Daily Ruleset Update Summary 2017/06/15

[***]            Summary:            [***]

23 new Pro. Sage/Cerber Domains, Various Phishing, Various Mobile.

Thanks: @riskanalytics

[+++]          Added rules:          [+++]

2826751 - ETPRO TROJAN DNS Query to Sage Domain (17b3o . net) (trojan.rules)
2826752 - ETPRO TROJAN DNS Query to Sage Domain (2igu316 . com) (trojan.rules)
2826753 - ETPRO TROJAN DNS Query to Cerber Domain (1dvqvh . top) (trojan.rules)
2826754 - ETPRO TROJAN DNS Query to Cerber Domain (1fel3k . top) (trojan.rules)
2826755 - ETPRO TROJAN DNS Query to Cerber Domain (1aq4sz . top) (trojan.rules)
2826756 - ETPRO TROJAN DNS Query to Cerber Domain (19s7gy . top) (trojan.rules)
2826757 - ETPRO TROJAN DNS Query to Cerber Domain (9u3iy1 . top) (trojan.rules)
2826758 - ETPRO TROJAN DNS Query to Cerber Domain (12gsjz . top) (trojan.rules)
2826759 - ETPRO TROJAN DNS Query to Cerber Domain (1pymg3 . top) (trojan.rules)
2826760 - ETPRO TROJAN DNS Query to Cerber Domain (13khiv . top) (trojan.rules)
2826761 - ETPRO TROJAN DNS Query to Cerber Domain (1b8tmn . top) (trojan.rules)
2826762 - ETPRO TROJAN DNS Query to Cerber Domain (135nt3 . top) (trojan.rules)
2826763 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-14 1) (trojan.rules)
2826764 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-14 2) (trojan.rules)
2826765 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-14 3) (trojan.rules)
2826766 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-14 4) (trojan.rules)
2826767 - ETPRO CURRENT_EVENTS Successful Netflix Phish Jun 142017 (current_events.rules)
2826768 - ETPRO CURRENT_EVENTS Successful Netflix Phish Jun 152017 (current_events.rules)
2826769 - ETPRO CURRENT_EVENTS Successful Docusign Phish Jun 152017 (current_events.rules)
2826770 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 150 (mobile_malware.rules)
2826771 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS/Contact Exfil via SMTP 2 (mobile_malware.rules)
2826772 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz SMS/Contact Exfil via SMTP (mobile_malware.rules)
2826773 - ETPRO TROJAN Win32/Dynamer!ac Checkin (trojan.rules)

[///]     Modified active rules:     [///]

2024338 - ET TROJAN Observed GET Request to Domain Hosting Malicious Payload (trojan.rules)
2024382 - ET TROJAN DPRK HIDDEN COBRA DDoS Handshake Success (trojan.rules)
2024383 - ET TROJAN DPRK HIDDEN COBRA Botnet C2 Host Beacon (trojan.rules)
2823937 - ETPRO CURRENT_EVENTS Successful Generic Phish (302) Dec 162016 (current_events.rules)
2826320 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 2 (mobile_malware.rules)
2826321 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 3 (mobile_malware.rules)
2826323 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 4 (mobile_malware.rules)
2826326 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot CnC Beacon (mobile_malware.rules)
2826356 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 5 (mobile_malware.rules)
2826362 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 6 (mobile_malware.rules)
2826505 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 7 (mobile_malware.rules)
2826506 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 8 (mobile_malware.rules)
2826677 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 9 (mobile_malware.rules)
2826678 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 10 (mobile_malware.rules)
2826705 - ETPRO TROJAN Win32/Neshta.A Checkin (trojan.rules)
2826720 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 11 (mobile_malware.rules)
 

Date: 
Thursday, June 15, 2017 - 00:00