Daily Ruleset Update Summary 2017/03/30

[***]            Summary:            [***]

3 new Open, 19 new Pro (3 + 16). Various Phishing, Various Android

Thanks: Kevin Ross, pckthck

[+++]          Added rules:          [+++]

Open:

2024120 - ET TROJAN MSIL/Matrix Ransomware CnC Activity (trojan.rules)
2024121 - ET EXPLOIT NETGEAR WNR2000v5 hidden_lang_avi Stack Overflow (CVE-2016-10174) (exploit.rules)
2024122 - ET CURRENT_EVENTS MalDoc Retrieving Payload March 30 2017 (current_events.rules)

Pro:

2825676 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar DNS Lookup (mobile_malware.rules)
2825677 - ETPRO MALWARE Win32/Adware.Ymeta.A CnC Beacon (malware.rules)
2825678 - ETPRO MOBILE_MALWARE PUP Android/Agent-AZS Checkin (mobile_malware.rules)
2825679 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.k CnC Beacon (mobile_malware.rules)
2825680 - ETPRO TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules)
2825681 - ETPRO TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules)
2825682 - ETPRO TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules)
2825683 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.gd SMS Exfil via SMTP (mobile_malware.rules)
2825684 - ETPRO CURRENT_EVENTS Successful Claro Phish Mar 30 2017 (current_events.rules)
2825685 - ETPRO CURRENT_EVENTS Successful Google Drive Phish Mar 30 2017 (current_events.rules)
2825686 - ETPRO CURRENT_EVENTS Successful Made in China Phish Mar 30 2017 (current_events.rules)
2825687 - ETPRO CURRENT_EVENTS Successful iCloud Phish Mar 30 2017 (current_events.rules)
2825688 - ETPRO CURRENT_EVENTS Successful Outlook Web Access Phish Mar 30 2017 (current_events.rules)
2825689 - ETPRO CURRENT_EVENTS Successful USBank Phish Mar 30 2017 (current_events.rules)
2825690 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish Mar 30 2017 (current_events.rules)
2825691 - ETPRO CURRENT_EVENTS Successful Navy Federal Phish Mar 30 2017 (current_events.rules)

[///]     Modified active rules:     [///]

2806829 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Fav.a Checkin (mobile_malware.rules)

[---]         Removed rules:         [---]

2825125 - ETPRO TROJAN MSIL/Matrix Ransomware CnC Activity (trojan.rules)
 

Date: 
Thursday, March 30, 2017 - 00:00