[***]            Summary:            [***]

1 new Open, 6 new Pro (1 + 5). $MFT NTFS Device Access, Cyst Downloader, Phishing, Unknown Android, Trojan-Spy.AndroidOS.SmsThief.hs Contact Exfil.

[+++]          Added rules:          [+++]

Open:

2024337 - ET EXPLOIT Possible $MFT NTFS Device Access in HTTP Response (exploit.rules)

Pro:

2826541 - ETPRO CURRENT_EVENTS Possible Phishing Landing - Common Multiple JS Unescape May 25 2017 (current_events.rules)
2826542 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.hs Contact Exfil via SMTP (mobile_malware.rules)
2826543 - ETPRO MOBILE_MALWARE Unknown Android Trojan Checkin (mobile_malware.rules)
2826544 - ETPRO TROJAN Cyst Downloader Fake 404 (trojan.rules)
2826545 - ETPRO MOBILE_MALWARE Unknown Android Trojan CnC Beacon (mobile_malware.rules)

[///]     Modified active rules:     [///]

2824477 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Congur.a Checkin via SMTP (mobile_malware.rules)
2826511 - ETPRO MOBILE_MALWARE Unknown Android Loader CnC Beacon (mobile_malware.rules)
 

Date: 
Monday, May 29, 2017 - 22:00