Daily Ruleset Update Summary 2017/07/28

[***]            Summary:            [***]

4 new Open, 25 new Pro (4 + 21). ISMAgent, Phishery Phishing Tool, Android/Spy.Lipizzan.A.

[+++]          Added rules:          [+++]

Open:

2024502 - ET TROJAN ISMAgent CnC Checkin 1 (trojan.rules)
2024503 - ET TROJAN ISMAgent Receiving Commands from CnC Server  (trojan.rules)
2024504 - ET TROJAN ISMAgent DNS Tunneling (microsoft-publisher . com) (trojan.rules)
2024505 - ET INFO Phishery Phishing Tool - Default SSL Certificate Observed (info.rules)

Pro:

2827329 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup (mobile_malware.rules)
2827330 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 2 (mobile_malware.rules)
2827331 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 3 (mobile_malware.rules)
2827332 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 4 (mobile_malware.rules)
2827333 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 5 (mobile_malware.rules)
2827334 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 6 (mobile_malware.rules)
2827335 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 7 (mobile_malware.rules)
2827336 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 8 (mobile_malware.rules)
2827337 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 9 (mobile_malware.rules)
2827338 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 10 (mobile_malware.rules)
2827339 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 11 (mobile_malware.rules)
2827340 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 12 (mobile_malware.rules)
2827341 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 13 (mobile_malware.rules)
2827342 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 14 (mobile_malware.rules)
2827343 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 15 (mobile_malware.rules)
2827344 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 16 (mobile_malware.rules)
2827345 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 17 (mobile_malware.rules)
2827346 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 18 (mobile_malware.rules)
2827347 - ETPRO MOBILE_MALWARE Android/Spy.Lipizzan.A DNS Lookup 19 (mobile_malware.rules)
2827348 - ETPRO TROJAN Nemesis Ransomware Onion Domain (trojan.rules)
2827349 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 193 (mobile_malware.rules)

[///]     Modified active rules:     [///]

2024285 - ET TROJAN OSX/Proton.B Domain in SNI (trojan.rules)
2816718 - ETPRO TROJAN NanoCore RAT Keep-Alive Beacon (trojan.rules)
2824274 - ETPRO TROJAN Zeus Panda Injects Domain in SNI (trojan.rules)
2826368 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.JZ SMS/Contact Exfil (mobile_malware.rules)

[---]         Disabled rules:        [---]

2805669 - ETPRO TROJAN TROJ_DLOADER.ANP Checkin (trojan.rules)
2826698 - ETPRO TROJAN Win32/Jeefo.B Domain in SNI (trojan.rules)

Date: 
Friday, July 28, 2017 - 00:00