default = 1)
125001622System

DROP UDP TROJAN DNS
Query to Cerber Domain
(forththat.pw)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (forththat.pw)

Enabled by defaultEvents per second (default = 1)
125001623System

DROP TCP TROJAN DNS
Query to Cerber Domain
(forththat.pw)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (forththat.pw)

Enabled by defaultEvents per second (default = 1)
125001624System

DROP UDP TROJAN DNS
Query to Cerber Domain
(hclz73.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (hclz73.top)

Enabled by defaultEvents per second (default = 1)
125001625System

DROP TCP TROJAN DNS
Query to Cerber Domain
(hclz73.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (hclz73.top)

Enabled by defaultEvents per second (default = 1)
125001626System

DROP UDP TROJAN DNS
Query to Cerber Domain
(23fvxw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (23fvxw.bid)

Enabled by defaultEvents per second (default = 1)
125001627System

DROP TCP TROJAN DNS
Query to Cerber Domain
(23fvxw.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (23fvxw.bid)

Enabled by defaultEvents per second (default = 1)
125001628System

DROP UDP TROJAN DNS
Query to Cerber Domain
(3nke6l.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (3nke6l.bid)

Enabled by defaultEvents per second (default = 1)
125001629System

DROP TCP TROJAN DNS
Query to Cerber Domain
(3nke6l.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (3nke6l.bid)

Enabled by defaultEvents per second (default = 1)
125001630System

DROP UDP TROJAN DNS
Query to Cerber Domain
(xy2rlg.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (xy2rlg.bid)

Enabled by defaultEvents per second (default = 1)
125001631System

DROP TCP TROJAN DNS
Query to Cerber Domain
(xy2rlg.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (xy2rlg.bid)

Enabled by defaultEvents per second (default = 1)
125001632System

DROP UDP TROJAN DNS
Query to Cerber Domain
(f1l8li.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (f1l8li.bid)

Enabled by defaultEvents per second (default = 1)
125001633System

DROP TCP TROJAN DNS
Query to Cerber Domain
(f1l8li.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (f1l8li.bid)

Enabled by defaultEvents per second (default = 1)
125001634System

DROP UDP TROJAN DNS
Query to Cerber Domain
(e2yzfi.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (e2yzfi.bid)

Enabled by defaultEvents per second (default = 1)
125001635System

DROP TCP TROJAN DNS
Query to Cerber Domain
(e2yzfi.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (e2yzfi.bid)

Enabled by defaultEvents per second (default = 1)
125001636System

DROP UDP TROJAN DNS
Query to Cerber Domain
(83j6lj.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (83j6lj.top)

Enabled by defaultEvents per second (default = 1)
125001637System

DROP TCP TROJAN DNS
Query to Cerber Domain
(83j6lj.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (83j6lj.top)

Enabled by defaultEvents per second (default = 1)
125001638System

DROP UDP TROJAN
Ransomware/Princess
Onion Domain UDP
Lookup
(6s2a2qa6sdoz4sjt)

This rule drops TROJAN
Ransomware/Princess Onion
Domain Lookup using UDP
(6s2a2qa6sdoz4sjt)

Enabled by defaultEvents per second (default = 1)
125001639System

DROP TCP TROJAN
Ransomware/Princess
Onion Domain TCP
Lookup
(6s2a2qa6sdoz4sjt)

This rule drops TROJAN
Ransomware/Princess Onion
Domain Lookup using TCP
(6s2a2qa6sdoz4sjt)

Enabled by defaultEvents per second (default = 1)
125001640System

DROP UDP TROJAN
Ransomware/Princess
Onion Domain UDP
Lookup
(txdmxtyifjyxdnpj)

This rule drops TROJAN
Ransomware/Princess Onion
Domain Lookup using UDP
(txdmxtyifjyxdnpj)

Enabled by defaultEvents per second (default = 1)
125001641System

DROP TCP TROJAN
Ransomware/Princess
Onion Domain TCP
Lookup
(txdmxtyifjyxdnpj)

This rule drops TROJAN
Ransomware/Princess Onion
Domain Lookup using TCP
(txdmxtyifjyxdnpj)

Enabled by defaultEvents per second (default = 1)
125001642System

DROP UDP TROJAN
APT28/SEDNIT XAgent
DNS UDP Lookup
(akamaisoftupdate.co
m)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using UDP
(akamaisoftupdate.com)

Enabled by defaultEvents per second (default = 1)
125001643System

DROP TCP TROJAN
APT28/SEDNIT XAgent
DNS TCP Lookup
(akamaisoftupdate.co
m)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using TCP
(akamaisoftupdate.com)

Enabled by defaultEvents per second (default = 1)
125001644System

DROP UDP TROJAN
APT28/SEDNIT XAgent
DNS UDP Lookup
(joshel.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using UDP
(joshel.com)

Enabled by defaultEvents per second (default = 1)
125001645System

DROP TCP TROJAN
APT28/SEDNIT XAgent
DNS TCP Lookup
(joshel.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using TCP (joshel.com)

Enabled by defaultEvents per second (default = 1)
125001646System

DROP UDP TROJAN
APT28/SEDNIT XAgent
DNS UDP Lookup
(ppcodecs.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using UDP
(ppcodecs.com)

Enabled by defaultEvents per second (default = 1)
125001647System

DROP TCP TROJAN
APT28/SEDNIT XAgent
DNS TCP Lookup
(ppcodecs.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using TCP
(ppcodecs.com)

Enabled by defaultEvents per second (default = 1)
125001648System

DROP UDP TROJAN
JigsawLocker .onion
Proxy Domain
(li4m2f6oztck5sam)

This rule drops TROJAN
JigsawLocker .onion Proxy
Domain Lookup using UDP
(li4m2f6oztck5sam)

Enabled by defaultEvents per second (default = 1)
125001649System

DROP TCP TROJAN
JigsawLocker .onion
Proxy Domain
(li4m2f6oztck5sam)

This rule drops TROJAN
JigsawLocker .onion Proxy
Domain Lookup using TCP
(li4m2f6oztck5sam)

Enabled by defaultEvents per second (default = 1)
125001650System

DROP UDP TROJAN
MSIL.Neutron .onion
Proxy Domain
(l75qjosx54mue7lv)

This rule drops TROJAN
MSIL.Neutron .onion Proxy
Domain Lookup using UDP
(l75qjosx54mue7lv)

Enabled by defaultEvents per second (default = 1)
125001651System

DROP TCP TROJAN
MSIL.Neutron .onion
Proxy Domain
(l75qjosx54mue7lv)

This rule drops TROJAN
MSIL.Neutron .onion Proxy
Domain Lookup using TCP
(l75qjosx54mue7lv)

Enabled by defaultEvents per second (default = 1)
125001652System

DROP UDP TROJAN
Ransomware PadCrypt
.onion Proxy Domain
(go2torrgyzq3kpzo)

This rule drops TROJAN
Ransomware PadCrypt .onion
Proxy Domain Lookup using
UDP (go2torrgyzq3kpzo)

Enabled by defaultEvents per second (default = 1)
125001653System

DROP TCP TROJAN
Ransomware PadCrypt
.onion Proxy Domain
(go2torrgyzq3kpzo)

This rule drops TROJAN
Ransomware PadCrypt .onion
Proxy Domain Lookup using
TCP (go2torrgyzq3kpzo)

Enabled by defaultEvents per second (default = 1)
125001654System

DROP UDP TROJAN
APT28/SEDNIT XAgent
DNS UDP Lookup
(videocplu.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using UDP
(videocplu.com)

Enabled by defaultEvents per second (default = 1)
125001655System

DROP TCP TROJAN
APT28/SEDNIT XAgent
DNS TCP Lookup
(videocplu.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using TCP
(videocplu.com)

Enabled by defaultEvents per second (default = 1)
125001656System

DROP UDP TROJAN
APT28/SEDNIT XAgent
DNS UDP Lookup
(naturepict.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using UDP
(naturepict.com)

Enabled by defaultEvents per second (default = 1)
125001657System

DROP TCP TROJAN
APT28/SEDNIT XAgent
DNS TCP Lookup
(naturepict.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using TCP
(naturepict.com)

Enabled by defaultEvents per second (default = 1)
125001658System

DROP UDP TROJAN
APT28/SEDNIT XAgent
DNS UDP Lookup
(checkcpuspeed.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using UDP
(checkcpuspeed.com)

Enabled by defaultEvents per second (default = 1)
125001659System

DROP TCP TROJAN
APT28/SEDNIT XAgent
DNS TCP Lookup
(checkcpuspeed.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using TCP
(checkcpuspeed.com)

Enabled by defaultEvents per second (default = 1)
125001660System

DROP UDP TROJAN DNS
Query to Cerber Domain
(kwrd4f.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (kwrd4f.bid)

Enabled by defaultEvents per second (default = 1)
125001661System

DROP TCP TROJAN DNS
Query to Cerber Domain
(kwrd4f.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (kwrd4f.bid)

Enabled by defaultEvents per second (default = 1)
125001662System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ihuk7s.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ihuk7s.top)

Enabled by defaultEvents per second (default = 1)
125001663System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ihuk7s.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ihuk7s.top)

Enabled by defaultEvents per second (default = 1)
125001664System

DROP UDP TROJAN DNS
Query to Cerber Domain
(4bx196.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (4bx196.top)

Enabled by defaultEvents per second (default = 1)
125001665System


DROP TCP TROJAN DNS
Query to Cerber Domain
(4bx196.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (4bx196.top)

Enabled by defaultEvents per second (default = 1)
125001666System


DROP UDP TROJAN DNS
Query to Cerber Domain
(lt0h7j.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (lt0h7j.top)

Enabled by defaultEvents per second (default = 1)
125001667System

DROP TCP TROJAN DNS
Query to Cerber Domain
(lt0h7j.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (lt0h7j.top)

Enabled by defaultEvents per second (default = 1)
125001668System

DROP UDP TROJAN DNS
Query to Cerber Domain
(y9kxz2.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (y9kxz2.bid)

Enabled by defaultEvents per second (default = 1)
125001669System

DROP TCP TROJAN DNS
Query to Cerber Domain
(y9kxz2.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (y9kxz2.bid)

Enabled by defaultEvents per second (default = 1)
125001670System

DROP UDP TROJAN DNS
Query to Cerber Domain
(p93w1x.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (p93w1x.bid)

Enabled by defaultEvents per second (default = 1)
125001671System

DROP TCP TROJAN DNS
Query to Cerber Domain
(p93w1x.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (p93w1x.bid)

Enabled by defaultEvents per second (default = 1)
125001672System

DROP UDP TROJAN DNS
Query to Cerber Domain
(gxccir.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (gxccir.bid)

Enabled by defaultEvents per second (default = 1)
125001673System

DROP TCP TROJAN DNS
Query to Cerber Domain
(gxccir.bid)"

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (gxccir.bid)

Enabled by defaultEvents per second (default = 1)
125001674System

DROP UDP TROJAN DNS
Query to Cerber Domain
(34o9h1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (34o9h1.bid)

Enabled by defaultEvents per second (default = 1)
125001675System

DROP TCP TROJAN DNS
Query to Cerber Domain
(34o9h1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (34o9h1.bid)

Enabled by defaultEvents per second (default = 1)
125001676System

DROP UDP TROJAN DNS
Query to Cerber Domain
(hci9di.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (hci9di.bid)

Enabled by defaultEvents per second (default = 1)
125001677System

DROP TCP TROJAN DNS
Query to Cerber Domain
(hci9di.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (hci9di.bid)

Enabled by defaultEvents per second (default = 1)
125001678System

DROP UDP TROJAN DNS
Query to Cerber Domain
(vrgdrs.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (vrgdrs.top)

Enabled by defaultEvents per second (default = 1)
125001679System

DROP TCP TROJAN DNS
Query to Cerber Domain
(vrgdrs.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (vrgdrs.top)

Enabled by defaultEvents per second (default = 1)
125001680System

DROP UDP TROJAN DNS
Query to Cerber Domain
(tmfl6g.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (tmfl6g.bid)

Enabled by defaultEvents per second (default = 1)
125001681System

DROP TCP TROJAN DNS
Query to Cerber Domain
(tmfl6g.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (tmfl6g.bid)

Enabled by defaultEvents per second (default = 1)
125001682System

DROP UDP TROJAN DNS
Query to Cerber Domain
(y7603i.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (y7603i.bid)

Enabled by defaultEvents per second (default = 1)
125001683System

DROP TCP TROJAN DNS
Query to Cerber Domain
(y7603i.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (y7603i.bid)

Enabled by defaultEvents per second (default = 1)
125001684System

DROP UDP TROJAN DNS
Query to Cerber Domain
(1m47ka.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (1m47ka.bid)

Enabled by defaultEvents per second (default = 1)
125001685System

DROP TCP TROJAN DNS
Query to Cerber Domain
(1m47ka.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (1m47ka.bid)

Enabled by defaultEvents per second (default = 1)
125001686System

DROP UDP TROJAN DNS
Query to Cerber Domain
(c4cwr4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (c4cwr4.bid)

Enabled by defaultEvents per second (default = 1)
125001687System

DROP TCP TROJAN DNS
Query to Cerber Domain
(c4cwr4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (c4cwr4.bid)

Enabled by defaultEvents per second (default = 1)
125001688System

DROP UDP TROJAN DNS
Query to Cerber Domain
(jo73jn.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (jo73jn.bid)

Enabled by defaultEvents per second (default = 1)
125001689System

DROP TCP TROJAN DNS
Query to Cerber Domain
(jo73jn.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (jo73jn.bid)

Enabled by defaultEvents per second (default = 1)
125001690System

DROP UDP TROJAN DNS
Query to Cerber Domain
(chnbyl.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (chnbyl.bid)

Enabled by defaultEvents per second (default = 1)
125001691System

DROP TCP TROJAN DNS
Query to Cerber Domain
(chnbyl.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (chnbyl.bid)

Enabled by defaultEvents per second (default = 1)
125001692System

DROP UDP TROJAN DNS
Query to Cerber Domain
(735giv.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (735giv.top)

Enabled by defaultEvents per second (default = 1)
125001693System

DROP TCP TROJAN DNS
Query to Cerber Domain
(735giv.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (735giv.top)

Enabled by defaultEvents per second (default = 1)
125001694System

DROP UDP TROJAN DNS
Query to Cerber Domain
(6cfu46.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (6cfu46.bid)

Enabled by defaultEvents per second (default = 1)
125001695System

DROP TCP TROJAN DNS
Query to Cerber Domain
(6cfu46.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (6cfu46.bid)

Enabled by defaultEvents per second (default = 1)
125001696System

DROP UDP TROJAN DNS
Query to Cerber Domain
(odllm3.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (odllm3.bid)

Enabled by defaultEvents per second (default = 1)
125001697System

DROP TCP TROJAN DNS
Query to Cerber Domain
(odllm3.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (odllm3.bid)

Enabled by defaultEvents per second (default = 1)
125001698System

DROP UDP TROJAN DNS
Query to Cerber Domain
(vth4o4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (vth4o4.bid)

Enabled by defaultEvents per second (default = 1)
125001699System

DROP TCP TROJAN DNS
Query to Cerber Domain
(vth4o4.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (vth4o4.bid)

Enabled by defaultEvents per second (default = 1)
125001700System

DROP UDP POLICY
Android Adups
Firmware DNS Query
(bigdata.adups.com)

This rule drops POLICY
Android Adups Firmware DNS
Query using UDP
(bigdata.adups.com)

Enabled by defaultEvents per second (default = 1)
125001701System

DROP TCP POLICY
Android Adups
Firmware DNS Query
(bigdata.adups.com)

This rule drops POLICY
Android Adups Firmware DNS
Query using TCP
(bigdata.adups.com)

Enabled by defaultEvents per second (default = 1)
125001702System

DROP UDP POLICY
Android Adups
Firmware DNS Query
(bigdata.adsunflower.c
om)

This rule drops POLICY
Android Adups Firmware DNS
Query using UDP
(bigdata.adsunflower.com)

Enabled by defaultEvents per second (default = 1)
125001703System

DROP TCP POLICY
Android Adups
Firmware DNS Query
(bigdata.adsunflower.c
om)

This rule drops POLICY
Android Adups Firmware DNS
Query using TCP
(bigdata.adsunflower.com)

Enabled by defaultEvents per second (default = 1)
125001704System

DROP UDP POLICY
Android Adups
Firmware DNS Query
(bigdata.adfuture.cn)

This rule drops POLICY
Android Adups Firmware DNS
Query using UDP
(bigdata.adfuture.cn)

Enabled by defaultEvents per second (default = 1)
125001705System

DROP TCP POLICY
Android Adups
Firmware DNS Query
(bigdata.adfuture.cn)

This rule drops POLICY
Android Adups Firmware DNS
Query using TCP
(bigdata.adfuture.cn)

Enabled by defaultEvents per second (default = 1)
125001706System

DROP UDP POLICY
Android Adups
Firmware DNS Query
(bigdata.advmob.cn)

This rule drops POLICY
Android Adups Firmware DNS
Query using UDP
(bigdata.advmob.cn)

Enabled by defaultEvents per second (default = 1)
125001707System

DROP TCP POLICY
Android Adups
Firmware DNS Query
(bigdata.advmob.cn)

This rule drops POLICY
Android Adups Firmware DNS
Query using TCP
(bigdata.advmob.cn)

Enabled by defaultEvents per second (default = 1)
125001708System

DROP UDP POLICY
Android Adups
Firmware DNS Query
(rebootv5.adsunflower.
com)

This rule drops POLICY
Android Adups Firmware DNS
Query using UDP
(rebootv5.adsunflower.com)

Enabled by defaultEvents per second (default = 1)
125001709System

DROP TCP POLICY
Android Adups
Firmware DNS Query
(rebootv5.adsunflower.
com)

This rule drops POLICY
Android Adups Firmware DNS
Query using TCP
(rebootv5.adsunflower.com)

Enabled by defaultEvents per second (default = 1)
125001710System

DROP UDP TROJAN
XRatLocker/AiraCrop
Ransomware Payment
Domain
(6kaqkavhpu5dln6x)

This rule drops TROJAN
XRatLocker/AiraCrop
Ransomware Payment Domain
using UDP
(6kaqkavhpu5dln6x)

Enabled by defaultEvents per second (default = 1)
125001711System

DROP TCP TROJAN
XRatLocker/AiraCrop
Ransomware Payment
Domain
(6kaqkavhpu5dln6x)

This rule drops TROJAN
XRatLocker/AiraCrop
Ransomware Payment Domain
using TCP
(6kaqkavhpu5dln6x)

Enabled by defaultEvents per second (default = 1)
125001712System

DROP UDP TROJAN
XRatLocker/AiraCrop
Ransomware Payment
Domain
(mvy3kbqc4adhosdy)

This rule drops TROJAN
XRatLocker/AiraCrop
Ransomware Payment Domain
using UDP
(mvy3kbqc4adhosdy)

Enabled by defaultEvents per second (default = 1)
125001713System

DROP TCP TROJAN
XRatLocker/AiraCrop
Ransomware Payment
Domain
(mvy3kbqc4adhosdy)

This rule drops TROJAN
XRatLocker/AiraCrop
Ransomware Payment Domain
using TCP
(mvy3kbqc4adhosdy)

Enabled by defaultEvents per second (default = 1)
125001714System

DROP UDP TROJAN
KeyBoy DNS UDP
Lookup
(www.about.jkub.com)

This rule drops TROJAN KeyBoy
DNS Lookup using UDP
(www.about.jkub.com)

Enabled by defaultEvents per second (default = 1)
125001715System

DROP TCP TROJAN
KeyBoy DNS TCP
Lookup
(www.about.jkub.com)

This rule drops TROJAN KeyBoy
DNS Lookup using TCP
(www.about.jkub.com)

Enabled by defaultEvents per second (default = 1)
125001716System

DROP UDP TROJAN
KeyBoy DNS UDP
Lookup
(www.eleven.mypop3.o
rg)

This rule drops TROJAN KeyBoy
DNS Lookup using UDP
(www.eleven.mypop3.org)

Enabled by defaultEvents per second (default = 1)
125001717System

DROP TCP TROJAN
KeyBoy DNS TCP
Lookup
(www.eleven.mypop3.o
rg)

This rule drops TROJAN KeyBoy
DNS Lookup using TCP
(www.eleven.mypop3.org)

Enabled by defaultEvents per second (default = 1)
125001718System

DROP UDP TROJAN
KeyBoy DNS UDP
Lookup
(www.backus.myftp.na
me)

This rule drops TROJAN KeyBoy
DNS Lookup using UDP
(www.backus.myftp.name)

Enabled by defaultEvents per second (default = 1)
125001719System

DROP TCP TROJAN
KeyBoy DNS TCP
Lookup
(www.backus.myftp.na
me)

This rule drops TROJAN KeyBoy
DNS Lookup using TCP
(www.backus.myftp.name)

Enabled by defaultEvents per second (default = 1)
125001720System

DROP UDP TROJAN
KeyBoy DNS UDP
Lookup
(tibetvoices.com)

This rule drops TROJAN KeyBoy
DNS Lookup using UDP
(tibetvoices.com)

Enabled by defaultEvents per second (default = 1)
125001721System

DROP TCP TROJAN
KeyBoy DNS TCP
Lookup
(tibetvoices.com)

This rule drops TROJAN KeyBoy
DNS Lookup using TCP
(tibetvoices.com)

Enabled by defaultEvents per second (default = 1)
125001722System

DROP UDP
MOBILE_MALWARE
Android.Trojan.InfoStea
ler.IB .onion Proxy
Domain
(wwqm6tb4ba52mlzk)

This rule drops
MOBILE_MALWARE
Android.Trojan.InfoStealer.IB
.onion Proxy Domain Lookup
using UDP
(wwqm6tb4ba52mlzk)

Enabled by defaultEvents per second (default = 1)
125001723System

DROP TCP
MOBILE_MALWARE
Android.Trojan.InfoStea
ler.IB .onion Proxy
Domain
(wwqm6tb4ba52mlzk)

This rule drops
MOBILE_MALWARE
Android.Trojan.InfoStealer.IB
.onion Proxy Domain Lookup
using TCP
(wwqm6tb4ba52mlzk)

Enabled by defaultEvents per second (default = 1)
125001724System

DROP UDP TROJAN
Win32/Ranscrape
Ransomware Onion
Domain UDP Lookup
(dxostywsduvmn6ra)

This rule drops TROJAN
Win32/Ranscrape
Ransomware Onion Domain
Lookup using UDP
(dxostywsduvmn6ra)

Enabled by defaultEvents per second (default = 1)
125001725System

DROP TCP TROJAN
Win32/Ranscrape
Ransomware Onion
Domain TCP Lookup
(dxostywsduvmn6ra)

This rule drops TROJAN
Win32/Ranscrape
Ransomware Onion Domain
Lookup using TCP
(dxostywsduvmn6ra)

Enabled by defaultEvents per second (default = 1)
125001726System

DROP UDP TROJAN DNS
Query to Cerber Domain
(m5o4p2.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (m5o4p2.top)

Enabled by defaultEvents per second (default = 1)
125001727System

DROP TCP TROJAN DNS
Query to Cerber Domain
(m5o4p2.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (m5o4p2.top)

Enabled by defaultEvents per second (default = 1)
125001728System

DROP UDP TROJAN DNS
Query to Cerber Domain
(t6ueop.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (t6ueop.bid)

Enabled by defaultEvents per second (default = 1)
125001729System

DROP TCP TROJAN DNS
Query to Cerber Domain
(t6ueop.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (t6ueop.bid)

Enabled by defaultEvents per second (default = 1)
125001730System

DROP UDP TROJAN DNS
Query to Cerber Domain
(w19ftt.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (w19ftt.bid)

Enabled by defaultEvents per second (default = 1)
125001731System

DROP TCP TROJAN DNS
Query to Cerber Domain
(w19ftt.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (w19ftt.bid)

Enabled by defaultEvents per second (default = 1)
125001732System

DROP UDP TROJAN DNS
Query to Cerber Domain
(1p5lyh.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (1p5lyh.top)

Enabled by defaultEvents per second (default = 1)
125001733System

DROP TCP TROJAN DNS
Query to Cerber Domain
(1p5lyh.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (1p5lyh.top)

Enabled by defaultEvents per second (default = 1)
125001734System

DROP UDP TROJAN DNS
Query to Cerber Domain
(u92m7j.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (u92m7j.bid)

Enabled by defaultEvents per second (default = 1)
125001735System

DROP TCP TROJAN DNS
Query to Cerber Domain
(u92m7j.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (u92m7j.bid)

Enabled by defaultEvents per second (default = 1)
125001736System

DROP UDP TROJAN DNS
Query to Cerber Domain
(5e4u7d.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (5e4u7d.bid)

Enabled by defaultEvents per second (default = 1)
125001737System

DROP TCP TROJAN DNS
Query to Cerber Domain
(5e4u7d.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (5e4u7d.bid)

Enabled by defaultEvents per second (default = 1)
125001738System

DROP UDP TROJAN DNS
Query to Cerber Domain
(n0om0m.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (n0om0m.top)

Enabled by defaultEvents per second (default = 1)
125001739System

DROP TCP TROJAN DNS
Query to Cerber Domain
(n0om0m.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (n0om0m.top)

Enabled by defaultEvents per second (default = 1)
125001740System

DROP UDP TROJAN DNS
Query to Cerber Domain
(3sc3f8.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (3sc3f8.bid)

Enabled by defaultEvents per second (default = 1)
125001741System

DROP TCP TROJAN DNS
Query to Cerber Domain
(3sc3f8.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (3sc3f8.bid)

Enabled by defaultEvents per second (default = 1)
125001742System

DROP UDP TROJAN DNS
Query to Cerber Domain
(adr3ju.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (adr3ju.bid)

Enabled by defaultEvents per second (default = 1)
125001743System

DROP TCP TROJAN DNS
Query to Cerber Domain
(adr3ju.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (adr3ju.bid)

Enabled by defaultEvents per second (default = 1)
125001744System

DROP UDP TROJAN DNS
Query to Cerber Domain
(kfymbh.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (kfymbh.top)

Enabled by defaultEvents per second (default = 1)
125001745System

DROP TCP TROJAN DNS
Query to Cerber Domain
(kfymbh.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (kfymbh.top)

Enabled by defaultEvents per second (default = 1)
125001746System

DROP UDP TROJAN
APT28/SEDNIT XAgent
DNS UDP Lookup
(appservicegroup.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using UDP
(appservicegroup.com)

Enabled by defaultEvents per second (default = 1)
125001747System

DROP TCP TROJAN
APT28/SEDNIT XAgent
DNS TCP Lookup
(appservicegroup.com)

This rule drops TROJAN
APT28/SEDNIT XAgent DNS
Lookup using TCP
(appservicegroup.com)

Enabled by defaultEvents per second (default = 1)
125001748System

DROP UDP TROJAN DNS
Query to Cerber Domain
(gxty7j.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (gxty7j.top)

Enabled by defaultEvents per second (default = 1)
125001749System

DROP TCP TROJAN DNS
Query to Cerber Domain
(gxty7j.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (gxty7j.top)

Enabled by defaultEvents per second (default = 1)
125001750System

DROP UDP TROJAN DNS
Query to Cerber Domain
(9c431m.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (9c431m.bid)

Enabled by defaultEvents per second (default = 1)
125001751System

DROP TCP TROJAN DNS
Query to Cerber Domain
(9c431m.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (9c431m.bid)

Enabled by defaultEvents per second (default = 1)
125001752System

DROP UDP TROJAN DNS
Query to Cerber Domain
(u9fcji.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (u9fcji.bid)

Enabled by defaultEvents per second (default = 1)
125001753System

DROP TCP TROJAN DNS
Query to Cerber Domain
(u9fcji.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (u9fcji.bid)

Enabled by defaultEvents per second (default = 1)
125001754System

DROP UDP TROJAN DNS
Query to Cerber Domain
(5i0ukv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (5i0ukv.bid)

Enabled by defaultEvents per second (default = 1)
125001755System

DROP TCP TROJAN DNS
Query to Cerber Domain
(5i0ukv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (5i0ukv.bid)

Enabled by defaultEvents per second (default = 1)
125001756System

DROP UDP TROJAN DNS
Query to Cerber Domain
(7a07br.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (7a07br.bid)

Enabled by defaultEvents per second (default = 1)
125001757System

DROP TCP TROJAN DNS
Query to Cerber Domain
(7a07br.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (7a07br.bid)

Enabled by defaultEvents per second (default = 1)
125001758System

DROP UDP TROJAN DNS
Query to Cerber Domain
(3buvlc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (3buvlc.bid)

Enabled by defaultEvents per second (default = 1)
125001759System

DROP TCP TROJAN DNS
Query to Cerber Domain
(3buvlc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (3buvlc.bid)

Enabled by defaultEvents per second (default = 1)
125001760System

DROP UDP TROJAN DNS
Query to Cerber Domain
(zz3w5l.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zz3w5l.bid)

Enabled by defaultEvents per second (default = 1)
125001761System

DROP TCP TROJAN DNS
Query to Cerber Domain
(zz3w5l.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zz3w5l.bid)

Enabled by defaultEvents per second (default = 1)
125001762System

DROP UDP TROJAN DNS
Query to Cerber Domain
(19wkwf.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (19wkwf.top)

Enabled by defaultEvents per second (default = 1)
125001763System

DROP TCP TROJAN DNS
Query to Cerber Domain
(19wkwf.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (19wkwf.top)

Enabled by defaultEvents per second (default = 1)
125001764System

DROP UDP TROJAN DNS
Query to Cerber Domain
(v4nus1.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (v4nus1.top)

Enabled by defaultEvents per second (default = 1)
125001765System

DROP TCP TROJAN DNS
Query to Cerber Domain
(v4nus1.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (v4nus1.top)

Enabled by defaultEvents per second (default = 1)
125001766System

DROP UDP TROJAN DNS
Query to Cerber Domain
(x8p2m7.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (x8p2m7.bid)

Enabled by defaultEvents per second (default = 1)
125001767System

DROP TCP TROJAN DNS
Query to Cerber Domain
(x8p2m7.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (x8p2m7.bid)

Enabled by defaultEvents per second (default = 1)
125001768System

DROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup (compoz.at)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(compoz.at)

Enabled by defaultEvents per second (default = 1)
125001769System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup (compoz.at)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(compoz.at)

Enabled by defaultEvents per second (default = 1)
125001770System

DROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup (publand.pw)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(publand.pw)

Enabled by defaultEvents per second (default = 1)
125001771System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup (publand.pw)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(publand.pw)

Enabled by defaultEvents per second (default = 1)
125001772System

DROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup
(crickettutorial.cc)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(crickettutorial.cc)

Enabled by defaultEvents per second (default = 1)
125001773System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup
(crickettutorial.cc)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(crickettutorial.cc)

Enabled by defaultEvents per second (default = 1)
125001774System

DROP UDP TROJAN DNS
Query to Cerber Domain
(9mu6vk.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (9mu6vk.top)

Enabled by defaultEvents per second (default = 1)
125001775System

DROP TCP TROJAN DNS
Query to Cerber Domain
(9mu6vk.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (9mu6vk.top)

Enabled by defaultEvents per second (default = 1)
125001776System

DROP UDP TROJAN DNS
Query to Cerber Domain
(psrd32.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (psrd32.bid)

Enabled by defaultEvents per second (default = 1)
125001777System

DROP TCP TROJAN DNS
Query to Cerber Domain
(psrd32.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (psrd32.bid)

Enabled by defaultEvents per second (default = 1)
125001778System

DROP UDP TROJAN DNS
Query to Cerber Domain
(jwi2ek.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (jwi2ek.bid)

Enabled by defaultEvents per second (default = 1)
125001779System

DROP TCP TROJAN DNS
Query to Cerber Domain
(jwi2ek.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (jwi2ek.bid)

Enabled by defaultEvents per second (default = 1)
125001780System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ffsm1a.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ffsm1a.bid)

Enabled by defaultEvents per second (default = 1)
125001781System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ffsm1a.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ffsm1a.bid)

Enabled by defaultEvents per second (default = 1)
125001782System

DROP UDP TROJAN DNS
Query to Cerber Domain
(1blwcn.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (1blwcn.top)

Enabled by defaultEvents per second (default = 1)
125001783System

DROP TCP TROJAN DNS
Query to Cerber Domain
(1blwcn.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (1blwcn.top)

Enabled by defaultEvents per second (default = 1)
125001784System

DROP UDP TROJAN DNS
Query to Cerber Domain
(zu3fzc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zu3fzc.bid)

Enabled by defaultEvents per second (default = 1)
125001785System

DROP TCP TROJAN DNS
Query to Cerber Domain
(zu3fzc.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zu3fzc.bid)

Enabled by defaultEvents per second (default = 1)
125001786System

DROP UDP TROJAN DNS
Query to Cerber Domain
(r38w54.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (r38w54.top)

Enabled by defaultEvents per second (default = 1)
125001787System

DROP TCP TROJAN DNS
Query to Cerber Domain
(r38w54.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (r38w54.top)

Enabled by defaultEvents per second (default = 1)
125001788System

DROP UDP TROJAN DNS
Query to Cerber Domain
(0v7hry.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (0v7hry.bid)

Enabled by defaultEvents per second (default = 1)
125001789System

DROP TCP TROJAN DNS
Query to Cerber Domain
(0v7hry.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (0v7hry.bid)

Enabled by defaultEvents per second (default = 1)
125001790System

DROP UDP TROJAN DNS
Query to Cerber Domain
(tsrwj3.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (tsrwj3.top)

Enabled by defaultEvents per second (default = 1)
125001791System

DROP TCP TROJAN DNS
Query to Cerber Domain
(tsrwj3.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (tsrwj3.top)

Enabled by defaultEvents per second (default = 1)
125001792System

DROP UDP TROJAN DNS
Query to Cerber Domain
(zi842m.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zi842m.bid)

Enabled by defaultEvents per second (default = 1)
125001793System

DROP TCP TROJAN DNS
Query to Cerber Domain
(zi842m.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zi842m.bid)

Enabled by defaultEvents per second (default = 1)
125001794System

DROP UDP TROJAN DNS
Query to Cerber Domain
(19jmfr.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (19jmfr.top)

Enabled by defaultEvents per second (default = 1)
125001795System

DROP TCP TROJAN DNS
Query to Cerber Domain
(19jmfr.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (19jmfr.top)

Enabled by defaultEvents per second (default = 1)
125001796System

DROP UDP TROJAN DNS
Query to Cerber Domain
(7jrv53.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (7jrv53.bid)

Enabled by defaultEvents per second (default = 1)
125001797System

DROP TCP TROJAN DNS
Query to Cerber Domain
(7jrv53.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (7jrv53.bid)

Enabled by defaultEvents per second (default = 1)
125001798System

DROP UDP TROJAN DNS
Query to Cerber Domain
(axu3u8.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (axu3u8.bid)

Enabled by defaultEvents per second (default = 1)
125001799System

DROP TCP TROJAN DNS
Query to Cerber Domain
(axu3u8.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (axu3u8.bid)

Enabled by defaultEvents per second (default = 1)
125001800System

DROP UDP TROJAN DNS
Query to Cerber Domain
(e6cf2t.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (e6cf2t.bid)

Enabled by defaultEvents per second (default = 1)
125001801System

DROP TCP TROJAN DNS
Query to Cerber Domain
(e6cf2t.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (e6cf2t.bid)

Enabled by defaultEvents per second (default = 1)
125001802System

DROP UDP TROJAN DNS
Query to Cerber Domain
(6tjvli.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (6tjvli.bid)

Enabled by defaultEvents per second (default = 1)
125001803System

DROP TCP TROJAN DNS
Query to Cerber Domain
(6tjvli.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (6tjvli.bid)

Enabled by defaultEvents per second (default = 1)
125001804System

DROP UDP TROJAN DNS
Query to Cerber Domain
(b31wkh.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (b31wkh.bid)

Enabled by defaultEvents per second (default = 1)
125001805System

DROP TCP TROJAN DNS
Query to Cerber Domain
(b31wkh.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (b31wkh.bid)

Enabled by defaultEvents per second (default = 1)
125001806System

DROP UDP TROJAN DNS
Query to Cerber Domain
(li5nz3.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (li5nz3.bid)

Enabled by defaultEvents per second (default = 1)
125001807System

DROP TCP TROJAN DNS
Query to Cerber Domain
(li5nz3.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (li5nz3.bid)

Enabled by defaultEvents per second (default = 1)
125001808System

DROP UDP TROJAN DNS
Query to Cerber Domain
(oxmffh.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (oxmffh.bid)

Enabled by defaultEvents per second (default = 1)
125001809System

DROP TCP TROJAN DNS
Query to Cerber Domain
(oxmffh.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (oxmffh.bid)

Enabled by defaultEvents per second (default = 1)
125001810System

DROP UDP TROJAN DNS
Query to Cerber Domain
(41c920.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (41c920.top)

Enabled by defaultEvents per second (default = 1)
125001811System

DROP TCP TROJAN DNS
Query to Cerber Domain
(41c920.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (41c920.top)

Enabled by defaultEvents per second (default = 1)
125001812System

DROP UDP TROJAN DNS
Query to Cerber Domain
(531sol.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (531sol.bid)

Enabled by defaultEvents per second (default = 1)
125001813System

DROP TCP TROJAN DNS
Query to Cerber Domain
(531sol.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (531sol.bid)

Enabled by defaultEvents per second (default = 1)
125001814System

DROP UDP TROJAN
Possible XAgent APT28
DNS UDP Lookup
(protectingcorpind.com
)

This rule drops TROJAN
Possible XAgent APT28 DNS
Lookup using UDP
(protectingcorpind.com)

Enabled by defaultEvents per second (default = 1)
125001815System

DROP TCP TROJAN
Possible XAgent APT28
DNS TCP Lookup
(protectingcorpind.com
)

This rule drops TROJAN
Possible XAgent APT28 DNS
Lookup using TCP
(protectingcorpind.com)

Enabled by defaultEvents per second (default = 1)
125001816System

DROP UDP TROJAN
Observed Malicious
DNS Query (FlokiBot
CnC)
(adultgirlmail.com)

This rule drops TROJAN
Observed Malicious DNS
Query (FlokiBot CnC) using
UDP (adultgirlmail.com)

Enabled by defaultEvents per second (default = 1)
125001817System

DROP TCP TROJAN
Observed Malicious
DNS Query (FlokiBot
CnC)
(adultgirlmail.com)

This rule drops TROJAN
Observed Malicious DNS
Query (FlokiBot CnC) using
TCP (adultgirlmail.com)

Enabled by defaultEvents per second (default = 1)
125001818System

DROP UDP TROJAN DNS
Query to Cerber Domain
(rudjg0.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (rudjg0.bid)

Enabled by defaultEvents per second (default = 1)
125001819System

DROP TCP TROJAN DNS
Query to Cerber Domain
(rudjg0.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (rudjg0.bid)

Enabled by defaultEvents per second (default = 1)
125001820System

DROP TCP TROJAN DNS
Query to Cerber Domain
(w67y8u.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (w67y8u.bid)

Enabled by defaultEvents per second (default = 1)
125001821System

DROP TCP TROJAN DNS
Query to Cerber Domain
(w67y8u.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (w67y8u.bid)

Enabled by defaultEvents per second (default = 1)
125001822System

DROP UDP TROJAN DNS
Query to Cerber Domain
(b14kkk.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (b14kkk.bid)

Enabled by defaultEvents per second (default = 1)
125001823System

DROP TCP TROJAN DNS
Query to Cerber Domain
(b14kkk.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (b14kkk.bid)

Enabled by defaultEvents per second (default = 1)
125001824System

DROP UDP TROJAN DNS
Query to Cerber Domain
(1zdllt.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (1zdllt.bid)

Enabled by defaultEvents per second (default = 1)
125001825System

DROP TCP TROJAN DNS
Query to Cerber Domain
(1zdllt.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (1zdllt.bid)

Enabled by defaultEvents per second (default = 1)
125001826System

DROP UDP TROJAN DNS
Query to Cerber Domain
(vwgxhm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (vwgxhm.bid)

Enabled by defaultEvents per second (default = 1)
125001827System

DROP TCP TROJAN DNS
Query to Cerber Domain
(vwgxhm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (vwgxhm.bid)

Enabled by defaultEvents per second (default = 1)
125001828System

DROP UDP TROJAN DNS
Query to Cerber Domain
(hy6dxo.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (hy6dxo.bid)

Enabled by defaultEvents per second (default = 1)
125001829System

DROP TCP TROJAN DNS
Query to Cerber Domain
(hy6dxo.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (hy6dxo.bid)

Enabled by defaultEvents per second (default = 1)
125001830System

DROP UDP TROJAN DNS
Query to Cerber Domain
(v0xn1i.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (v0xn1i.bid)

Enabled by defaultEvents per second (default = 1)
125001831System

DROP TCP TROJAN DNS
Query to Cerber Domain
(v0xn1i.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (v0xn1i.bid)

Enabled by defaultEvents per second (default = 1)
125001832System

DROP UDP TROJAN DNS
Query to Cerber Domain
(z8rkat.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (z8rkat.bid)

Enabled by defaultEvents per second (default = 1)
125001833System

DROP TCP TROJAN DNS
Query to Cerber Domain
(z8rkat.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (z8rkat.bid)

Enabled by defaultEvents per second (default = 1)
125001834System

DROP UDP TROJAN DNS
Query to Cerber Domain
(o83838.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (o83838.bid)

Enabled by defaultEvents per second (default = 1)
125001835System

DROP TCP TROJAN DNS
Query to Cerber Domain
(o83838.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (o83838.bid)

Enabled by defaultEvents per second (default = 1)
125001836System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ev99l6.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ev99l6.bid)

Enabled by defaultEvents per second (default = 1)
125001837System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ev99l6.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ev99l6.bid)

Enabled by defaultEvents per second (default = 1)
125001838System

DROP UDP TROJAN
Zbot!ZA .onion Proxy
Domain
(kcmtx56lszujhq6f)

This rule drops TROJAN
Zbot!ZA .onion Proxy Domain
Lookup using UDP
(kcmtx56lszujhq6f)

Enabled by defaultEvents per second (default = 1)
125001839System

DROP TCP TROJAN
Zbot!ZA .onion Proxy
Domain
(kcmtx56lszujhq6f)

This rule drops TROJAN
Zbot!ZA .onion Proxy Domain
Lookup using TCP
(kcmtx56lszujhq6f)

Enabled by defaultEvents per second (default = 1)
125001840System

DROP UDP TROJAN
APT28 DealersChoice
DNS UDP Lookup
(globalresearching.org)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using UDP
(globalresearching.org)

Enabled by defaultEvents per second (default = 1)
125001841System

DROP TCP TROJAN
APT28 DealersChoice
DNS TCP Lookup
(globalresearching.org)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using TCP
(globalresearching.org)

Enabled by defaultEvents per second (default = 1)
125001842System

DROP UDP TROJAN
APT28 DealersChoice
DNS UDP Lookup
(shcserv.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using UDP (shcserv.com)

Enabled by defaultEvents per second (default = 1)
125001843System

DROP TCP TROJAN
APT28 DealersChoice
DNS TCP Lookup
(shcserv.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using TCP (shcserv.com)

Enabled by defaultEvents per second (default = 1)
125001844System

DROP UDP TROJAN
APT28 DealersChoice
DNS UDP Lookup
(adobeupgradeflash.co
m)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using UDP
(adobeupgradeflash.com)

Enabled by defaultEvents per second (default = 1)
125001845System

DROP TCP TROJAN
APT28 DealersChoice
DNS TCP Lookup
(adobeupgradeflash.co
m)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using TCP
(adobeupgradeflash.com)

Enabled by defaultEvents per second (default = 1)
125001846System

DROP UDP TROJAN DNS
Query to Cerber Domain
(o5b17o.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (o5b17o.top)

Enabled by defaultEvents per second (default = 1)
125001847System

DROP TCP TROJAN DNS
Query to Cerber Domain
(o5b17o.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (o5b17o.top)

Enabled by defaultEvents per second (default = 1)
125001848System

DROP UDP TROJAN DNS
Query to Cerber Domain
(wk0295.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (wk0295.top)

Enabled by defaultEvents per second (default = 1)
125001849System

DROP TCP TROJAN DNS
Query to Cerber Domain
(wk0295.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (wk0295.top)

Enabled by defaultEvents per second (default = 1)
125001850System

DROP UDP TROJAN DNS
Query to Cerber Domain
(yv3uwa.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (yv3uwa.bid)

Enabled by defaultEvents per second (default = 1)
125001851System

DROP TCP TROJAN DNS
Query to Cerber Domain
(yv3uwa.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (yv3uwa.bid)

Enabled by defaultEvents per second (default = 1)
125001852System

DROP UDP TROJAN DNS
Query to Cerber Domain
(zjfbxy.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zjfbxy.top)

Enabled by defaultEvents per second (default = 1)
125001853System

DROP TCP TROJAN DNS
Query to Cerber Domain
(zjfbxy.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zjfbxy.top)

Enabled by defaultEvents per second (default = 1)
125001854System

DROP UDP TROJAN DNS
Query to Cerber Domain
(g7rst5.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (g7rst5.bid)

Enabled by defaultEvents per second (default = 1)
125001855System

DROP TCP TROJAN DNS
Query to Cerber Domain
(g7rst5.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (g7rst5.bid)

Enabled by defaultEvents per second (default = 1)
125001856System

DROP UDP TROJAN DNS
Query to Cerber Domain
(20phzx.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (20phzx.bid)

Enabled by defaultEvents per second (default = 1)
125001857System

DROP TCP TROJAN DNS
Query to Cerber Domain
(20phzx.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (20phzx.bid)

Enabled by defaultEvents per second (default = 1)
125001858System

DROP UDP TROJAN DNS
Query to Cerber Domain
(kkkshn.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (kkkshn.bid)

Enabled by defaultEvents per second (default = 1)
125001859System

DROP TCP TROJAN DNS
Query to Cerber Domain
(kkkshn.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (kkkshn.bid)

Enabled by defaultEvents per second (default = 1)
125001860System

DROP UDP TROJAN DNS
Query to Cerber Domain
(13uvry.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (13uvry.top)

Enabled by defaultEvents per second (default = 1)
125001861System

DROP TCP TROJAN DNS
Query to Cerber Domain
(13uvry.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (13uvry.top)

Enabled by defaultEvents per second (default = 1)
125001862System

DROP UDP TROJAN DNS
Query to Cerber Domain
(zh5mu9.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (zh5mu9.bid)

Enabled by defaultEvents per second (default = 1)
125001863System

DROP TCP TROJAN DNS
Query to Cerber Domain
(zh5mu9.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (zh5mu9.bid)

Enabled by defaultEvents per second (default = 1)
125001864System

DROP UDP TROJAN DNS
Query to Cerber Domain
(nbz4dn.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (nbz4dn.top)

Enabled by defaultEvents per second (default = 1)
125001865System

DROP TCP TROJAN DNS
Query to Cerber Domain
(nbz4dn.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (nbz4dn.top)

Enabled by defaultEvents per second (default = 1)
125001866System

DROP UDP TROJAN
APT28 DealersChoice
DNS UDP Lookup
(gpufps.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using UDP (gpufps.com)

Enabled by defaultEvents per second (default = 1)
125001867System

DROP TCP TROJAN
APT28 DealersChoice
DNS TCP Lookup
(gpufps.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using TCP (gpufps.com)

Enabled by defaultEvents per second (default = 1)
125001868System

DROP UDP TROJAN
APT28 DealersChoice
DNS UDP Lookup
(adobe-flash-updates.o
rg)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using UDP
(adobe-flash-updates.org)

Enabled by defaultEvents per second (default = 1)
125001869System

DROP TCP TROJAN
APT28 DealersChoice
DNS TCP Lookup
(adobe-flash-updates.o
rg)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using TCP
(adobe-flash-updates.org)

Enabled by defaultEvents per second (default = 1)
125001870System

DROP UDP TROJAN
APT28 DealersChoice
DNS UDP Lookup
(versiontask.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using UDP (versiontask.com)

Enabled by defaultEvents per second (default = 1)
125001871System

DROP TCP TROJAN
APT28 DealersChoice
DNS TCP Lookup
(versiontask.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using TCP (versiontask.com)

Enabled by defaultEvents per second (default = 1)
125001872System

DROP UDP TROJAN
APT28 DealersChoice
DNS UDP Lookup
(webcdelivery.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using UDP (webcdelivery.com)

Enabled by defaultEvents per second (default = 1)
125001873System

DROP TCP TROJAN
APT28 DealersChoice
DNS TCP Lookup
(webcdelivery.com)

This rule drops TROJAN APT28
DealersChoice DNS Lookup
using TCP (webcdelivery.com)

Enabled by defaultEvents per second (default = 1)
125001874System

DROP UDP TROJAN DNS
Query to Cerber Domain
(88oysp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (88oysp.bid)

Enabled by defaultEvents per second (default = 1)
125001875System

DROP TCP TROJAN DNS
Query to Cerber Domain
(88oysp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (88oysp.bid)

Enabled by defaultEvents per second (default = 1)
125001876System

DROP UDP TROJAN DNS
Query to Cerber Domain
(5hmjh7.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (5hmjh7.bid)

Enabled by defaultEvents per second (default = 1)
125001877System

DROP TCP TROJAN DNS
Query to Cerber Domain
(5hmjh7.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (5hmjh7.bid)

Enabled by defaultEvents per second (default = 1)
125001878System

DROP UDP TROJAN DNS
Query to Cerber Domain
(re2b6k.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (re2b6k.bid)

Enabled by defaultEvents per second (default = 1)
125001879System

DROP TCP TROJAN DNS
Query to Cerber Domain
(re2b6k.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (re2b6k.bid)

Enabled by defaultEvents per second (default = 1)
125001880System

DROP UDP TROJAN DNS
Query to Cerber Domain
(5a2a7e.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (5a2a7e.top)

Enabled by defaultEvents per second (default = 1)
125001881System

DROP TCP TROJAN DNS
Query to Cerber Domain
(5a2a7e.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (5a2a7e.top)

Enabled by defaultEvents per second (default = 1)
125001882System

DROP UDP TROJAN DNS
Query to Cerber Domain
(9yim37.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (9yim37.top)

Enabled by defaultEvents per second (default = 1)
125001883System

DROP TCP TROJAN DNS
Query to Cerber Domain
(9yim37.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (9yim37.top)

Enabled by defaultEvents per second (default = 1)
125001884System

DROP UDP TROJAN DNS
Query to Cerber Domain
(cxbp5p.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (cxbp5p.bid)

Enabled by defaultEvents per second (default = 1)
125001885System

DROP TCP TROJAN DNS
Query to Cerber Domain
(cxbp5p.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (cxbp5p.bid)

Enabled by defaultEvents per second (default = 1)
125001886System

DROP UDP TROJAN DNS
Query to Cerber Domain
(1k1dxt.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (1k1dxt.top)

Enabled by defaultEvents per second (default = 1)
125001887System

DROP TCP TROJAN DNS
Query to Cerber Domain
(1k1dxt.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (1k1dxt.top)

Enabled by defaultEvents per second (default = 1)
125001888System

DROP UDP TROJAN DNS
Query to Cerber Domain
(p9su2u.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (p9su2u.top)

Enabled by defaultEvents per second (default = 1)
125001889System

DROP TCP TROJAN DNS
Query to Cerber Domain
(p9su2u.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (p9su2u.top)

Enabled by defaultEvents per second (default = 1)
125001890System

DROP UDP TROJAN DNS
Query to Cerber Domain
(jtdcph.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (jtdcph.bid)

Enabled by defaultEvents per second (default = 1)
125001891System

DROP TCP TROJAN DNS
Query to Cerber Domain
(jtdcph.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (jtdcph.bid)

Enabled by defaultEvents per second (default = 1)
125001892System

DROP UDP TROJAN DNS
Query to Cerber Domain
(umvv28.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (umvv28.top)

Enabled by defaultEvents per second (default = 1)
125001893System

DROP TCP TROJAN DNS
Query to Cerber Domain
(umvv28.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (umvv28.top)

Enabled by defaultEvents per second (default = 1)
125001894System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (shadiser.com)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (shadiser.com)

Enabled by defaultEvents per second (default = 1)
125001895System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (shadiser.com)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (shadiser.com)

Enabled by defaultEvents per second (default = 1)
125001896System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (eggend.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (eggend.net)

Enabled by defaultEvents per second (default = 1)
125001897System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (eggend.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (eggend.net)

Enabled by defaultEvents per second (default = 1)
125001898System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (madmags.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (madmags.org)

Enabled by defaultEvents per second (default = 1)
125001899System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (madmags.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (madmags.org)

Enabled by defaultEvents per second (default = 1)
125001900System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (busbexmeob.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (busbexmeob.net)

Enabled by defaultEvents per second (default = 1)
125001901System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (busbexmeob.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (busbexmeob.net)

Enabled by defaultEvents per second (default = 1)
125001902System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (minitrims.com)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (minitrims.com)

Enabled by defaultEvents per second (default = 1)
125001903System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (minitrims.com)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (minitrims.com)

Enabled by defaultEvents per second (default = 1)
125001904System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (mixtix.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (mixtix.net)

Enabled by defaultEvents per second (default = 1)
125001905System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (mixtix.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (mixtix.net)

Enabled by defaultEvents per second (default = 1)
125001906System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (greedlot.com)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (greedlot.com)

Enabled by defaultEvents per second (default = 1)
125001907System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (greedlot.com)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (greedlot.com)

Enabled by defaultEvents per second (default = 1)
125001908System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (trixmix.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (trixmix.net)

Enabled by defaultEvents per second (default = 1)
125001909System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (trixmix.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (trixmix.net)

Enabled by defaultEvents per second (default = 1)
125001910System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (magtabls.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (magtabls.net)

Enabled by defaultEvents per second (default = 1)
125001911System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (magtabls.net)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (magtabls.net)

Enabled by defaultEvents per second (default = 1)
125001912System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (ferklan.com)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (ferklan.com)

Enabled by defaultEvents per second (default = 1)
125001913System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (ferklan.com)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (ferklan.com)

Enabled by defaultEvents per second (default = 1)
125001914System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (blackcups.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (blackcups.org)

Enabled by defaultEvents per second (default = 1)
125001915System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (blackcups.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (blackcups.org)

Enabled by defaultEvents per second (default = 1)
125001916System

DROP UDP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (monitormail.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using UDP (monitormail.org)

Enabled by defaultEvents per second (default = 1)
125001917System

DROP TCP TROJAN
Ransomware Domain
Detected (TorrentLocker
C2) (monitormail.org)

This rule drops TROJAN
Ransomware Domain
Detected (TorrentLocker C2)
using TCP (monitormail.org)

Enabled by defaultEvents per second (default = 1)
125001918System

DROP UDP TROJAN
APT28 Uploader Variant
DNS UDP Lookup
(globaltechresearch.org
)

This rule drops TROJAN APT28
Uploader Variant DNS Lookup
using UDP
(globaltechresearch.org)

Enabled by defaultEvents per second (default = 1)
125001919System

DROP TCP TROJAN
APT28 Uploader Variant
DNS TCP Lookup
(globaltechresearch.org
)

This rule drops TROJAN APT28
Uploader Variant DNS Lookup
using TCP
(globaltechresearch.org)

Enabled by defaultEvents per second (default = 1)
125001920System

DROP UDP TROJAN
Unknown AutoIt Bot
DNS UDP Lookup
(webmail.duia.in)

This rule drops TROJAN
Unknown AutoIt Bot DNS
Lookup using UDP
(webmail.duia.in)

Enabled by defaultEvents per second (default = 1)
125001921System

DROP TCP TROJAN
Unknown AutoIt Bot
DNS TCP Lookup
(webmail.duia.in)

This rule drops TROJAN
Unknown AutoIt Bot DNS
Lookup using TCP
(webmail.duia.in)

Enabled by defaultEvents per second (default = 1)
125001922System

DROP UDP Likely
Phishing DNS UDP
Lookup (Fake MS
Service)
(0nedrive-0ffice365.co
m)

This rule drops Likely Phishing
DNS Lookup (Fake MS Service)
using UDP
(0nedrive-0ffice365.com)

Enabled by defaultEvents per second (default = 1)
125001923System

DROP TCP Likely
Phishing DNS TCP
Lookup (Fake MS
Service)
(0nedrive-0ffice365.co
m)

This rule drops Likely Phishing
DNS Lookup (Fake MS Service)
using TCP
(0nedrive-0ffice365.com)

Enabled by defaultEvents per second (default = 1)
125001924System

DROP UDP Likely
Phishing DNS UDP
Lookup (Fake MS
Service)
(office365-microsoft.co
m)

This rule drops Likely Phishing
DNS Lookup (Fake MS Service)
using UDP
(office365-microsoft.com)

Enabled by defaultEvents per second (default = 1)
125001925System

DROP TCP Likely
Phishing DNS TCP
Lookup (Fake MS
Service)
(office365-microsoft.co
m)

This rule drops Likely Phishing
DNS Lookup (Fake MS Service)
using TCP
(office365-microsoft.com)

Enabled by defaultEvents per second (default = 1)
125001926System

DROP UDP Likely
Phishing DNS UDP
Lookup (Fake MS
Service)
(onedrive-office365.co
m)

This rule drops Likely Phishing
DNS Lookup (Fake MS Service)
using UDP
(onedrive-office365.com)

Enabled by defaultEvents per second (default = 1)
125001927System

DROP TCP Likely
Phishing DNS TCP
Lookup (Fake MS
Service)
(onedrive-office365.co
m)

This rule drops Likely Phishing
DNS Lookup (Fake MS Service)
using TCP
(onedrive-office365.com)

Enabled by defaultEvents per second (default = 1)
125001928System

Enabled by defaultEvents per second (default = 1)
125001929System

DROP TCP DNSChanger
EK DNS Reply Adfraud
Server

This rule drops DNSChanger
EK DNS Reply Adfraud Server
using TCP.

Enabled by defaultEvents per second (default = 1)
125001931System


DROP TCP DNSChanger
EK DNS Reply Adfraud
Server.

This rule drops DNSChanger
EK DNS Reply Adfraud Server
using TCP.

Enabled by defaultEvents per second (default = 1)
125001932SystemDROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup (barberink.biz)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(barberink.biz)

Enabled by defaultEvents per second (default = 1)
125001933System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup (barberink.biz)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(barberink.biz)

Enabled by defaultEvents per second (default = 1)
125001934System

DROP UDP
MOBILE_MALWARE
Android/Spy.Kasandra.
A .onion Proxy Domain
(rldox4shemg7noqp)

This rule drops
MOBILE_MALWARE
Android/Spy.Kasandra.A
.onion Proxy Domain Lookup
using UDP
(rldox4shemg7noqp)

Enabled by defaultEvents per second (default = 1)
125001935System

DROP TCP
MOBILE_MALWARE
Android/Spy.Kasandra.
A .onion Proxy Domain
(rldox4shemg7noqp)

This rule drops
MOBILE_MALWARE
Android/Spy.Kasandra.A
.onion Proxy Domain Lookup
using TCP
(rldox4shemg7noqp)

Enabled by defaultEvents per second (default = 1)
125001936System

DROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup
(petrporosya.com)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using UDP
(petrporosya.com)

Enabled by defaultEvents per second (default = 1)
125001937System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup
(petrporosya.com)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(petrporosya.com)

Enabled by defaultEvents per second (default = 1)
125001938System

DROP UDP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS UDP
Lookup (castso.com)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Mar cher DNS Lookup using UDP (castso.com)

Enabled by defaultEvents per second (default = 1)
125001939System

DROP TCP
MOBILE_MALWARE
Trojan-Banker.Android
OS.Marcher DNS TCP
Lookup (castso.com)

This rule drops
MOBILE_MALWARE
Trojan-Banker.AndroidOS.Mar
cher DNS Lookup using TCP
(castso.com)

Enabled by defaultEvents per second (default = 1)
125001940System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ftch30.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ftch30.bid)

Enabled by defaultEvents per second (default = 1)
125001941System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ftch30.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ftch30.bid)

Enabled by defaultEvents per second (default = 1)
125001942System

DROP UDP TROJAN DNS Query to Cerber Domain (jnhdk3.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (jnhdk3.bid)

Enabled by defaultEvents per second (default = 1)
125001943System

DROP TCP TROJAN DNS
Query to Cerber Domain
(jnhdk3.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (jnhdk3.bid)

Enabled by defaultEvents per second (default = 1)
125001944System

DROP UDP TROJAN DNS Query to Cerber Domain (llm3m0.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (llm3m0.bid)

Enabled by defaultEvents per second (default = 1)
125001945System

DROP TCP TROJAN DNS Query to Cerber Domain (llm3m0.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (llm3m0.bid)

Enabled by defaultEvents per second (default = 1)
125001946System

DROP UDP TROJAN DNS
Query to Cerber Domain
(w22p3v.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (w22p3v.top)

Enabled by defaultEvents per second (default = 1)
125001947System

DROP TCP TROJAN DNS
Query to Cerber Domain
(w22p3v.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (w22p3v.top)

Enabled by defaultEvents per second (default = 1)
125001948System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ca15sj.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ca15sj.top).

Enabled by defaultEvents per second (default = 1)
125001949System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ca15sj.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ca15sj.top).

Enabled by defaultEvents per second (default = 1)
125001950System

DROP UDP TROJAN DNS
Query to Cerber Domain
(dybsth.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (dybsth.bid).

Enabled by defaultEvents per second (default = 1)
125001951System

DROP TCP TROJAN DNS
Query to Cerber Domain
(dybsth.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (dybsth.bid).

Enabled by defaultEvents per second (default = 1)
125001952System

DROP UDP TROJAN DNS
Query to Cerber Domain
(7m7ujm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (7m7ujm.bid)

Enabled by defaultEvents per second (default = 1)
125001953System

DROP TCP TROJAN DNS
Query to Cerber Domain
(7m7ujm.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (7m7ujm.bid)

Enabled by defaultEvents per second (default = 1)
125001954System

DROP UDP TROJAN DNS
Query to Cerber Domain
(u52m7j.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (u52m7j.bid)

Enabled by defaultEvents per second (default = 1)
125001955System

DROP TCP TROJAN DNS
Query to Cerber Domain
(u52m7j.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (u52m7j.bid)

Enabled by defaultEvents per second (default = 1)
125001956System

DROP UDP TROJAN DNS
Query to Cerber Domain
(9sfk22.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (9sfk22.bid)

Enabled by defaultEvents per second (default = 1)
125001957System

DROP TCP TROJAN DNS
Query to Cerber Domain
(9sfk22.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (9sfk22.bid)

Enabled by defaultEvents per second (default = 1)
125001958System

DROP UDP TROJAN DNS
Query to Cerber Domain
(mszbbu.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (mszbbu.bid)

Enabled by defaultEvents per second (default = 1)
125001959System

DROP TCP TROJAN DNS
Query to Cerber Domain
(mszbbu.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (mszbbu.bid)

Enabled by defaultEvents per second (default = 1)
125001960System

DROP UDP TROJAN DNS
Query to Cerber Domain
(8g1k17.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (8g1k17.bid)

Enabled by defaultEvents per second (default = 1)
125001961System

DROP TCP TROJAN DNS
Query to Cerber Domain
(8g1k17.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (8g1k17.bid)

Enabled by defaultEvents per second (default = 1)
125001962System

DROP UDP TROJAN DNS
Query to Cerber Domain
(rssh3l.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (rssh3l.bid)

Enabled by defaultEvents per second (default = 1)
125001963System

DROP TCP TROJAN DNS
Query to Cerber Domain
(rssh3l.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (rssh3l.bid)

Enabled by defaultEvents per second (default = 1)
125001964System

DROP UDP TROJAN DNS
Query to Cerber Domain
(j4cser.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (j4cser.bid)

Enabled by defaultEvents per second (default = 1)
125001965System

DROP TCP TROJAN DNS
Query to Cerber Domain
(j4cser.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (j4cser.bid)

Enabled by defaultEvents per second (default = 1)
125001966System

DROP UDP TROJAN DNS
Query to Cerber Domain
(g2svcp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (g2svcp.bid)

Enabled by defaultEvents per second (default = 1)
125001967System

DROP TCP TROJAN DNS
Query to Cerber Domain
(g2svcp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (g2svcp.bid)

Enabled by defaultEvents per second (default = 1)
125001968System

DROP UDP TROJAN DNS
Query to Cerber Domain
(l4jpwv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (l4jpwv.bid).

Enabled by defaultEvents per second (default = 1)
125001969System

DROP TCP TROJAN DNS
Query to Cerber Domain
(l4jpwv.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (l4jpwv.bid).

Enabled by defaultEvents per second (default = 1)
125001970System

DROP UDP TROJAN DNS
Query to Cerber Domain
(3t3hyf.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (3t3hyf.top)

Enabled by defaultEvents per second (default = 1)
125001971System

DROP TCP TROJAN DNS
Query to Cerber Domain
(3t3hyf.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (3t3hyf.top)

Enabled by defaultEvents per second (default = 1)
125001972System

DROP UDP TROJAN DNS
Query to Cerber Domain
(4nf7ij.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (4nf7ij.top)

Enabled by defaultEvents per second (default = 1)
125001973System

DROP TCP TROJAN DNS
Query to Cerber Domain
(4nf7ij.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (4nf7ij.top)

Enabled by defaultEvents per second (default = 1)
125001974System

DROP UDP TROJAN DNS
Query to Cerber Domain
(paahyp.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (paahyp.bid)

Enabled by defaultEvents per second (default = 1)
125001975System

DROP TCP TROJAN DNS
Query to Cerber Domain
(paahyp.bid)

This rule drops TROJAN DNS Query to Cerber

Domain using TCP (paahyp.bid)

Enabled by defaultEvents per second (default = 1)
125001976System

DROP UDP TROJAN DNS Query to Cerber

Domain (rsi6gn.top)

This rule drops TROJAN DNS
Query to Cerber

Domain using UDP (rsi6gn.top)

Enabled by defaultEvents per second (default = 1)
125001977System

DROP TCP TROJAN DNS Query to Cerber

Domain (rsi6gn.top)

This rule drops TROJAN DNS
Query to Cerber

Domain using TCP (rsi6gn.top)

Enabled by defaultEvents per second (default = 1)
125001978System

DROP UDP TROJAN DNS Query to Cerber

Domain (xf9wd1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (xf9wd1.bid)

Enabled by defaultEvents per second (default = 1)
125001979System

DROP TCP TROJAN DNS Query to Cerber

Domain (xf9wd1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (xf9wd1.bid)

Enabled by defaultEvents per second (default = 1)
125001980System

DROP UDP TROJAN DNS
Query to Cerber

Domain (zreknv.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (zreknv.bid)

Enabled by defaultEvents per second (default = 1)
125001981System

DROP TCP TROJAN DNS Query to Cerber

Domain (zreknv.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (zreknv.bid)

Enabled by defaultEvents per second (default = 1)
125001982System

DROP UDP TROJAN Donoff .onion Proxy
Domain (6ffnownlcnzlrn7w)

This rule drops TROJAN Donoff.onion Proxy Domain Lookup using UDP (6ffnownlcnzlrn7w)

Enabled by defaultEvents per second (default = 1)
125001983System

DROP TCP TROJAN Donoff .onion Proxy
Domain (6ffnownlcnzlrn7w)

This rule drops TROJAN Donoff.onion Proxy Domain Lookup using TCP (6ffnownlcnzlrn7w)

Enabled by defaultEvents per second (default = 1)
125001984System

DROP UDP TROJAN APT28 (Likely
(ssset-aljazeera.net)

This rule drops TROJAN APT28 (Likely using UDP
(ssset-aljazeera.net)

Enabled by defaultEvents per second (default = 1)
125001985System

DROP TCP TROJAN APT28 (Likely
(ssset-aljazeera.net)

This rule drops TROJAN APT28 (Likely using TCP
(ssset-aljazeera.net)

Enabled by defaultEvents per second (default = 1)
125001986System

DROP UDP TROJAN APT28 (Likely
(sset-aljazeera.net)

This rule drops TROJAN APT28 (Likely using UDP
(sset-aljazeera.net)

Enabled by defaultEvents per second (default = 1)
125001987System

DROP TCP TROJAN APT28 (Likely
(sset-aljazeera.net)

This rule drops TROJAN APT28 (Likely using TCP
(sset-aljazeera.net)

Enabled by defaultEvents per second (default = 1)
125001988System

DROP UDP TROJAN APT28 (Likely
(sset-aljazeera.com)

This rule drops TROJAN APT28 (Likely using UDP
(sset-aljazeera.com)

Enabled by defaultEvents per second (default = 1)
125001989System

DROP TCP TROJAN APT28 (Likely
(sset-aljazeera.com)

This rule drops TROJAN APT28 (Likely using TCP
(sset-aljazeera.com)

Enabled by defaultEvents per second (default = 1)
125001990System

DROP UDP TROJAN APT28 (Likely
(account-aljazeera.net)

This rule drops TROJAN APT28 (Likely using UDP
(account-aljazeera.net)

Enabled by defaultEvents per second (default = 1)
125001991System

DROP TCP TROJAN APT28 (Likely
(account-aljazeera.net)

This rule drops TROJAN APT28 (Likely using TCP
(account-aljazeera.net)

Enabled by defaultEvents per second (default = 1)
125001992System

DROP UDP TROJAN APT28 (Likely
(mail-aljazeera.net)

This rule drops TROJAN APT28 (Likely using UDP
(mail-aljazeera.net)

Enabled by defaultEvents per second (default = 1)
125001993System

DROP TCP TROJAN APT28 (Likely
(mail-aljazeera.net)

This rule drops TROJAN APT28 (Likely using TCP
(mail-aljazeera.net)

Enabled by defaultEvents per second (default = 1)
125001994System

DROP UDP TROJAN Possible Zcrypt
Ransomware Variant.onion Proxy Domain
(hfagrdfpgr4nqkfh)

This rule drops TROJAN Possible Zcrypt Ransomware Variant .onion Proxy Domain
Lookup using UDP (hfagrdfpgr4nqkfh)

Enabled by defaultEvents per second (default = 1)
125001995System

DROP TCP TROJAN Possible Zcrypt
Ransomware Variant.onion Proxy Domain
(hfagrdfpgr4nqkfh)

This rule drops TROJAN Possible Zcrypt Ransomware Variant .onion Proxy Domain
Lookup using TCP (hfagrdfpgr4nqkfh)

Enabled by defaultEvents per second (default = 1)
125001996System

DROP UDP TROJAN VBA/TrojanDownloader.Agent.CCD .onion Proxy
Domain (pvjk6aukijrdwwqs)

This rule drops TROJAN VBA/TrojanDownloader.Agent.CCD .onion Proxy Domain
Lookup using UDP (pvjk6aukijrdwwqs)

Enabled by defaultEvents per second (default = 1)
125001997System

DROP TCP TROJAN VBA/TrojanDownloader.Agent.CCD .onion Proxy
Domain (pvjk6aukijrdwwqs)

This rule drops TROJAN VBA/TrojanDownloader.Agent.CCD .onion Proxy Domain
Lookup using TCP (pvjk6aukijrdwwqs)

Enabled by defaultEvents per second (default = 1)
125001998System

DROP UDP TROJAN Donoff .onion Proxy
Domain (k33w7qn22wtk2ser)

This rule drops TROJAN Donoff .onion Proxy Domain

Lookup using UDP (k33w7qn22wtk2ser)

Enabled by defaultEvents per second (default = 1)
125001999System

DROP TCP TROJAN Donoff .onion Proxy
Domain (k33w7qn22wtk2ser)

This rule drops TROJAN Donoff.onion Proxy Domain Lookup using TCP (k33w7qn22wtk2ser)

Enabled by defaultEvents per second (default = 1)
125002000System

DROP UDP TROJAN DNS Query to Cerber Domain (r3b2sh.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (r3b2sh.top)

Enabled by defaultEvents per second (default = 1)
125002001System

DROP TCP TROJAN DNS Query to Cerber

Domain (r3b2sh.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (r3b2sh.top)

Enabled by defaultEvents per second (default = 1)
125002002System

DROP UDP TROJAN DNS Query to Cerber Domain (63rx85.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (63rx85.top)

Enabled by defaultEvents per second (default = 1)
125002003System

DROP TCP TROJAN DNS Query to Cerber Domain (63rx85.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (63rx85.top)

Enabled by defaultEvents per second (default = 1)
125002004System

DROP UDP TROJAN DNS Query to Cerber Domain (bvbg1l.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (bvbg1l.top)

Enabled by defaultEvents per second (default = 1)
125002005System

DROP TCP TROJAN DNS Query to Cerber Domain (bvbg1l.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (bvbg1l.top)

Enabled by defaultEvents per second (default = 1)
125002006System

DROP UDP TROJAN DNS Query to Cerber Domain (jnv1df.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (jnv1df.top)

Enabled by defaultEvents per second (default = 1)
125002007System

DROP TCP TROJAN DNS Query to Cerber Domain (jnv1df.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (jnv1df.top)

Enabled by defaultEvents per second (default = 1)
125002008System

DROP UDP TROJAN DNS Query to Cerber

Domain (ucrw57.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (ucrw57.top)

Enabled by defaultEvents per second (default = 1)
125002009System

DROP TCP TROJAN DNS Query to Cerber Domain (ucrw57.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (ucrw57.top)

Enabled by defaultEvents per second (default = 1)
125002010System

DROP UDP TROJAN DNS Query to Cerber

Domain (x83zw1.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (x83zw1.top)

Enabled by defaultEvents per second (default = 1)
125002011System

DROP TCP TROJAN DNS Query to Cerber

Domain (x83zw1.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (x83zw1.top)

Enabled by defaultEvents per second (default = 1)
125002012System

DROP UDP TROJAN DNS Query to Cerber Domain (bdlvdy.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (bdlvdy.top)

Enabled by defaultEvents per second (default = 1)
125002013System

DROP TCP TROJAN DNS Query to Cerber Domain (bdlvdy.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (bdlvdy.top)

Enabled by defaultEvents per second (default = 1)
125002014System

DROP UDP TROJAN DNS Query to Cerber Domain (fytfiy.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (fytfiy.top)

Enabled by defaultEvents per second (default = 1)
125002015System

DROP TCP TROJAN DNS Query to Cerber Domain (fytfiy.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (fytfiy.top)

Enabled by defaultEvents per second (default = 1)
125002016System

DROP UDP TROJAN DNS Query to Cerber Domain (t8rizh.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (t8rizh.top)

Enabled by defaultEvents per second (default = 1)
125002017System

DROP TCP TROJAN DNS Query to Cerber Domain (t8rizh.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (t8rizh.top)

Enabled by defaultEvents per second (default = 1)
125002018System

DROP UDP TROJAN DNS Query to Cerber Domain (otruw6.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (otruw6.top)

Enabled by defaultEvents per second (default = 1)
125002019System

DROP TCP TROJAN DNS Query to Cerber Domain (otruw6.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (otruw6.top)

Enabled by defaultEvents per second (default = 1)
125002020System

DROP UDP TROJAN Win32.Scar.olyu .onion

Proxy Domain (kkt7fg6khmgemz3w)

This rule drops TROJAN Win32.Scar.olyu .onion Proxy Domain

Lookup using UDP (kkt7fg6khmgemz3w)

Enabled by defaultEvents per second (default = 1)
125002021System

DROP TCP TROJAN Win32.Scar.olyu .onion
Proxy Domain (kkt7fg6khmgemz3w)

This rule drops TROJAN Win32.Scar.olyu .onion Proxy Domain

Lookup using TCP (kkt7fg6khmgemz3w)

Enabled by defaultEvents per second (default = 1)
125002022System

DROP UDP TROJAN DNS
Query to Cerber Domain (tse45f.top)

This rule drops TROJAN DNS
Query to Cerber Domain using UDP (tse45f.top)

Enabled by defaultEvents per second (default = 1)
125002023System

DROP TCP TROJAN DNS Query to Cerber Domain (tse45f.top)

This rule drops TROJAN DNS
Query to Cerber Domain using TCP (tse45f.top)

Enabled by defaultEvents per second (default = 1)
125002024System

DROP UDP TROJAN DNS
Query to Cerber Domain (voxmff.top)

This rule drops TROJAN DNS
Query to Cerber Domain using UDP (voxmff.top)

Enabled by defaultEvents per second (default = 1)
125002025System

DROP TCP TROJAN DNS
Query to Cerber Domain (voxmff.top)

This rule drops TROJAN DNS
Query to Cerber Domain using TCP (voxmff.top)

Enabled by defaultEvents per second (default = 1)
125002026System

DROP UDP TROJAN DNS
Query to Cerber Domain (3vjkdo.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (3vjkdo.top)

Enabled by defaultEvents per second (default = 1)
125002027System

DROP TCP TROJAN DNS
Query to Cerber Domain (3vjkdo.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (3vjkdo.top)

Enabled by defaultEvents per second (default = 1)
125002028System

DROP UDP TROJAN DNS
Query to Cerber Domain (2fu7bc.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (2fu7bc.top)

Enabled by defaultEvents per second (default = 1)
125002029System

DROP TCP TROJAN DNS
Query to Cerber Domain (2fu7bc.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (2fu7bc.top)

Enabled by defaultEvents per second (default = 1)
125002030System

DROP UDP TROJAN DNS
Query to Cerber Domain (4h16v3.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (4h16v3.top)

Enabled by defaultEvents per second (default = 1)
125002031System

DROP TCP TROJAN DNS
Query to Cerber Domain (4h16v3.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (4h16v3.top)

Enabled by defaultEvents per second (default = 1)
125002032System

DROP UDP TROJAN DNS Query to Cerber Domain (5m2n7x.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (5m2n7x.top)

Enabled by defaultEvents per second (default = 1)
125002033System

DROP TCP TROJAN DNS Query to Cerber Domain (5m2n7x.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (5m2n7x.top)

Enabled by defaultEvents per second (default = 1)
125002034System

DROP UDP TROJAN DNS Query to Cerber Domain (c8jxpp.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (c8jxpp.top)

Enabled by defaultEvents per second (default = 1)
125002035System

DROP TCP TROJAN DNS Query to Cerber Domain (c8jxpp.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (c8jxpp.top)

Enabled by defaultEvents per second (default = 1)
125002036System

DROP UDP TROJAN DNS Query to Cerber Domain (gutwj0.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (gutwj0.top)

Enabled by defaultEvents per second (default = 1)
125002037System

DROP TCP TROJAN DNS Query to Cerber Domain (gutwj0.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (gutwj0.top)

Enabled by defaultEvents per second (default = 1)
125002038System

DROP UDP TROJAN DNS Query to Cerber Domain (odmtu3.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (odmtu3.top)

Enabled by defaultEvents per second (default = 1)
125002039System

DROP TCP TROJAN DNS Query to Cerber Domain (odmtu3.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (odmtu3.top)

Enabled by defaultEvents per second (default = 1)
125002040System

DROP UDP TROJAN DNS Query to Cerber Domain (83zw1f.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (83zw1f.bid)

Enabled by defaultEvents per second (default = 1)
125002041System

DROP TCP TROJAN DNS Query to Cerber Domain (83zw1f.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (83zw1f.bid)

Enabled by defaultEvents per second (default = 1)
125002042System

DROP UDP TROJAN APT28 XAgent DNS UDP
Lookup (msfontsrv.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using UDP (msfontsrv.com)

Enabled by defaultEvents per second (default = 1)
125002043System

DROP TCP TROJAN APT28 XAgent DNS TCP
Lookup (msfontsrv.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using TCP (msfontsrv.com)

Enabled by defaultEvents per second (default = 1)
125002044System

DROP UDP TROJAN APT28 XTunnel DNS UDP

Lookup (netcloselysecure.org)

This rule drops TROJAN APT28 XTunnel DNS Lookup using UDP (netcloselysecure.org)

Enabled by defaultEvents per second (default = 1)
125002045System

DROP TCP TROJAN APT28 XTunnel DNS TCP
Lookup (netcloselysecure.org)

This rule drops TROJAN APT28 XTunnel DNS Lookup using TCP (netcloselysecure.org)

Enabled by defaultEvents per second (default = 1)
125002046System

DROP UDP TROJAN APT28 DealersChoice DNS UDP

Lookup (microsoftfont.com)

This rule drops TROJAN APT28 DealersChoice DNS Lookup using UDP (microsoftfont.com)

Enabled by defaultEvents per second (default = 1)
125002047System

DROP TCP TROJAN APT28 DealersChoice DNS TCP

Lookup (microsoftfont.com)

This rule drops TROJAN APT28 DealersChoice DNS Lookup using TCP (microsoftfont.com)

Enabled by defaultEvents per second (default = 1)
125002048System

DROP UDP TROJAN APT28 Uploader DNS UDP

Lookup (researchcontinental.org)

This rule drops TROJAN APT28 Uploader DNS Lookup using UDP (researchcontinental.org)

Enabled by defaultEvents per second (default = 1)
125002049System

DROP TCP TROJAN APT28 Uploader DNS TCP

Lookup (researchcontinental.org)

This rule drops TROJAN APT28 Uploader DNS Lookup using TCP (researchcontinental.org)

Enabled by defaultEvents per second (default = 1)
125002050System

DROP UDP TROJAN APT28 Uploader DNS UDP

Lookup (wsusconnect.com)

This rule drops TROJAN APT28 Uploader DNS Lookup using UDP (wsusconnect.com)

Enabled by defaultEvents per second (default = 1)
125002051System

DROP TCP TROJAN APT28 Uploader DNS TCP

Lookup (wsusconnect.com)

This rule drops TROJAN APT28 Uploader DNS Lookup using TCP (wsusconnect.com)

Enabled by defaultEvents per second (default = 1)
125002052System

DROP UDP TROJAN APT28 XAgent DNS UDP

Lookup (amxserviceactive.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using UDP (amxserviceactive.com)

Enabled by defaultEvents per second (default = 1)
125002053System

DROP TCP TROJAN APT28 XAgent DNS TCP

Lookup (amxserviceactive.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using TCP (amxserviceactive.com)

Enabled by defaultEvents per second (default = 1)
125002054System

DROP UDP TROJAN APT28 XAgent DNS UDP
Lookup (apps4updates.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using UDP (apps4updates.com)

Enabled by defaultEvents per second (default = 1)
125002055System

DROP TCP TROJAN APT28 XAgent DNS TCP
Lookup (apps4updates.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using TCP (apps4updates.com)

Enabled by defaultEvents per second (default = 1)
125002056System

DROP UDP TROJAN APT28 XAgent DNS UDP
Lookup (registnum.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using UDP (registnum.com)

Enabled by defaultEvents per second (default = 1)
125002057System

DROP TCP TROJAN APT28 XAgent DNS TCP
Lookup (registnum.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using TCP (registnum.com)

Enabled by defaultEvents per second (default = 1)
125002058System

DROP UDP TROJAN APT28 XAgent DNS UDP
Lookup (akamaistatistics.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using UDP (akamaistatistics.com)

Enabled by defaultEvents per second (default = 1)
125002059System

DROP TCP TROJAN
APT28 XAgent DNS TCP
Lookup
(akamaistatistics.com)

This rule drops TROJAN APT28 XAgent DNS Lookup using TCP (akamaistatistics.com)

Enabled by defaultEvents per second (default = 1)
125002060System

DROP UDP TROJAN
APT28 Azzy DNS UDP
Lookup
(msgetupdt.com)

This rule drops TROJAN APT28 Azzy DNS

Lookup using UDP (msgetupdt.com)

Enabled by defaultEvents per second (default = 1)
125002061System

DROP TCP TROJAN APT28 Azzy DNS TCP
Lookup (msgetupdt.com)

This rule drops TROJAN APT28 Azzy DNS

Lookup using TCP (msgetupdt.com)

Enabled by defaultEvents per second (default = 1)
125002062System

DROP UDP TROJAN APT28 Azzy DNS UDP
Lookup (mssendinf.com)

This rule drops TROJAN APT28
Azzy DNS Lookup using UDP
(mssendinf.com)

Enabled by defaultEvents per second (default = 1)
125002063System

DROP TCP TROJAN APT28 Azzy DNS TCP
Lookup
(mssendinf.com)

This rule drops TROJAN APT28
Azzy DNS Lookup using TCP
(mssendinf.com)

Enabled by defaultEvents per second (default = 1)
125002064System

DROP UDP TROJAN
APT28 Azzy DNS UDP
Lookup
(checksumcontrol.com)

This rule drops TROJAN APT28
Azzy DNS Lookup using UDP
(checksumcontrol.com)

Enabled by defaultEvents per second (default = 1)
125002065System

DROP TCP TROJAN
APT28 Azzy DNS TCP
Lookup
(checksumcontrol.com)

This rule drops TROJAN APT28
Azzy DNS Lookup using TCP
(checksumcontrol.com)

Enabled by defaultEvents per second (default = 1)
125002066System

DROP UDP TROJAN
APT28 Azzy DNS UDP
Lookup
(crcmodule.com)

This rule drops TROJAN APT28
Azzy DNS Lookup using UDP
(crcmodule.com)

Enabled by defaultEvents per second (default = 1)
125002067System

DROP TCP TROJAN
APT28 Azzy DNS TCP
Lookup
(crcmodule.com)

This rule drops TROJAN APT28
Azzy DNS Lookup using TCP
(crcmodule.com)

Enabled by defaultEvents per second (default = 1)
125002068System

DROP UDP TROJAN
APT28 Azzy DNS UDP
Lookup
(crcchecker.com)

This rule drops TROJAN APT28
Azzy DNS Lookup using UDP
(crcchecker.com)

Enabled by defaultEvents per second (default = 1)
125002069System

DROP TCP TROJAN
APT28 Azzy DNS TCP
Lookup
(crcchecker.com)

This rule drops TROJAN APT28
Azzy DNS Lookup using TCP
(crcchecker.com)

Enabled by defaultEvents per second (default = 1)
125002070System

DROP UDP TROJAN
APT28 Uploader DNS
UDP Lookup
(dowstem.com)

This rule drops TROJAN APT28
Uploader DNS Lookup using
UDP (dowstem.com)

Enabled by defaultEvents per second (default = 1)
125002071System

DROP TCP TROJAN
APT28 Uploader DNS
TCP Lookup
(dowstem.com)

This rule drops TROJAN APT28
Uploader DNS Lookup using
TCP (dowstem.com)

Enabled by defaultEvents per second (default = 1)
125002072System

DROP UDP TROJAN DNS
Query to Cerber Domain
(3pfli8.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (3pfli8.top)

Enabled by defaultEvents per second (default = 1)
125002073System

DROP TCP TROJAN DNS
Query to Cerber Domain
(3pfli8.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (3pfli8.top)

Enabled by defaultEvents per second (default = 1)
125002074System

DROP UDP TROJAN DNS
Query to Cerber Domain
(582h0n.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (582h0n.top)

Enabled by defaultEvents per second (default = 1)
125002075System

DROP TCP TROJAN DNS
Query to Cerber Domain
(582h0n.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (582h0n.top)

Enabled by defaultEvents per second (default = 1)
125002076System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ekll3z.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ekll3z.top)

Enabled by defaultEvents per second (default = 1)
125002077System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ekll3z.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ekll3z.top)

Enabled by defaultEvents per second (default = 1)
125002078System

DROP UDP TROJAN DNS
Query to Cerber Domain
(g5b4b1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (g5b4b1.bid)

Enabled by defaultEvents per second (default = 1)
125002079System

DROP TCP TROJAN DNS
Query to Cerber Domain
(g5b4b1.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (g5b4b1.bid)

Enabled by defaultEvents per second (default = 1)
125002080System

DROP UDP TROJAN DNS
Query to Cerber Domain
(ujc6h3.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (ujc6h3.top)

Enabled by defaultEvents per second (default = 1)
125002081System

DROP TCP TROJAN DNS
Query to Cerber Domain
(ujc6h3.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (ujc6h3.top)

Enabled by defaultEvents per second (default = 1)
125002082System

DROP UDP TROJAN DNS
Query to Cerber Domain
(wmvsh0.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (wmvsh0.top)

Enabled by defaultEvents per second (default = 1)
125002083System

DROP TCP TROJAN DNS
Query to Cerber Domain
(wmvsh0.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (wmvsh0.top)

Enabled by defaultEvents per second (default = 1)
125002084System

DROP UDP TROJAN DNS
Query to Cerber Domain
(v8j99w.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (v8j99w.top)

Enabled by defaultEvents per second (default = 1)
125002085System

DROP TCP TROJAN DNS
Query to Cerber Domain
(v8j99w.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (v8j99w.top)

Enabled by defaultEvents per second (default = 1)
125002086System

DROP UDP TROJAN DNS
Query to Cerber Domain
(8699s9.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (8699s9.bid)

Enabled by defaultEvents per second (default = 1)
125002087System

DROP TCP TROJAN DNS
Query to Cerber Domain
(8699s9.bid)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (8699s9.bid)

Enabled by defaultEvents per second (default = 1)
125002088System

DROP UDP TROJAN DNS
Query to Cerber Domain
(bvy5wt.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (bvy5wt.top)

Enabled by defaultEvents per second (default = 1)
125002089System

DROP TCP TROJAN DNS
Query to Cerber Domain
(bvy5wt.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (bvy5wt.top)

Enabled by defaultEvents per second (default = 1)
125002090System

DROP UDP TROJAN DNS
Query to Cerber Domain
(cc6dh3.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
UDP (cc6dh3.top)

Enabled by defaultEvents per second (default = 1)
125002091System

DROP TCP TROJAN DNS
Query to Cerber Domain
(cc6dh3.top)

This rule drops TROJAN DNS
Query to Cerber Domain using
TCP (cc6dh3.top)

Enabled by defaultEvents per second (default = 1)
125002092System

DROP UDP POLICY DNS
Query to.onion proxy
Domain (anonym.to)

This rule drops POLICY DNS
Query to.onion proxy Domain
using UDP (anonym.to)

Enabled by defaultEvents per second (default = 1)
125002093System

DROP TCP POLICY DNS
Query to.onion proxy
Domain (anonym.to)

This rule drops POLICY DNS
Query to.onion proxy Domain
using TCP (anonym.to)

Enabled by defaultEvents per second (default = 1)
125002094System

DROP UDP TROJAN
ABUSE.CH Ransomware
Domain Detected
(TorrentLocker C2)
(27c73bq66y4xqoh7)

This rule drops TROJAN
ABUSE.CH Ransomware
Domain Detected
(TorrentLocker C2) using UDP
(27c73bq66y4xqoh7)

Enabled by defaultEvents per second (default = 1)
125002095System

DROP TCP TROJAN
ABUSE.CH Ransomware
Domain Detected
(TorrentLocker C2)
(27c73bq66y4xqoh7)

This rule drops TROJAN
ABUSE.CH Ransomware
Domain Detected
(TorrentLocker C2) using TCP
(27c73bq66y4xqoh7)

Enabled by defaultEvents per second (default = 1)
125002096System

DROP UDP TROJAN
ABUSE.CH
Ransomware/Cerber
Onion Domain UDP
Lookup
(avsxrcoq2q5fgrw2)

This rule drops TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain Lookup using UDP (avsxrcoq2q5fgrw2)

Enabled by defaultEvents per second (default = 1)
125002097System

DROP TCP TROJAN
ABUSE.CH
Ransomware/Cerber
Onion Domain TCP
Lookup
(avsxrcoq2q5fgrw2)

This rule drops TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain Lookup using TCP (avsxrcoq2q5fgrw2)

Enabled by defaultEvents per second (default = 1)
125002098System

DROP UDP TROJAN
ABUSE.CH
Ransomware/Cerber
Onion Domain UDP
Lookup
(fnmi62725zfti2vy)

This rule drops TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain Lookup using UDP (fnmi62725zfti2vy)

Enabled by defaultEvents per second (default = 1)
125002099System

DROP TCP TROJAN
ABUSE.CH
Ransomware/Cerber
Onion Domain TCP
Lookup
(fnmi62725zfti2vy)

This rule drops TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain

Lookup using TCP (fnmi62725zfti2vy)

Enabled by defaultEvents per second (default = 1)
125002100System

DROP UDP TROJAN
ABUSE.CH
Ransomware/Cerber
Onion Domain UDP
Lookup
(ftoxmpdipwobp4qy)

This rule drops TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain Lookup using UDP (ftoxmpdipwobp4qy)

Enabled by defaultEvents per second (default = 1)
125002101System

DROP TCP TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain TCP
Lookup
(ftoxmpdipwobp4qy)

This rule drops TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup using TCP (ftoxmpdipwobp4qy)

Enabled by defaultEvents per second (default = 1)
125002102System

DROP UDP TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain UDP
Lookup
(pe2cku7pebkpgeko)

This rule drops TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain

Lookup using UDP (pe2cku7pebkpgeko)

Enabled by defaultEvents per second (default = 1)
125002103System

DROP TCP TROJAN ABUSE.CH
Ransomware/Cerber Onion Domain TCP
Lookup
(pe2cku7pebkpgeko)

This rule drops TROJAN ABUSE.CH Ransomware/Cerber Onion Domain

Lookup using TCP (pe2cku7pebkpgeko)

Enabled by defaultEvents per second (default = 1)
125002104System

DROP UDP TROJAN Ransomware Goldeneye .onion Payment Domain
(goldenhjnqvc2lld)

This rule drops TROJAN Ransomware Goldeneye
.onion Payment Domain using UDP (goldenhjnqvc2lld)

Enabled by defaultEvents per second (default = 1)
125002105System

DROP TCP TROJAN Ransomware
Goldeneye .onion Payment Domain
(goldenhjnqvc2lld)

This rule drops TROJAN Ransomware Goldeneye
.onion Payment Domain using TCP (goldenhjnqvc2lld)

Enabled by defaultEvents per second (default = 1)
125002106System

DROP UDP TROJAN Ransomware
Goldeneye .onion Payment Domain
(golden2uqpiqcs6j)

This rule drops TROJAN Ransomware Goldeneye
.onion Payment Domain using UDP (golden2uqpiqcs6j)

Enabled by defaultEvents per second (default = 1)
125002107System

DROP TCP TROJAN Ransomware
Goldeneye .onion Payment Domain
(golden2uqpiqcs6j)

This rule drops TROJAN Ransomware Goldeneye
.onion Payment Domain using TCP (golden2uqpiqcs6j)

Enabled by defaultEvents per second (default = 1)
125002108System

DROP UDP TROJAN Ransomware
Popcorn-Time .onion Payment Domain
(3hnuhydu4pd247qb)

This rule drops TROJAN Ransomware Popcorn-Time.onion Payment Domain using UDP (3hnuhydu4pd247qb)

Enabled by defaultEvents per second (default = 1)
125002109System

DROP TCP TROJAN Ransomware
Popcorn-Time .onion Payment Domain
(3hnuhydu4pd247qb)

This rule drops TROJAN Ransomware Popcorn-Time.onion Payment Domain using TCP (3hnuhydu4pd247qb)

Enabled by defaultEvents per second (default = 1)
125002110System

DROP UDP TROJAN Mirai Botnet Domain Observed (zugzwang.me)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (zugzwang.me)

Enabled by defaultEvents per second (default = 1)
125002111System

DROP TCP TROJAN Mirai Botnet Domain Observed (zugzwang.me)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (zugzwang.me)

Enabled by defaultEvents per second (default = 1)
125002112System

DROP UDP TROJAN Mirai Botnet Domain Observed (vmdefmnsndoj.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (vmdefmnsndoj.tech)

Enabled by defaultEvents per second (default = 1)
125002113System

DROP TCP TROJAN Mirai Botnet Domain Observed (vmdefmnsndoj.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (vmdefmnsndoj.tech)

Enabled by defaultEvents per second (default = 1)
125002114System

DROP UDP TROJAN Mirai Botnet Domain Observed (xpknpxmywqsr.support)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (xpknpxmywqsr.support)

Enabled by defaultEvents per second (default = 1)
125002115System

DROP TCP TROJAN Mirai Botnet Domain Observed
(xpknpxmywqsr.support)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (xpknpxmywqsr.support)

Enabled by defaultEvents per second (default = 1)
125002116System

DROP UDP TROJAN Mirai Botnet Domain Observed (lvfjcwwobycj.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (lvfjcwwobycj.tech)

Enabled by defaultEvents per second (default = 1)
125002117System

DROP TCP TROJAN Mirai Botnet Domain Observed (lvfjcwwobycj.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (lvfjcwwobycj.tech)

Enabled by defaultEvents per second (default = 1)
125002118System

DROP UDP TROJAN Mirai Botnet Domain Observed (bwhrdaumwuvn.support)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP
(bwhrdaumwuvn.support)

Enabled by defaultEvents per second (default = 1)
125002119System

DROP TCP TROJAN Mirai Botnet Domain Observed
(bwhrdaumwuvn.support)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (bwhrdaumwuvn.support)

Enabled by defaultEvents per second (default = 1)
125002120System

DROP UDP TROJAN Mirai Botnet Domain Observed (bpmsfckfkrpr.support)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (bpmsfckfkrpr.support)

Enabled by defaultEvents per second (default = 1)
125002121System

DROP TCP TROJAN Mirai Botnet Domain Observed (bpmsfckfkrpr.support)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (bpmsfckfkrpr.support)

Enabled by defaultEvents per second (default = 1)
125002122System

DROP UDP TROJAN Mirai Botnet Domain Observed (oornsduuwjli.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (oornsduuwjli.tech)

Enabled by defaultEvents per second (default = 1)
125002123System

DROP TCP TROJAN Mirai Botnet Domain Observed (oornsduuwjli.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (oornsduuwjli.tech)

Enabled by defaultEvents per second (default = 1)
125002124System

DROP UDP TROJAN Mirai Botnet Domain Observed (qjqubpciajoc.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (qjqubpciajoc.tech)

Enabled by defaultEvents per second (default = 1)
125002125System

DROP TCP TROJAN Mirai Botnet Domain Observed (qjqubpciajoc.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (qjqubpciajoc.tech)

Enabled by defaultEvents per second (default = 1)
125002126System

DROP UDP TROJAN Mirai Botnet Domain Observed (exvdaajegjur.support)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (exvdaajegjur.support)

Enabled by defaultEvents per second (default = 1)
125002127System

DROP TCP TROJAN Mirai Botnet Domain Observed (exvdaajegjur.support

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (exvdaajegjur.support)

Enabled by defaultEvents per second (default = 1)
125002128System

DROP UDP TROJAN Mirai Botnet Domain Observed (tro69.online)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (tro69.online)

Enabled by defaultEvents per second (default = 1)
125002129System

DROP TCP TROJAN Mirai Botnet Domain Observed (tro69.online)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (tro69.online)

Enabled by defaultEvents per second (default = 1)
125002130System

DROP UDP TROJAN Mirai Botnet Domain Observed (tro69.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (tro69.tech)

Enabled by defaultEvents per second (default = 1)
125002131System

DROP TCP TROJAN Mirai Botnet Domain Observed (tro69.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (tro69.tech)

Enabled by defaultEvents per second (default = 1)
125002132System

DROP UDP TROJAN Mirai Botnet Domain Observed (tro69.support)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (tro69.support)

Enabled by defaultEvents per second (default = 1)
125002133System

DROP TCP TROJAN Mirai Botnet Domain Observed (tro69.support)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (tro69.support)

Enabled by defaultEvents per second (default = 1)
125002134System

DROP UDP MOBILE_MALWARE Trojan-Banker.Android OS.Marcher DNS UDP
Lookup (wandgerdzq.at)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup using UDP
(wandgerdzq.at)

Enabled by defaultEvents per second (default = 1)
125002135System

DROP TCP MOBILE_MALWARE Trojan-Banker.Android OS.Marcher DNS TCP
Lookup (wandgerdzq.at)

This rule drops MOBILE_MALWARE
Trojan-Banker.AndroidOS.Marcher DNS Lookup using TCP (wandgerdzq.at)

Enabled by defaultEvents per second (default = 1)
125002136System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher DNS UDP Lookup (manaclubs.tk)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup using UDP
(manaclubs.tk)

Enabled by defaultEvents per second (default = 1)
125002137System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher DNS TCP Lookup (manaclubs.tk)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup using TCP
(manaclubs.tk)

Enabled by defaultEvents per second (default = 1)
125002138System

DROP UDP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher DNS UDP
Lookup (poloclubs.tk)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup using UDP
(poloclubs.tk)

Enabled by defaultEvents per second (default = 1)
125002139System

DROP TCP MOBILE_MALWARE
Trojan-Banker.Android OS.Marcher DNS TCP
Lookup (poloclubs.tk)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup using TCP
(poloclubs.tk)

Enabled by defaultEvents per second (default = 1)
125002140System

DROP UDP POLICY DNS Query to.onion proxy Domain
(paysteroptionway.com)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (paysteroptionway.com)

Enabled by defaultEvents per second (default = 1)
125002141System

DROP TCP POLICY DNS Query to.onion proxy Domain (paysteroptionway.com)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (paysteroptionway.com)

Enabled by defaultEvents per second (default = 1)
125002142System

DROP UDP POLICY DNS Query to.onion proxy Domain (dorfact.at)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (dorfact.at)

Enabled by defaultEvents per second (default = 1)
125002143System

DROP TCP POLICY DNS Query to.onion proxy Domain (dorfact.at)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (dorfact.at)

Enabled by defaultEvents per second (default = 1)
125002144System

DROP UDP POLICY DNS Query to.onion proxy Domain (flyjo.pl)

This rule drops POLICY DNS Query to.onion proxy Domain using UDP (flyjo.pl)

Enabled by defaultEvents per second (default = 1)
125002145System

DROP TCP POLICY DNS Query to.onion proxy Domain (flyjo.pl)

This rule drops POLICY DNS Query to.onion proxy Domain using TCP (flyjo.pl)

Enabled by defaultEvents per second (default = 1)
125002146System

DROP UDP TROJAN DNS Query to Cerber Domain (m20ehf.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (m20ehf.top)

Enabled by defaultEvents per second (default = 1)
125002147System

DROP TCP TROJAN DNS Query to Cerber Domain (m20ehf.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (m20ehf.top)

Enabled by defaultEvents per second (default = 1)
125002148System

DROP UDP TROJAN DNS Query to Cerber Domain (lbxvhk.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (lbxvhk.top)

Enabled by defaultEvents per second (default = 1)
125002149System

DROP TCP TROJAN DNS Query to Cerber Domain (lbxvhk.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (lbxvhk.top)

Enabled by defaultEvents per second (default = 1)
125002150System

DROP UDP TROJAN DNS Query to Cerber Domain (g0lpnj.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (g0lpnj.bid)

Enabled by defaultEvents per second (default = 1)
125002151System

DROP TCP TROJAN DNS Query to Cerber Domain (g0lpnj.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (g0lpnj.bid)

Enabled by defaultEvents per second (default = 1)
125002152System

DROP UDP TROJAN DNS Query to Cerber Domain (g0lpnj.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (g0lpnj.bid)

Enabled by defaultEvents per second (default = 1)
125002153System

DROP TCP TROJAN DNS Query to Cerber Domain (g0lpnj.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (g0lpnj.bid)

Enabled by defaultEvents per second (default = 1)
125002154System

DROP UDP TROJAN DNS Query to Cerber Domain (17rmvr.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (17rmvr.top)

Enabled by defaultEvents per second (default = 1)
125002155System

DROP TCP TROJAN DNS Query to Cerber Domain (17rmvr.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (17rmvr.top)

Enabled by defaultEvents per second (default = 1)
125002156System

DROP UDP TROJAN DNS Query to Cerber Domain (85kvie.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (85kvie.top)

Enabled by defaultEvents per second (default = 1)
125002157System

DROP TCP TROJAN DNS Query to Cerber Domain (85kvie.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (85kvie.top)

Enabled by defaultEvents per second (default = 1)
125002158System

DROP UDP TROJAN DNS Query to Cerber Domain (hmjwi2.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (hmjwi2.bid)

Enabled by defaultEvents per second (default = 1)
125002159System

DROP TCP TROJAN DNS Query to Cerber Domain (hmjwi2.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (hmjwi2.bid)

Enabled by defaultEvents per second (default = 1)
125002160System

DROP UDP TROJAN DNS Query to Cerber Domain (x9ap4h.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (x9ap4h.top)

Enabled by defaultEvents per second (default = 1)
125002161System

DROP TCP TROJAN DNS Query to Cerber Domain (x9ap4h.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (x9ap4h.top)

Enabled by defaultEvents per second (default = 1)
125002162System

DROP UDP TROJAN DNS Query to Cerber Domain (zj1ffv.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (zj1ffv.top)

Enabled by defaultEvents per second (default = 1)
125002163System

DROP TCP TROJAN DNS Query to Cerber Domain (zj1ffv.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (zj1ffv.top)

Enabled by defaultEvents per second (default = 1)
125002164System

DROP UDP TROJAN DNS Query to Cerber Domain (bhynoo.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (bhynoo.top)

Enabled by defaultEvents per second (default = 1)
125002165System

DROP TCP TROJAN DNS Query to Cerber Domain (bhynoo.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (bhynoo.top)

Enabled by defaultEvents per second (default = 1)
125002166System

DROP UDP TROJAN DNS Query to Cerber Domain (htbzl2.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (htbzl2.top)

Enabled by defaultEvents per second (default = 1)
125002167System

DROP TCP TROJAN DNS Query to Cerber Domain (htbzl2.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (htbzl2.top)

Enabled by defaultEvents per second (default = 1)
125002168System

DROP UDP TROJAN DNS Query to Cerber Domain (rovr6i.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (rovr6i.top)

Enabled by defaultEvents per second (default = 1)
125002169System

DROP TCP TROJAN DNS Query to Cerber Domain (rovr6i.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (rovr6i.top)

Enabled by defaultEvents per second (default = 1)
125002170System

DROP UDP TROJAN DNS Query to Cerber Domain (5s96fr.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (5s96fr.top)

Enabled by defaultEvents per second (default = 1)
125002171System

DROP TCP TROJAN DNS Query to Cerber Domain (5s96fr.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (5s96fr.top)

Enabled by defaultEvents per second (default = 1)
125002172System

DROP UDP TROJAN DNS Query to Cerber Domain (tidldc.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (tidldc.top)

Enabled by defaultEvents per second (default = 1)
125002173System

DROP TCP TROJAN DNS Query to Cerber Domain (tidldc.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (tidldc.top)

Enabled by defaultEvents per second (default = 1)
125002174System

DROP UDP TROJAN DNS Query to Cerber Domain (0cgaez.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (0cgaez.top)

Enabled by defaultEvents per second (default = 1)
125002175System

DROP TCP TROJAN DNS Query to Cerber Domain (0cgaez.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (0cgaez.top)

Enabled by defaultEvents per second (default = 1)
125002176System

DROP UDP TROJAN DNS Query to Cerber Domain (eu2xdg.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (eu2xdg.top)

Enabled by defaultEvents per second (default = 1)
125002177System

DROP TCP TROJAN DNS Query to Cerber Domain (eu2xdg.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (eu2xdg.top)

Enabled by defaultEvents per second (default = 1)
125002178System

DROP UDP TROJAN DNS Query to Cerber Domain (dj68hn.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (dj68hn.top)

Enabled by defaultEvents per second (default = 1)
125002179System

DROP TCP TROJAN DNS Query to Cerber Domain (dj68hn.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (dj68hn.top)

Enabled by defaultEvents per second (default = 1)
125002180System

DROP UDP TROJAN DNS Query to Cerber Domain (45yu0p.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (45yu0p.bid)

Enabled by defaultEvents per second (default = 1)
125002181System

DROP TCP TROJAN DNS Query to Cerber Domain (45yu0p.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (45yu0p.bid)

Enabled by defaultEvents per second (default = 1)
125002182System

DROP UDP TROJAN DNS Query to Cerber Domain (djiag3.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (djiag3.top)

Enabled by defaultEvents per second (default = 1)
125002183System

DROP TCP TROJAN DNS Query to Cerber Domain (djiag3.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (djiag3.top)

Enabled by defaultEvents per second (default = 1)
125002184System

DROP UDP TROJAN DNS Query to Cerber Domain (d7h6yx.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (d7h6yx.top)

Enabled by defaultEvents per second (default = 1)
125002185System

DROP TCP TROJAN DNS Query to Cerber Domain (d7h6yx.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (d7h6yx.top)

Enabled by defaultEvents per second (default = 1)
125002186System

DROP UDP TROJAN Ransomware/Cerber Onion Domain UDP
Lookup (ao5uvedqfplfrwp3)

This rule drops TROJAN Ransomware/Cerber Onion
Domain Lookup using UDP (ao5uvedqfplfrwp3)

Enabled by defaultEvents per second (default = 1)
125002187System

DROP TCP TROJAN Ransomware/Cerber Onion Domain TCP
Lookup (ao5uvedqfplfrwp3)

This rule drops TROJAN Ransomware/Cerber Onion
Domain Lookup using TCP (ao5uvedqfplfrwp3)

Enabled by defaultEvents per second (default = 1)
125002188System

DROP UDP TROJAN DNS Query to Cerber Domain (pfw1bw.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (pfw1bw.bid)

Enabled by defaultEvents per second (default = 1)
125002189System

DROP TCP TROJAN DNS Query to Cerber Domain (pfw1bw.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (pfw1bw.bid)

Enabled by defaultEvents per second (default = 1)
125002190System

DROP UDP TROJAN DNS Query to Cerber Domain (dgjpgy.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (dgjpgy.top)

Enabled by defaultEvents per second (default = 1)
125002191System

DROP TCP TROJAN DNS Query to Cerber Domain (dgjpgy.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (dgjpgy.top)

Enabled by defaultEvents per second (default = 1)
125002192System

DROP UDP TROJAN DNS Query to Cerber Domain (yur4j5.top)

This rule drops TROJAN DNS Query to Cerber Do

Enabled by defaultEvents per second (default = 1)
125002193System

DROP TCP TROJAN DNS Query to Cerber Domain (yur4j5.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (yur4j5.top)

Enabled by defaultEvents per second (default = 1)
125002194System

DROP UDP TROJAN DNS Query to Cerber Domain (ncw0rp.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (ncw0rp.top)

Enabled by defaultEvents per second (default = 1)
125002195System

DROP TCP TROJAN DNS Query to Cerber Domain (ncw0rp.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (ncw0rp.top)

Enabled by defaultEvents per second (default = 1)
125002196System

DROP UDP TROJAN DNS Query to Cerber Domain (xe1ws1.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (xe1ws1.top)

Enabled by defaultEvents per second (default = 1)
125002197System

DROP TCP TROJAN DNS Query to Cerber Domain (xe1ws1.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (xe1ws1.top)

Enabled by defaultEvents per second (default = 1)
125002198System

DROP UDP TROJAN DNS Query to Cerber Domain (llt6up.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (llt6up.top)

Enabled by defaultEvents per second (default = 1)
125002199System

DROP TCP TROJAN DNS Query to Cerber Domain (llt6up.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (llt6up.top)

Enabled by defaultEvents per second (default = 1)
125002200System

DROP UDP TROJAN DNS Query to Cerber Domain (dc2djf.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (dc2djf.top)

Enabled by defaultEvents per second (default = 1)
125002201System

DROP TCP TROJAN DNS Query to Cerber Domain (dc2djf.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (dc2djf.top)

Enabled by defaultEvents per second (default = 1)
125002202System

DROP UDP TROJAN DNS Query to Cerber Domain (zee0xr.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (zee0xr.top)

Enabled by defaultEvents per second (default = 1)
125002203System

DROP TCP TROJAN DNS Query to Cerber Domain (zee0xr.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (zee0xr.top)

Enabled by defaultEvents per second (default = 1)
125002204System

DROP UDP TROJAN DNS Query to Cerber Domain (p161bl.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (p161bl.top)

Enabled by defaultEvents per second (default = 1)
125002205System

DROP TCP TROJAN DNS Query to Cerber Domain (p161bl.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (p161bl.top)

Enabled by defaultEvents per second (default = 1)
125002206System

DROP UDP TROJAN DNS Query to Cerber Domain (rjf9yn.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (rjf9yn.top)

Enabled by defaultEvents per second (default = 1)
125002207System

DROP TCP TROJAN DNS Query to Cerber Domain (rjf9yn.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (rjf9yn.top)

Enabled by defaultEvents per second (default = 1)
125002208System

DROP UDP TROJAN DNS Query to Cerber Domain (4d0934.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (4d0934.bid)

Enabled by defaultEvents per second (default = 1)
125002209System

DROP TCP TROJAN DNS Query to Cerber Domain (4d0934.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (4d0934.bid)

Enabled by defaultEvents per second (default = 1)
125002210System

DROP UDP TROJAN DNS Query to Cerber Domain (w2fzwt.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (w2fzwt.top)

Enabled by defaultEvents per second (default = 1)
125002211System

DROP TCP TROJAN DNS Query to Cerber Domain (w2fzwt.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (w2fzwt.top)

Enabled by defaultEvents per second (default = 1)
125002212System

DROP UDP TROJAN DNS Query to Cerber Domain (glg1i0.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (glg1i0.top)

Enabled by defaultEvents per second (default = 1)
125002213System

DROP TCP TROJAN DNS Query to Cerber Domain (glg1i0.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (glg1i0.top)

Enabled by defaultEvents per second (default = 1)
125002214System

DROP UDP TROJAN DNS Query to Cerber Domain (uld7hk.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (uld7hk.top)

Enabled by defaultEvents per second (default = 1)
125002215System

DROP TCP TROJAN DNS Query to Cerber Domain (uld7hk.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (uld7hk.top)

Enabled by defaultEvents per second (default = 1)
125002216System

DROP UDP TROJAN DNS Query to Cerber Domain (fwzxnb.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (fwzxnb.bid)

Enabled by defaultEvents per second (default = 1)
125002217System

DROP TCP TROJAN DNS Query to Cerber Domain (fwzxnb.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (fwzxnb.bid)

Enabled by defaultEvents per second (default = 1)
125002218System

DROP UDP TROJAN DNS Query to Cerber Domain (19h8gc.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (19h8gc.top)

Enabled by defaultEvents per second (default = 1)
125002219System

DROP TCP TROJAN DNS Query to Cerber Domain (19h8gc.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (19h8gc.top)

Enabled by defaultEvents per second (default = 1)
125002220System

DROP UDP TROJAN DNS Query to Cerber Domain (x29u3i.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (x29u3i.top)

Enabled by defaultEvents per second (default = 1)
125002221System

DROP TCP TROJAN DNS Query to Cerber Domain (x29u3i.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (x29u3i.top)

Enabled by defaultEvents per second (default = 1)
125002222System

DROP UDP TROJAN DNS Query to Cerber Domain (smd95z.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (smd95z.top)

Enabled by defaultEvents per second (default = 1)
125002223System

DROP TCP TROJAN DNS Query to Cerber Domain (smd95z.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (smd95z.top)

Enabled by defaultEvents per second (default = 1)
125002224System

DROP UDP TROJAN DNS Query to Cerber Domain (ovzy6p.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (ovzy6p.top)

Enabled by defaultEvents per second (default = 1)
125002225System

DROP TCP TROJAN DNS Query to Cerber Domain (ovzy6p.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (ovzy6p.top)

Enabled by defaultEvents per second (default = 1)
125002226System

DROP UDP TROJAN DNS Query to Cerber Domain (8dlgyg.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (8dlgyg.bid)

Enabled by defaultEvents per second (default = 1)
125002227System

DROP TCP TROJAN DNS Query to Cerber Domain (8dlgyg.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (8dlgyg.bid)

Enabled by defaultEvents per second (default = 1)
125002228System

DROP UDP TROJAN VBA/TrojanDownloader.Agent.CEW.onion Proxy Domain (hl3gj7zkxjvo6cra)

This rule drops TROJAN VBA/TrojanDownloader.Agent.CEW .onion Proxy Domain Lookup using UDP (hl3gj7zkxjvo6cra)

Enabled by defaultEvents per second (default = 1)
125002229System

DROP TCP TROJAN VBA/TrojanDownloader.Agent.CEW.onion Proxy Domain (hl3gj7zkxjvo6cra)

This rule drops TROJAN VBA/TrojanDownloader.Agent.CEW .onion Proxy Domain
Lookup using TCP
(hl3gj7zkxjvo6cra)

Enabled by defaultEvents per second (default = 1)
125002230System

DROP UDP TROJAN DNS Query to Cerber Domain (8l4jpw.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (8l4jpw.top)

Enabled by defaultEvents per second (default = 1)
125002231System

DROP TCP TROJAN DNS Query to Cerber Domain (8l4jpw.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (8l4jpw.top)

Enabled by defaultEvents per second (default = 1)
125002232System

DROP UDP TROJAN DNS Query to Cerber Domain (drg1gf.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (drg1gf.top)

Enabled by defaultEvents per second (default = 1)
125002233System

DROP TCP TROJAN DNS Query to Cerber Domain (drg1gf.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (drg1gf.top)

Enabled by defaultEvents per second (default = 1)
125002234System

DROP UDP TROJAN DNS Query to Cerber Domain (z20x0r.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (z20x0r.top)

Enabled by defaultEvents per second (default = 1)
125002235System

DROP TCP TROJAN DNS Query to Cerber Domain (z20x0r.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (z20x0r.top)

Enabled by defaultEvents per second (default = 1)
125002236System

DROP UDP TROJAN DNS Query to Cerber Domain (rmgs2r.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (rmgs2r.top)

Enabled by defaultEvents per second (default = 1)
125002237System

DROP TCP TROJAN DNS Query to Cerber Domain (rmgs2r.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (rmgs2r.top)

Enabled by defaultEvents per second (default = 1)
125002238System

DROP UDP TROJAN DNS Query to Cerber Domain (ttx0ig.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (ttx0ig.top)

Enabled by defaultEvents per second (default = 1)
125002239System

DROP TCP TROJAN DNS Query to Cerber Domain (ttx0ig.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (ttx0ig.top)

Enabled by defaultEvents per second (default = 1)
125002240System

DROP UDP TROJAN DNS Query to Cerber Domain (gwz8gh.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (gwz8gh.top)

Enabled by defaultEvents per second (default = 1)
125002241System

DROP TCP TROJAN DNS Query to Cerber Domain (gwz8gh.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (gwz8gh.top)

Enabled by defaultEvents per second (default = 1)
125002242System

DROP UDP TROJAN DNS Query to Cerber Domain (p3tt2t.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (p3tt2t.top)

Enabled by defaultEvents per second (default = 1)
125002243System

DROP TCP TROJAN DNS Query to Cerber Domain (p3tt2t.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (p3tt2t.top)

Enabled by defaultEvents per second (default = 1)
125002244System

DROP UDP TROJAN DNS Query to Cerber Domain (vtwyjd.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (vtwyjd.top)

Enabled by defaultEvents per second (default = 1)
125002245System

DROP TCP TROJAN DNS Query to Cerber Domain (vtwyjd.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (vtwyjd.top)

Enabled by defaultEvents per second (default = 1)
125002246System

DROP UDP TROJAN DNS Query to Cerber Domain (3pxhgt.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (3pxhgt.top)

Enabled by defaultEvents per second (default = 1)
125002247System

DROP TCP TROJAN DNS Query to Cerber Domain (3pxhgt.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (3pxhgt.top)

Enabled by defaultEvents per second (default = 1)
125002248System

DROP UDP TROJAN DNS Query to Cerber Domain (rzt69n.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (rzt69n.top)

Enabled by defaultEvents per second (default = 1)
125002249System

DROP TCP TROJAN DNS Query to Cerber Domain (rzt69n.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (rzt69n.top)

Enabled by defaultEvents per second (default = 1)
125002250System

DROP UDP TROJAN Mirai Botnet Domain Observed (nympompksmfx.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (nympompksmfx.tech)

Enabled by defaultEvents per second (default = 1)
125002251System

DROP TCP TROJAN Mirai Botnet Domain Observed (nympompksmfx.tech)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (nympompksmfx.tech)

Enabled by defaultEvents per second (default = 1)
125002252System

DROP UDP TROJAN Mirai Botnet Domain Observed
(xpknpxmywqsrhe.online)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (xpknpxmywqsrhe.online)

Enabled by defaultEvents per second (default = 1)
125002253System

DROP TCP TROJAN Mirai Botnet Domain Observed (xpknpxmywqsrhe.online)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (xpknpxmywqsrhe.online)

Enabled by defaultEvents per second (default = 1)
125002254System

DROP UDP TROJAN Mirai Botnet Domain Observed (kedbuffigfjs.online)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (kedbuffigfjs.online)

Enabled by defaultEvents per second (default = 1)
125002255System

DROP TCP TROJAN Mirai Botnet Domain Observed (kedbuffigfjs.online)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (kedbuffigfjs.online)

Enabled by defaultEvents per second (default = 1)
125002256System

DROP UDP TROJAN Mirai Botnet Domain Observed (srrys.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (srrys.pw)

Enabled by defaultEvents per second (default = 1)
125002257System

DROP TCP TROJAN Mirai Botnet Domain Observed (srrys.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (srrys.pw)

Enabled by defaultEvents per second (default = 1)
125002258System

DROP UDP TROJAN Mirai Botnet Domain Observed (binpt.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (binpt.pw)

Enabled by defaultEvents per second (default = 1)
125002259System

DROP TCP TROJAN Mirai Botnet Domain Observed (binpt.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (binpt.pw)

Enabled by defaultEvents per second (default = 1)
125002260System

DROP UDP TROJAN Mirai Botnet Domain Observed (kciap.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (kciap.pw)

Enabled by defaultEvents per second (default = 1)
125002261System

DROP TCP TROJAN Mirai Botnet Domain Observed (kciap.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (kciap.pw)

Enabled by defaultEvents per second (default = 1)
125002262System

DROP UDP TROJAN Mirai Botnet Domain Observed (mziep.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (mziep.pw)

Enabled by defaultEvents per second (default = 1)
125002263System

DROP TCP TROJAN Mirai Botnet Domain Observed (mziep.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (mziep.pw)

Enabled by defaultEvents per second (default = 1)
125002264System

DROP UDP TROJAN Mirai Botnet Domain Observed (tr069.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using UDP (tr069.pw)

Enabled by defaultEvents per second (default = 1)
125002265System

DROP TCP TROJAN Mirai Botnet Domain Observed (tr069.pw)

This rule drops TROJAN Mirai Botnet Domain Observed using TCP (tr069.pw)

Enabled by defaultEvents per second (default = 1)
125002266System

DROP UDP TROJAN NEODYMIUM Wingbird DNS UDP Lookup (srv601.ddns.net)

This rule drops TROJAN NEODYMIUM Wingbird DNS Lookup using UDP (srv601.ddns.net)

Enabled by defaultEvents per second (default = 1)
125002267System

DROP TCP TROJAN NEODYMIUM Wingbird DNS TCP Lookup (srv601.ddns.net)

This rule drops TROJAN NEODYMIUM Wingbird DNS Lookup using TCP (srv601.ddns.net)

Enabled by defaultEvents per second (default = 1)
125002268System

DROP UDP TROJAN NEODYMIUM Wingbird DNS UDP Lookup (srv602.ddns.net)

This rule drops TROJAN NEODYMIUM Wingbird DNS Lookup using UDP (srv602.ddns.net)

Enabled by defaultEvents per second (default = 1)
125002269System

DROP TCP TROJAN NEODYMIUM Wingbird DNS TCP Lookup (srv602.ddns.net)

This rule drops TROJAN NEODYMIUM Wingbird DNS Lookup using TCP (srv602.ddns.net)

Enabled by defaultEvents per second (default = 1)
125002270System

DROP UDP TROJAN PROMETHIUM/StrongPi ty DNS UDP Lookup (updatesync.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS Lookup using UDP (updatesync.com)

Enabled by defaultEvents per second (default = 1)
125002271System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (updatesync.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS Lookup using TCP (updatesync.com)

Enabled by defaultEvents per second (default = 1)
125002272System

DROP UDP TROJAN PROMETHIUM/StrongPity DNS UDP Lookup (svnservices.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS Lookup using UDP (svnservices.com)

Enabled by defaultEvents per second (default = 1)
125002273System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (svnservices.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using TCP
(svnservices.com)

Enabled by defaultEvents per second (default = 1)
125002274System

DROP UDP TROJAN PROMETHIUM/StrongPity DNS UDP Lookup (mynetenergy.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using UDP
(mynetenergy.com)

Enabled by defaultEvents per second (default = 1)
125002275System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (mynetenergy.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using TCP
(mynetenergy.com)

Enabled by defaultEvents per second (default = 1)
125002276System

DROP UDP TROJAN PROMETHIUM/StrongPity DNS UDP Lookup (windriversupport.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using UDP
(windriversupport.com)

Enabled by defaultEvents per second (default = 1)
125002277System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (windriversupport.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using TCP
(windriversupport.com)

Enabled by defaultEvents per second (default = 1)
125002278System

DROP UDP TROJAN PROMETHIUM/StrongPity DNS UDP Lookup (truecrypte.org)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using UDP
(truecrypte.org)

Enabled by defaultEvents per second (default = 1)
125002279System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (truecrypte.org)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using TCP
(truecrypte.org)

Enabled by defaultEvents per second (default = 1)
125002280System

DROP UDP TROJAN PROMETHIUM/StrongPity DNS UDP Lookup (edicupd002.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using UDP
(edicupd002.com)

Enabled by defaultEvents per second (default = 1)
125002281System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (edicupd002.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using TCP
(edicupd002.com)

Enabled by defaultEvents per second (default = 1)
125002282System

DROP UDP TROJAN PROMETHIUM/StrongPi ty DNS UDP Lookup (jourrapid.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using UDP
(jourrapid.com)

Enabled by defaultEvents per second (default = 1)
125002283System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (jourrapid.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using TCP
(jourrapid.com)

Enabled by defaultEvents per second (default = 1)
125002284System

DROP UDP TROJAN PROMETHIUM/StrongPity DNS UDP Lookup (true-crypte.website)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using UDP
(true-crypte.website)

Enabled by defaultEvents per second (default = 1)
125002285System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (true-crypte.website)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using TCP
(true-crypte.website)

Enabled by defaultEvents per second (default = 1)
125002286System

DROP UDP TROJAN PROMETHIUM/StrongPity DNS UDP Lookup (myrappid.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using UDP
(myrappid.com)

Enabled by defaultEvents per second (default = 1)
125002287System

DROP TCP TROJAN PROMETHIUM/StrongPity DNS TCP Lookup (myrappid.com)

This rule drops TROJAN PROMETHIUM/StrongPity DNS
Lookup using TCP (myrappid.com)

Enabled by defaultEvents per second (default = 1)
125002288System

DROP UDP TROJAN Ransomware Maktub.onion Payment Domain (maktubebz6z6cgtw)

This rule drops TROJAN Ransomware Maktub.onion
Payment Domain using UDP
(maktubebz6z6cgtw)

Enabled by defaultEvents per second (default = 1)
125002289System

DROP TCP TROJAN Ransomware Maktub.onion Payment Domain (maktubebz6z6cgtw)

This rule drops TROJAN Ransomware Maktub .onion
Payment Domain using TCP (maktubebz6z6cgtw)

Enabled by defaultEvents per second (default = 1)
125002290System

DROP UDP TROJAN APT28/SEDNIT
Uploader Variant DNS UDP Lookup
(postlkwarn.com)

This rule drops TROJAN
APT28/SEDNIT Uploader
Variant DNS

Lookup using UDP (postlkwarn.com)

Enabled by defaultEvents per second (default = 1)
125002291System

DROP TCP TROJAN APT28/SEDNIT
Uploader Variant DNS TCP Lookup
(postlkwarn.com)

This rule drops TROJAN APT28/SEDNIT Uploader
Variant DNS

Lookup using TCP (postlkwarn.com)

Enabled by defaultEvents per second (default = 1)
125002292System

DROP UDP MOBILE_MALWARE Trojan-Banker.Android OS.Marcher DNS UDP
Lookup (androidfofrukt.ru)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS

Lookup using UDP (androidfofrukt.ru)

Enabled by defaultEvents per second (default = 1)
125002293System

DROP TCP MOBILE_MALWARE Trojan-Banker.Android OS.Marcher DNS TCP
Lookup (androidfofrukt.ru)

This rule drops MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS

Lookup using TCP (androidfofrukt.ru)

Enabled by defaultEvents per second (default = 1)
125002294System

DROP UDP TROJAN DNS Query to Cerber Domain (z5xfkc.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (z5xfkc.top)

Enabled by defaultEvents per second (default = 1)
125002295System

DROP TCP TROJAN DNS Query to Cerber Domain (z5xfkc.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (z5xfkc.top)

Enabled by defaultEvents per second (default = 1)
125002296System

DROP UDP TROJAN DNS Query to Cerber Domain (nn2ms2.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (nn2ms2.top)

Enabled by defaultEvents per second (default = 1)
125002297System

DROP TCP TROJAN DNS Query to Cerber Domain (nn2ms2.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (nn2ms2.top)

Enabled by defaultEvents per second (default = 1)
125002298System

DROP UDP TROJAN DNS Query to Cerber Domain (ul8hph.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (ul8hph.top)

Enabled by defaultEvents per second (default = 1)
125002299System

DROP TCP TROJAN DNS Query to Cerber Domain (ul8hph.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (ul8hph.top)

Enabled by defaultEvents per second (default = 1)
125002300System

DROP UDP TROJAN DNS Query to Cerber Domain (tyn5ya.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (tyn5ya.top)

Enabled by defaultEvents per second (default = 1)
125002301System

DROP TCP TROJAN DNS Query to Cerber Domain (tyn5ya.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (tyn5ya.top)

Enabled by defaultEvents per second (default = 1)
125002302System

DROP UDP TROJAN DNS Query to Cerber Domain (1kvftk.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (1kvftk.top)

Enabled by defaultEvents per second (default = 1)
125002303System

DROP TCP TROJAN DNS Query to Cerber Domain (1kvftk.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (1kvftk.top)

Enabled by defaultEvents per second (default = 1)
125002304System

DROP UDP TROJAN DNS Query to Cerber Domain (arpbxw.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (arpbxw.top)

Enabled by defaultEvents per second (default = 1)
125002305System

DROP TCP TROJAN DNS Query to Cerber Domain (arpbxw.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (arpbxw.top)

Enabled by defaultEvents per second (default = 1)
125002306System

DROP UDP TROJAN DNS Query to Cerber Domain (z0mkoc.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (z0mkoc.top)

Enabled by defaultEvents per second (default = 1)
125002307System

DROP TCP TROJAN DNS Query to Cerber Domain (z0mkoc.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (z0mkoc.top)

Enabled by defaultEvents per second (default = 1)
125002308System

DROP UDP TROJAN DNS Query to Cerber Domain (85xcav.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (85xcav.top)

Enabled by defaultEvents per second (default = 1)
125002309System

DROP TCP TROJAN DNS Query to Cerber Domain (85xcav.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (85xcav.top)

Enabled by defaultEvents per second (default = 1)
125002310System

DROP UDP TROJAN DNS Query to Cerber Domain (15poas.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (15poas.top)

Enabled by defaultEvents per second (default = 1)
125002311System

DROP TCP TROJAN DNS Query to Cerber Domain (15poas.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (15poas.top)

Enabled by defaultEvents per second (default = 1)
125002312System

DROP UDP TROJAN DNS Query to Cerber Domain (o08ra6.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (o08ra6.top)

Enabled by defaultEvents per second (default = 1)
125002313System

DROP TCP TROJAN DNS Query to Cerber Domain (o08ra6.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (o08ra6.top)

Enabled by defaultEvents per second (default = 1)
125002314System

DROP UDP TROJAN DNS Query to Cerber Domain (2wfe60.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (2wfe60.top)

Enabled by defaultEvents per second (default = 1)
125002315System

DROP TCP TROJAN DNS Query to Cerber Domain (2wfe60.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (2wfe60.top)

Enabled by defaultEvents per second (default = 1)
125002316System

DROP UDP TROJAN DNS Query to Cerber Domain (af38vz.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (af38vz.top)

Enabled by defaultEvents per second (default = 1)
125002317System

DROP TCP TROJAN DNS Query to Cerber Domain (af38vz.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (af38vz.top)

Enabled by defaultEvents per second (default = 1)
125002318System

DROP UDP TROJAN DNS Query to Cerber Domain (r31sot.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (r31sot.top)

Enabled by defaultEvents per second (default = 1)
125002319System

DROP TCP TROJAN DNS Query to Cerber Domain (r31sot.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (r31sot.top)

Enabled by defaultEvents per second (default = 1)
125002320System

DROP UDP TROJAN DNS Query to Cerber Domain (o6fa2g.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (o6fa2g.top)

Enabled by defaultEvents per second (default = 1)
125002321System

DROP TCP TROJAN DNS Query to Cerber Domain (o6fa2g.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (o6fa2g.top)

Enabled by defaultEvents per second (default = 1)
125002322System

DROP UDP TROJAN DNS Query to Cerber Domain (1bqroa.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (1bqroa.top)

Enabled by defaultEvents per second (default = 1)
125002323System

DROP TCP TROJAN DNS Query to Cerber Domain (1bqroa.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (1bqroa.top)

Enabled by defaultEvents per second (default = 1)
125002324System

DROP UDP TROJAN DNS Query to Cerber Domain (piv6tv.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (piv6tv.top)

Enabled by defaultEvents per second (default = 1)
125002325System

DROP TCP TROJAN DNS Query to Cerber Domain (piv6tv.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (piv6tv.top)

Enabled by defaultEvents per second (default = 1)
125002326System

DROP UDP TROJAN DNS Query to Cerber Domain (tih6y9.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (tih6y9.top)

Enabled by defaultEvents per second (default = 1)
125002327System

DROP TCP TROJAN DNS Query to Cerber Domain (tih6y9.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (tih6y9.top)

Enabled by defaultEvents per second (default = 1)
125002328System

DROP UDP TROJAN DNS Query to Cerber Domain (f5x6ws.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (f5x6ws.top)

Enabled by defaultEvents per second (default = 1)
125002329System

DROP TCP TROJAN DNS Query to Cerber Domain (f5x6ws.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (f5x6ws.top)

Enabled by defaultEvents per second (default = 1)
125002330System

DROP UDP TROJAN DNS Query to Cerber Domain (pcwcu6.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (pcwcu6.bid)

Enabled by defaultEvents per second (default = 1)
125002331System

DROP TCP TROJAN DNS Query to Cerber Domain (pcwcu6.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (pcwcu6.bid)

Enabled by defaultEvents per second (default = 1)
125002332System

DROP UDP TROJAN DNS Query to Cerber Domain (od3rag.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (od3rag.top)

Enabled by defaultEvents per second (default = 1)
125002333System

DROP TCP TROJAN DNS Query to Cerber Domain (od3rag.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (od3rag.top)

Enabled by defaultEvents per second (default = 1)
125002334System

DROP UDP TROJAN DNS Query to Cerber Domain (yjo0z9.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (yjo0z9.top)

Enabled by defaultEvents per second (default = 1)
125002335System

DROP TCP TROJAN DNS Query to Cerber Domain (yjo0z9.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (yjo0z9.top)

Enabled by defaultEvents per second (default = 1)
125002336System

DROP UDP TROJAN DNS Query to Cerber Domain (gt6nsg.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (gt6nsg.bid)

Enabled by defaultEvents per second (default = 1)
125002337System

DROP TCP TROJAN DNS Query to Cerber Domain (gt6nsg.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (gt6nsg.bid)

Enabled by defaultEvents per second (default = 1)
125002338System

DROP UDP TROJAN DNS Query to Cerber Domain (ud9z0v.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (ud9z0v.top)

Enabled by defaultEvents per second (default = 1)
125002339System

DROP TCP TROJAN DNS Query to Cerber Domain (ud9z0v.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (ud9z0v.top)

Enabled by defaultEvents per second (default = 1)
125002340System

DROP UDP TROJAN DNS Query to Cerber Domain (h6dxvo.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (h6dxvo.top)

Enabled by defaultEvents per second (default = 1)
125002341System

DROP TCP TROJAN DNS Query to Cerber Domain (h6dxvo.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (h6dxvo.top)

Enabled by defaultEvents per second (default = 1)
125002342System

DROP UDP TROJAN DNS Query to Cerber Domain (u8yz5b.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (u8yz5b.top)

Enabled by defaultEvents per second (default = 1)
125002343System

DROP TCP TROJAN DNS Query to Cerber Domain (u8yz5b.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (u8yz5b.top)

Enabled by defaultEvents per second (default = 1)
125002344System

DROP UDP TROJAN DNS Query to Cerber Domain (j5s57p.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (j5s57p.bid)

Enabled by defaultEvents per second (default = 1)
125002345System

DROP TCP TROJAN DNS Query to Cerber Domain (j5s57p.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (j5s57p.bid)

Enabled by defaultEvents per second (default = 1)
125002346System

DROP UDP TROJAN DNS Query to Cerber Domain (a9glrg.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (a9glrg.top)

Enabled by defaultEvents per second (default = 1)
125002347System

DROP TCP TROJAN DNS Query to Cerber Domain (a9glrg.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (a9glrg.top)

Enabled by defaultEvents per second (default = 1)
125002348System

DROP UDP TROJAN DNS Query to Cerber Domain (utebcd.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (utebcd.top)

Enabled by defaultEvents per second (default = 1)
125002349System

DROP TCP TROJAN DNS Query to Cerber Domain (utebcd.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (utebcd.top)

Enabled by defaultEvents per second (default = 1)
125002350System

DROP UDP TROJAN DNS Query to Cerber Domain (et7izd.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (et7izd.top)

Enabled by defaultEvents per second (default = 1)
125002351System

DROP TCP TROJAN DNS
Query to Cerber Domain (et7izd.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (et7izd.top)

Enabled by defaultEvents per second (default = 1)
125002352System

DROP UDP TROJAN DNS Query to Cerber Domain (7pnxn9.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (7pnxn9.top)

Enabled by defaultEvents per second (default = 1)
125002353System

DROP TCP TROJAN DNS Query to Cerber Domain (7pnxn9.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (7pnxn9.top)

Enabled by defaultEvents per second (default = 1)
125002354System

DROP UDP TROJAN Hidden Tear .onion
Proxy Domain (gpvwsmq4tshfg77y)

This rule drops TROJAN Hidden Tear .onion Proxy Domain Lookup using UDP (gpvwsmq4tshfg77y)

Enabled by defaultEvents per second (default = 1)
125002355System

DROP TCP TROJAN Hidden Tear .onion
Proxy Domain (gpvwsmq4tshfg77y)

This rule drops TROJAN Hidden Tear .onion Proxy Domain Lookup using TCP (gpvwsmq4tshfg77y)

Enabled by defaultEvents per second (default = 1)
125002356System

DROP UDP TROJAN DNS Query to Cerber Domain (obnctf.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (obnctf.bid)

Enabled by defaultEvents per second (default = 1)
125002357System

DROP TCP TROJAN DNS Query to Cerber Domain (obnctf.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (obnctf.bid)

Enabled by defaultEvents per second (default = 1)
125002358System

DROP UDP TROJAN DNS Query to Cerber Domain (kj3f52.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (kj3f52.bid)

Enabled by defaultEvents per second (default = 1)
125002359System

DROP TCP TROJAN DNS Query to Cerber Domain (kj3f52.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (kj3f52.bid)

Enabled by defaultEvents per second (default = 1)
125002360System

DROP UDP TROJAN DNS Query to Cerber Domain (zgw8bu.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (zgw8bu.top)

Enabled by defaultEvents per second (default = 1)
125002361System

DROP TCP TROJAN DNS Query to Cerber Domain (zgw8bu.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (zgw8bu.top)

Enabled by defaultEvents per second (default = 1)
125002362System

DROP UDP TROJAN DNS Query to Cerber Domain (rt01jw.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (rt01jw.top)

Enabled by defaultEvents per second (default = 1)
125002363System

DROP TCP TROJAN DNS Query to Cerber Domain (rt01jw.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (rt01jw.top)

Enabled by defaultEvents per second (default = 1)
125002364System

DROP UDP TROJAN DNS Query to Cerber Domain (4ghwzy.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (4ghwzy.top)

Enabled by defaultEvents per second (default = 1)
125002365System

DROP TCP TROJAN DNS Query to Cerber Domain (4ghwzy.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (4ghwzy.top)

Enabled by defaultEvents per second (default = 1)
125002366System

DROP UDP TROJAN DNS Query to Cerber Domain (u8e2dz.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (u8e2dz.top)

Enabled by defaultEvents per second (default = 1)
125002367System

DROP TCP TROJAN DNS Query to Cerber Domain (u8e2dz.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (u8e2dz.top)

Enabled by defaultEvents per second (default = 1)
125002368System

DROP UDP TROJAN DNS Query to Cerber Domain (3m3ngm.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (3m3ngm.top)

Enabled by defaultEvents per second (default = 1)
125002369System

DROP TCP TROJAN DNS Query to Cerber Domain (3m3ngm.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (3m3ngm.top)

Enabled by defaultEvents per second (default = 1)
125002370System

DROP UDP TROJAN DNS Query to Cerber Domain (eujvrw.bid)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (eujvrw.bid)

Enabled by defaultEvents per second (default = 1)
125002371System

DROP TCP TROJAN DNS Query to Cerber Domain (eujvrw.bid)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (eujvrw.bid)

Enabled by defaultEvents per second (default = 1)
125002372System

DROP UDP TROJAN DNS Query to Cerber Domain (bw9e2z.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (bw9e2z.top)

Enabled by defaultEvents per second (default = 1)
125002373System

DROP TCP TROJAN DNS Query to Cerber Domain (bw9e2z.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (bw9e2z.top)

Enabled by defaultEvents per second (default = 1)
125002374System

DROP UDP TROJAN DNS Query to Cerber Domain (yl1wg6.top)

This rule drops TROJAN DNS Query to Cerber Domain using UDP (yl1wg6.top)

Enabled by defaultEvents per second (default = 1)
125002375System

DROP TCP TROJAN DNS Query to Cerber Domain (yl1wg6.top)

This rule drops TROJAN DNS Query to Cerber Domain using TCP (yl1wg6.top)

Enabled by defaultEvents per second (default = 1)
125002376System

DROP UDP TROJAN Win32.Bunitu DNS UDP Lookup (horolwaiting.biz)

This rule drops TROJAN Win32.Bunitu DNS Lookup
using UDP (horolwaiting.biz)

Enabled by defaultEvents per second (default = 1)
125002377System

DROP TCP TROJAN Win32.Bunitu DNS TCP Lookup (horolwaiting.biz)

This rule drops TROJAN Win32.Bunitu DNS Lookup
using TCP (horolwaiting.biz)

Enabled by defaultEvents per second (default = 1)