Daily Ruleset Update Summary 2017/07/27

[***]            Summary:            [***]

2 new Open, 18 new Pro (2 + 16). Revcode, MSIL/Marker.HTTP.Bot, Various Phishing.

Thanks: @malwrhunterteam

[+++]          Added rules:          [+++]

Open:

2024500 - ET TROJAN Revcode RAT CnC (trojan.rules)
2024501 - ET TROJAN Revcode RAT CnC 2 (trojan.rules)

Pro:

2827313 - ETPRO CURRENT_EVENTS Successful Adobe Phish Jul 26 2017 (current_events.rules)
2827314 - ETPRO TROJAN MSIL/Unk.RAT CnC Keep-Alive (trojan.rules)
2827315 - ETPRO CURRENT_EVENTS Successful Netflix Phish Jul 26 2017 (current_events.rules)
2827316 - ETPRO CURRENT_EVENTS Successful Rackspace Phish Jul 26 2017 (current_events.rules)
2827317 - ETPRO CURRENT_EVENTS Successful Zoominfo Phish Jul 26 2017 (current_events.rules)
2827318 - ETPRO TROJAN MSIL/Marker.HTTP.Bot CnC Checkin (trojan.rules)
2827319 - ETPRO TROJAN W32/Bancodor Checkin (trojan.rules)
2827320 - ETPRO TROJAN DNS Query to Cerber Domain (12f53x . top) (trojan.rules)
2827321 - ETPRO TROJAN DNS Query to Cerber Domain (1mnsg6 . top) (trojan.rules)
2827322 - ETPRO TROJAN DNS Query to Cerber Domain (1ebjjq . top) (trojan.rules)
2827323 - ETPRO TROJAN DNS Query to Cerber Domain (1225wj . top) (trojan.rules)
2827324 - ETPRO TROJAN DNS Query to Cerber Domain (1pcvko . top) (trojan.rules)
2827325 - ETPRO TROJAN DNS Query to Cerber Domain (m5gid4 . top) (trojan.rules)
2827326 - ETPRO TROJAN DNS Query to Cerber Domain (143kzi . top) (trojan.rules)
2827327 - ETPRO TROJAN DNS Query to Cerber Domain (17cwdi . top) (trojan.rules)
2827328 - ETPRO TROJAN Zyklon Malicious Domain in SNI Observed (t3rqxlhq2o2zltsrfk34g7u) (trojan.rules)

[///]     Modified active rules:     [///]

2825239 - ETPRO INFO Lets Encrypt Free SSL Cert Observed in Possible Apple Phishing (info.rules)

Date: 
Thursday, July 27, 2017 - 00:00