[***]            Summary:            [***]

4 new Open, 16 new Pro (4 + 12). Jaff Updates, Various Phishing, Various Mobile.

Thanks: @esentire

[+++]          Added rules:          [+++]

Open:

2024338 - ET TROJAN Jaff Ransomware Checkin (trojan.rules)
2024339 - ET TROJAN DNS Query to Jaff Domain (orhangazitur . com) (trojan.rules)
2024340 - ET TROJAN Jaff Ransomware Checkin (trojan.rules)
2024341 - ET TROJAN DNS Query to Jaff Domain (comboratiogferrdto . com) (trojan.rules)

Pro:

2826546 - ETPRO INFO Observed DNS Query for DDNS domain (camerakeeper .tv) (info.rules)
2826547 - ETPRO TROJAN Observed Malicious Domain SSL Cert in SNI (MSIL/ExtenBro.CL) (trojan.rules)
2826548 - ETPRO TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules)
2826549 - ETPRO TROJAN MSIL/njRAT/Bladabindi Variant (Microsoft_key_update) CnC Checkin (trojan.rules)
2826550 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact Exfil via SMTP 2 (mobile_malware.rules)
2826551 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M1 May 31 2017 (current_events.rules)
2826552 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ar Reporting via SMTP 2 (mobile_malware.rules)
2826553 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M2 May 31 2017 (current_events.rules)
2826554 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M3 May 31 2017 (current_events.rules)
2826555 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.hs Reporting via SMTP (mobile_malware.rules)
2826556 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.eg Contact Exfil via SMTP 2 (mobile_malware.rules)
2826557 - ETPRO CURRENT_EVENTS Dropbox Phishing Landing May 31 2017 (current_events.rules)

[///]     Modified active rules:     [///]

2018543 - ET CURRENT_EVENTS Neverquest/Vawtrak Posting Data (current_events.rules)
2022840 - ET TROJAN Possible CryptXXX Ransomware Renaming Encrypted File SMB v2 (trojan.rules)
2826233 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 2 (mobile_malware.rules)
 

Date: 
Tuesday, May 30, 2017 - 22:00