Daily Ruleset Update Summary 2017/05/10

[***]            Summary:            [***]

20 new Pro. Loda Logger, Bingo Exploit Kit, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

Pro:

2826343 - ETPRO TROJAN XSLT/XML Raw Binary Executable Inbound (trojan.rules)
2826344 - ETPRO TROJAN Loda Logger Executing Previously Downloaded File (trojan.rules)
2826345 - ETPRO TROJAN Loda Logger Downloading Password Stealer (trojan.rules)
2826346 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-05-09 2) (trojan.rules)
2826347 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-05-09 3) (trojan.rules)
2826348 - ETPRO TROJAN NetWireRAT Keep-Alive (set) (trojan.rules)
2826349 - ETPRO TROJAN NetWireRAT Keep-Alive (trojan.rules)
2826350 - ETPRO CURRENT_EVENTS Bingo Exploit Kit Landing May 08 2017 (current_events.rules)
2826351 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-05-09 1) (trojan.rules)
2826352 - ETPRO TROJAN Win32/Serpent Ransomware Debug Checkin (trojan.rules)
2826353 - ETPRO CURRENT_EVENTS Successful Paypal Phish May 10 2017 (current_events.rules)
2826354 - ETPRO TROJAN Loda Logger Read File Contents Request (trojan.rules)
2826355 - ETPRO TROJAN Loda Logger List Pictures in UserProfile Request (trojan.rules)
2826356 - ETPRO MOBILE_MALWARE Android BankBot Checkin 5 (mobile_malware.rules)
2826357 - ETPRO TROJAN Loda Logger List Files Request (set) (trojan.rules)
2826358 - ETPRO TROJAN Loda Logger List Files Request (trojan.rules)
2826359 - ETPRO TROJAN Win32/Zegost.Ddos Checkin (trojan.rules)
2826360 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 101 (mobile_malware.rules)
2826361 - ETPRO TROJAN AZORult Variant.2 Checkin m3 (trojan.rules)
2826362 - ETPRO MOBILE_MALWARE Android BankBot Checkin 6 (mobile_malware.rules)

[+++]  Enabled and modified rules:   [+++]

2019344 - ET CURRENT_EVENTS FAKEIE Minimal Headers (flowbit set) (current_events.rules)
2023197 - ET USER_AGENTS Microsoft Edge on Windows 10 SET (user_agents.rules)
2800109 - ETPRO WEB_CLIENT Microsoft Excel Workspace xlw download (web_client.rules)

[///]     Modified active rules:     [///]

2822117 - ETPRO TROJAN Loda Logger CnC Beacon Response (trojan.rules)
2826166 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 7) (trojan.rules)
2826206 - ETPRO TROJAN AZORult Variant.2 Checkin (trojan.rules)
2826232 - ETPRO TROJAN AZORult Variant.2 Checkin m2 (trojan.rules)
2826317 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 98 (mobile_malware.rules)
2826318 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 99 (mobile_malware.rules)
2826319 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 100 (mobile_malware.rules)

[---]         Disabled rules:        [---]

2017126 - ET CURRENT_EVENTS FlimKit Landing July 10 2013 (current_events.rules)
 

Date: 
Wednesday, May 10, 2017 - 00:00