Daily Ruleset Update Summary 2017/07/05

[***]            Summary:            [***]

3 new Open, 28 new Pro (3 + 25). Win32/Banload, Various Phishing, Various Mobile.

Thanks: @lowson

[+++]          Added rules:          [+++]

Open:

2024441 - ET TROJAN Unknown CnC (trojan.rules)
2024442 - ET TROJAN Unknown CnC Response (trojan.rules)
2024443 - ET TROJAN Possible Win32/Petya Conn Check (trojan.rules)

Pro:

2826980 - ETPRO TROJAN MSIL/Unknown CnC Reporting Infection (trojan.rules)
2826981 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 164 (mobile_malware.rules)
2826982 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 165 (mobile_malware.rules)
2826983 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 166 (mobile_malware.rules)
2826984 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 167 (mobile_malware.rules)
2826985 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 168 (mobile_malware.rules)
2826986 - ETPRO CURRENT_EVENTS Successful First Citizens Bank Phish Jul 05 2017 (current_events.rules)
2826987 - ETPRO CURRENT_EVENTS Successful Chase Mobile Phish M1 Jul 5 2017 (current_events.rules)
2826988 - ETPRO CURRENT_EVENTS Successful Chase Mobile Phish M2 Jul 05 2017 (current_events.rules)
2826989 - ETPRO CURRENT_EVENTS Chase Mobile Phishing Landing M1 (current_events.rules)
2826990 - ETPRO CURRENT_EVENTS Chase Mobile Phishing Landing M2 (current_events.rules)
2826991 - ETPRO TROJAN Win32/Unknown CnC Activity (trojan.rules)
2826992 - ETPRO CURRENT_EVENTS Successful ADP Phish Jul 05 2017 (current_events.rules)
2826993 - ETPRO CURRENT_EVENTS Successful Outlook Webmail Account Phish Jul 05 2017 (current_events.rules)
2826994 - ETPRO MOBILE_MALWARE Android/Rootnik.BV Checkin (mobile_malware.rules)
2826995 - ETPRO MALWARE PUA Win32/SlimCleaner Checkin (malware.rules)
2826996 - ETPRO CURRENT_EVENTS Successful Paypal Phish Jul 05 2017 (current_events.rules)
2826997 - ETPRO TROJAN Win32/Banload Downloader Checkin (trojan.rules)
2826998 - ETPRO CURRENT_EVENTS Successful IRS Phish Jul 05 2017 (current_events.rules)
2826999 - ETPRO TROJAN Win32/Neshta.A DNS Lookup (trojan.rules)
2827000 - ETPRO CURRENT_EVENTS Successful Paypal Phish (Confirm Address) Jul 05 2017 (current_events.rules)
2827001 - ETPRO CURRENT_EVENTS Successful Paypal VBV Phish Jul 05 2017 (current_events.rules)
2827002 - ETPRO CURRENT_EVENTS Successful Paypal Phish (Bank Login) Jul 05 2017 (current_events.rules)
2827003 - ETPRO CURRENT_EVENTS Paypal Phishing Landing M1 Jul 05 2017 (current_events.rules)
2827004 - ETPRO CURRENT_EVENTS Paypal Phishing Landing M2 Jul 05 2017 (current_events.rules)

[///]     Modified active rules:     [///]

2812980 - ETPRO MOBILE_MALWARE Android.Trojan.Damruved.A Checkin (mobile_malware.rules)
2825252 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 Mar 07 2017 (current_events.rules)
2826931 - ETPRO TROJAN Idicaf CnC Beacon (trojan.rules)

[---]         Disabled rules:        [---]

2812836 - ETPRO CURRENT_EVENTS Successful Outlook Webmail Account Phish Sept 1 M1 (current_events.rules)
2816904 - ETPRO CURRENT_EVENTS Successful OWA Phish Apr 4 (current_events.rules)
2823273 - ETPRO CURRENT_EVENTS Successful OWA Phish Nov 15 2016 (current_events.rules)
2825168 - ETPRO CURRENT_EVENTS Successful OWA Phish Mar 1 2017 (current_events.rules)
 

Date: 
Wednesday, July 5, 2017 - 00:00