Daily Ruleset Update Summary 2017/04/06

[***]            Summary:            [***]

1 new Open, 26 new Pro (1 + 25). Trojan-Banker.AndroidOS.Asacub.a, MICROPSIA

Thanks: @malwrhunterteam

[+++]          Added rules:          [+++]

Open:

2024182 - ET TROJAN MSIL/NR42 Bot Parsing Config From Webpage (trojan.rules)

Pro:

2825800 - ETPRO TROJAN DNS Query to Cerber Domain (1aajb7 . top) (trojan.rules)
2825801 - ETPRO TROJAN DNS Query to Cerber Domain (1gunao . top) (trojan.rules)
2825802 - ETPRO TROJAN DNS Query to Cerber Domain (1nm62r . top) (trojan.rules)
2825803 - ETPRO TROJAN DNS Query to Cerber Domain (1gu5um . top) (trojan.rules)
2825804 - ETPRO TROJAN DNS Query to Cerber Domain (1grvue . top) (trojan.rules)
2825805 - ETPRO TROJAN DNS Query to Cerber Domain (142djp . top) (trojan.rules)
2825806 - ETPRO TROJAN DNS Query to Cerber Domain (1bcxcs . top) (trojan.rules)
2825807 - ETPRO TROJAN DNS Query to Cerber Domain (1czh7o . top) (trojan.rules)
2825808 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 21 (mobile_malware.rules)
2825809 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 22 (mobile_malware.rules)
2825810 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 23 (mobile_malware.rules)
2825811 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 24 (mobile_malware.rules)
2825812 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 25 (mobile_malware.rules)
2825813 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 26 (mobile_malware.rules)
2825814 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 27 (mobile_malware.rules)
2825815 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 28 (mobile_malware.rules)
2825816 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 29 (mobile_malware.rules)
2825817 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 30 (mobile_malware.rules)
2825818 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 31 (mobile_malware.rules)
2825819 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 32 (mobile_malware.rules)
2825820 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 33 (mobile_malware.rules)
2825821 - ETPRO TROJAN Targeted MICROPSIA SSL Cert (trojan.rules)
2825822 - ETPRO TROJAN Targeted MICROPSIA SSL Cert (trojan.rules)
2825823 - ETPRO TROJAN MICROPSIA Retrieving CnC Location (trojan.rules)
2825824 - ETPRO TROJAN MICROPSIA Fake Headers and UA (trojan.rules)

[///]     Modified active rules:     [///]

2007994 - ET MALWARE Suspicious User-Agent (1 space) (malware.rules)
2008233 - ET TROJAN Common Downloader Install Report URL (farfly checkin) (trojan.rules)
2013315 - ET TROJAN Suspicious User-Agent (Agent and 5 or 6 digits) (trojan.rules)
2022985 - ET TROJAN Trojan Generic - POST To gate.php with no accept headers (trojan.rules)
2023998 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2) (trojan.rules)
2825132 - ETPRO TROJAN Win32/TinyNuke CnC Checkin (trojan.rules)
2825302 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules)
2825303 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules)
2825304 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules)
2825306 - ETPRO TROJAN TorrentLocker C2 Domain (trojan.rules)
2825619 - ETPRO TROJAN Fatboy Python Ransomware CnC Checkin (trojan.rules)
2825620 - ETPRO TROJAN Fatboy Python Ransomware CnC Activity (trojan.rules)
2825625 - ETPRO TROJAN Fatboy Python Ransomware CnC Activity M2 (trojan.rules)
2825758 - ETPRO TROJAN MSIL/GX40 Ransomware CnC Checkin (trojan.rules)
 

Date: 
Thursday, April 6, 2017 - 00:00