[***] Summary: [***]

2 new Open signatures, 18 new Pro (2 + 16). Sundown EK, Zeus Panda, Rerdom.

Thanks: @Techhelplistcom

[+++]          Added rules:          [+++]

Open:

2023768 - ET CURRENT_EVENTS Possible Broken/Filtered RIG EK Payload Download (current_events.rules)
2023769 - ET TROJAN Possible Unknown Trojan Checkin Jan 26 2017 (trojan.rules)

Pro:

2824667 - ETPRO CURRENT_EVENTS Successful Paypal Phish M2 Jan 26 2017 (current_events.rules)
2824668 - ETPRO CURRENT_EVENTS Successful Paypal Phish M3 Jan 26 2017 (current_events.rules)
2824669 - ETPRO TROJAN APT.ChChes CnC Beacon 1 (trojan.rules)
2824670 - ETPRO TROJAN APT.ChChes CnC Beacon 2 (trojan.rules)
2824671 - ETPRO TROJAN Win32/WebToos.A Checkin (trojan.rules)
2824672 - ETPRO TROJAN Rerdom Variant CnC M2 (trojan.rules)
2824673 - ETPRO CURRENT_EVENTS SunDown EK Landing Jan 27 2017 M1 (current_events.rules)
2824674 - ETPRO CURRENT_EVENTS SunDown EK Landing Jan 27 2017 M2 (current_events.rules)
2824675 - ETPRO CURRENT_EVENTS SunDown EK Landing Jan 27 2017 M3 (current_events.rules)
2824676 - ETPRO CURRENT_EVENTS SunDown EK Landing Jan 27 2017 M4 (current_events.rules)
2824677 - ETPRO CURRENT_EVENTS SunDown EK Landing Jan 27 2017 M5 (current_events.rules)
2824678 - ETPRO CURRENT_EVENTS SunDown EK Landing Jan 27 2017 M6 (current_events.rules)
2824679 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Feejar.H Checkin (mobile_malware.rules)
2824680 - ETPRO TROJAN Unknown Stealer Server Response (trojan.rules)
2824681 - ETPRO TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules)
2824682 - ETPRO TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules)

[///]     Modified active rules:     [///]

2009867 - ET TROJAN Suspicious User-Agent (Mozilla/3.0 (compatible)) (trojan.rules)
2010875 - ET TROJAN Blackenergy Bot Checkin to C&C (2) (trojan.rules)
 

Date: 
Thursday, January 26, 2017 - 22:00