Daily Ruleset Update Summary 2017/07/26

[***]            Summary:            [***]

1 new Open, 23 new Pro (1 + 22). BanloadDownloader.XZY, Misc Ticks, Various Mobile.

[+++]          Added rules:          [+++]

Open:

2024499 - ET TROJAN Win32/BanloadDownloader.XZY Retrieving Payload (trojan.rules)

Pro:

2825239 - ETPRO INFO Lets Encrypt Free SSL Cert Observed in Possible Apple Phishing (info.rules)
2827292 - ETPRO TROJAN Hidden-Tear Ransomware Variant (wannafly) CnC Beacon (trojan.rules)
2827293 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 191 (mobile_malware.rules)
2827294 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 192 (mobile_malware.rules)
2827295 - ETPRO TROJAN Tick Related W32/Datper (trojan.rules)
2827296 - ETPRO MOBILE_MALWARE Android.Trojan.SmsSpy.GI CnC Beacon (mobile_malware.rules)
2827297 - ETPRO TROJAN Tick Related W32/HomamDownloader  (trojan.rules)
2827298 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules)
2827299 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules)
2827300 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules)
2827301 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules)
2827302 - ETPRO TROJAN Tick Related DNS Lookup (trojan.rules)
2827303 - ETPRO MOBILE_MALWARE Android.Trojan.Downloader.JP CnC Beacon (mobile_malware.rules)
2827304 - ETPRO MOBILE_MALWARE Android.Trojan.Downloader.JP DNS Lookup (mobile_malware.rules)
2827305 - ETPRO TROJAN DNS Query to Cerber Domain (18ey8e . top) (trojan.rules)
2827306 - ETPRO TROJAN DNS Query to Cerber Domain (1ns1hx . top) (trojan.rules)
2827307 - ETPRO TROJAN DNS Query to Cerber Domain (18rkju . top) (trojan.rules)
2827308 - ETPRO TROJAN DNS Query to Cerber Domain (gkfit9 . top) (trojan.rules)
2827309 - ETPRO TROJAN DNS Query to Cerber Domain (1csesc . top) (trojan.rules)
2827310 - ETPRO TROJAN DNS Query to Cerber Domain (1a2jzy . top) (trojan.rules)
2827311 - ETPRO TROJAN DNS Query to Cerber Domain (18lmhb . top) (trojan.rules)
2827312 - ETPRO TROJAN DNS Query to Cerber Domain (1mfmkz . top) (trojan.rules)

[///]     Modified active rules:     [///]

2024495 - ET TROJAN CopyKittens Matryoshka DNS Lookup 1 (winupdate64 . com) (trojan.rules)
2024496 - ET TROJAN CopyKittens Matryoshka DNS Lookup 2 (twiter-statics . info) (trojan.rules)
2024497 - ET TROJAN CopyKittens Cobalt Strike DNS Lookup (cloudflare-analyse . com) (trojan.rules)
2827253 - ETPRO TROJAN Shifr Ransomware Malicious Domain in SNI Observed (trojan.rules)

[---]         Removed rules:         [---]

2825239 - ETPRO TROJAN Lets Encrypt Free SSL Cert Observed in Possible Apple Phishing (trojan.rules)

Date: 
Wednesday, July 26, 2017 - 00:00