Daily Ruleset Update Summary 2017/05/16

[***]            Summary:            [***]

10 new Open, 20 new Pro (10 + 10). WannaCry, Various Mobile

Thanks: Kevin Ross, @MalwrHunterTeam

[+++]          Added rules:          [+++]

Open:

2024295 - ET TROJAN Possible WannaCry DNS Lookup (trojan.rules)
2024296 - ET TROJAN Possible WannaCry DNS Lookup (trojan.rules)
2024297 - ET CURRENT_EVENTS ETERNALBLUE Exploit M2 MS17-010 (current_events.rules)
2024298 - ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1 (trojan.rules)
2024299 - ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 2 (trojan.rules)
2024300 - ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 3 (trojan.rules)
2024301 - ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 4 (trojan.rules)
2024302 - ET TROJAN W32/WannaCry.Ransomware Killswitch Domain HTTP Request 5 (trojan.rules)
2024303 - ET WEB_CLIENT Malicious SCF File Inbound (web_client.rules)
2024304 - ET TROJAN MSIL/May Ransomware SSL Cert Observed (trojan.rules)

Pro:

2826400 - ETPRO MOBILE_MALWARE Android/Fadeb.P Checkin (mobile_malware.rules)
2826401 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 114 (mobile_malware.rules)
2826402 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 115 (mobile_malware.rules)
2826403 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 116 (mobile_malware.rules)
2826404 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar.jck Checkin (mobile_malware.rules)
2826405 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar.jck Response (mobile_malware.rules)
2826406 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar.jck Response 2 (mobile_malware.rules)
2826407 - ETPRO TROJAN Hidden-Tear Ransomware Variant Malicious SSL Cert Observed (trojan.rules)
2826408 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 3 (mobile_malware.rules)
2826409 - ETPRO TROJAN Hidden-Tear Ransomware Variant CnC Beacon (trojan.rules)
 

Date: 
Tuesday, May 16, 2017 - 00:00