Daily Ruleset Update Summary 2017/03/27

[***]            Summary:            [***]

4 new Open, 26 new Pro (4 + 22). Astrum EK, Python Ransomware, Various Phishing, Various Android

[+++]          Added rules:          [+++]

Open:

2024101 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish Mar 27 2017 (current_events.rules)
2024102 - ET CURRENT_EVENTS Successful Tangerine Bank Phish M1 Mar 27 2017 (current_events.rules)
2024103 - ET CURRENT_EVENTS Successful Tangerine Bank Phish M2 Mar 27 2017 (current_events.rules)
2024104 - ET TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup - Clone (trojan.rules)

Pro:

2825607 - ETPRO CURRENT_EVENTS Astrum EK Infoleak Prefilter Mar 25 2017 (current_events.rules)
2825608 - ETPRO CURRENT_EVENTS Astrum EK Infoleak Prefilter M2 25 2017 (current_events.rules)
2825609 - ETPRO TROJAN Possible Apple Phishing SNI (trojan.rules)
2825610 - ETPRO TROJAN Lets Encrypt Free SSL Cert Observed in Possible Apple Phishing (trojan.rules)
2825611 - ETPRO CURRENT_EVENTS Adobe Online Document Phishing Landing Mar 25 M1 (current_events.rules)
2825612 - ETPRO MALWARE Win32/Adware.Kraddare.MB Dropping PUP (malware.rules)
2825613 - ETPRO TROJAN MSIL/Unk.PWS Reporting Infection via SMTP (trojan.rules)
2825614 - ETPRO CURRENT_EVENTS Successful Apple Phish Mar 27 2017 (current_events.rules)
2825615 - ETPRO TROJAN DNS Query to TorrentLocker Domain (flackbon . tw) (trojan.rules)
2825616 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.ay CnC Beacon (mobile_malware.rules)
2825617 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 2 (mobile_malware.rules)
2825618 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 3 (mobile_malware.rules)
2825619 - ETPRO TROJAN Undefined Python Ransomware CnC Checkin (trojan.rules)
2825620 - ETPRO TROJAN Undefined Python Ransomware CnC Activity (trojan.rules)
2825621 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.bz Checkin (mobile_malware.rules)
2825622 - ETPRO WEB_SERVER JexBoss Common URI struct Observed 3 (INBOUND) (web_server.rules)
2825623 - ETPRO WEB_SERVER JexBoss Common URI struct Observed 4 (INBOUND) (web_server.rules)
2825624 - ETPRO WEB_SERVER Successful WebShell Access (web_server.rules)
2825625 - ETPRO TROJAN Undefined Python Ransomware CnC Activity M2 (trojan.rules)
2825626 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 4 (mobile_malware.rules)
2825627 - ETPRO TROJAN Undefined Python Ransomware CnC Activity (trojan.rules)
2825628 - ETPRO TROJAN DNS Query to TorrentLocker Domain (ifixidea . com) (trojan.rules)

[///]     Modified active rules:     [///]

2810934 - ETPRO TROJAN Win32.Metfok Downloader CnC Beacon (trojan.rules)
2821474 - ETPRO MOBILE_MALWARE Android/Secapk.F Checkin 4 (mobile_malware.rules)
2825326 - ETPRO TROJAN DNS Query to TorrentLocker Domain (frontmain . pl) (trojan.rules)
2825327 - ETPRO TROJAN DNS Query to TorrentLocker Domain (joygo . pl) (trojan.rules)
2825328 - ETPRO TROJAN DNS Query to TorrentLocker Domain (questpul . pl) (trojan.rules)
2825329 - ETPRO TROJAN DNS Query to TorrentLocker Domain (homewind . pl) (trojan.rules)
2825581 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin (mobile_malware.rules)
2825599 - ETPRO TROJAN DNS Query to TorrentLocker Domain (hoptrop . pl) (trojan.rules)
2825600 - ETPRO TROJAN DNS Query to TorrentLocker Domain (mailteam . pl) (trojan.rules)
2825601 - ETPRO TROJAN DNS Query to TorrentLocker Domain (frontymen . pl) (trojan.rules)
 

Date: 
Monday, March 27, 2017 - 00:00