Daily Ruleset Update Summary 2017/06/09

[***]            Summary:            [***]

7 new Open, 14 new Pro (7 + 7). Dipsind CnC, Spectre Ransomware, Various Phishing, Various Mobile.

Thanks: Nick Price (@dominotree), @illegalFawn, @MalwrHunterTeam, MS-iSAC (@CISecurity)

[+++]          Added rules:          [+++]

Open:

2024369 - ET TROJAN PLATINUM Dipsind CnC Beacon (trojan.rules)
2024370 - ET CURRENT_EVENTS Successful Poste Italiane Phish Jun 082017 (current_events.rules)
2024371 - ET CURRENT_EVENTS Successful Banco Itau (BR) Phish Jun 092017 (current_events.rules)
2024372 - ET CURRENT_EVENTS Successful BBVA Phish Jun 092017 (current_events.rules)
2024373 - ET TROJAN Win32/Spectre Ransomware CnC Checkin (trojan.rules)
2024374 - ET CURRENT_EVENTS Successful Apple Phish Jun 092017 (current_events.rules)
2024375 - ET INFO Possible Successful Hostinger Generic Phish Jun 092017 (info.rules)

Pro:

2826684 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 144 (mobile_malware.rules)
2826685 - ETPRO MOBILE_MALWARE Android/Monitor.Spyoo.L CnC Beacon (mobile_malware.rules)
2826686 - ETPRO CURRENT_EVENTS MalDoc Retrieving Payload June 092017 (current_events.rules)
2826687 - ETPRO CURRENT_EVENTS Successful Santander Phish Jun 092017 (current_events.rules)
2826688 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS Exfil via SMTP 2 (mobile_malware.rules)
2826689 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact Exfil via SMTP 4 (mobile_malware.rules)
2826690 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Congur.san Reporting via SMTP (mobile_malware.rules)

[///]     Modified active rules:     [///]

2003657 - ET TROJAN Suspicious User-Agent (MSIE) (trojan.rules)
2018044 - ET CURRENT_EVENTS Successful Visa Phish (current_events.rules)
2018304 - ET CURRENT_EVENTS Successful iTunes Phish (current_events.rules)
2019781 - ET CURRENT_EVENTS Successful AOL/PayPal Phish (current_events.rules)
2020803 - ET CURRENT_EVENTS Successful GoogleFile Phish (current_events.rules)
2823165 - ETPRO TROJAN Win32/RediModiUpd/Matrix Banker CnC Checkin (trojan.rules)
2825226 - ETPRO TROJAN Helminth/Oilrig CnC Beacon 2 (trojan.rules)
 

Date: 
Friday, June 9, 2017 - 00:00