Daily Ruleset Update Summary 2017/08/04

[***]            Summary:            [***]

22 new Pro (15 + 1). Murlox Stealer, AdWare.Dotdo, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

2827395 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2017-08-03) (current_events.rules)
2827396 - ETPRO TROJAN W32/Unknown Coinminer Checkin (trojan.rules)
2827397 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-08-04 1) (trojan.rules)
2827398 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-08-04 2) (trojan.rules)
2827399 - ETPRO TROJAN MSIL/Murlox Stealer CnC Checkin (trojan.rules)
2827400 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac SMS Exfil via SMTP 3 (mobile_malware.rules)
2827401 - ETPRO TROJAN DNS Query to Cerber Domain (1fttxm . top) (trojan.rules)
2827402 - ETPRO TROJAN DNS Query to Cerber Domain (1fcfjn . top) (trojan.rules)
2827403 - ETPRO TROJAN DNS Query to Cerber Domain (1bcnad . top) (trojan.rules)
2827404 - ETPRO TROJAN DNS Query to Cerber Domain (18zrup . top) (trojan.rules)
2827405 - ETPRO TROJAN DNS Query to Cerber Domain (13iuvw . top) (trojan.rules)
2827406 - ETPRO TROJAN DNS Query to Cerber Domain (19kdeh . top) (trojan.rules)
2827407 - ETPRO TROJAN DNS Query to Cerber Domain (16hwwh . top) (trojan.rules)
2827408 - ETPRO TROJAN DNS Query to Cerber Domain (17gcun . top) (trojan.rules)
2827409 - ETPRO TROJAN DNS Query to Cerber Domain (158ugp . top) (trojan.rules)
2827410 - ETPRO TROJAN DNS Query to Cerber Domain (1mkwry . top) (trojan.rules)
2827411 - ETPRO TROJAN DNS Query to Cerber Domain (16g9ub . top) (trojan.rules)
2827412 - ETPRO TROJAN Win32/MoneroMiner Downloader - Malicious Monero Address Observed (trojan.rules)
2827413 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz SMS/Contact Exfil via SMTP 6 (mobile_malware.rules)
2827414 - ETPRO MALWARE MSIL/AdWare.Dotdo PUA CnC Checkin (malware.rules)
2827415 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ed SMS Exfil via SMTP (mobile_malware.rules)
2827416 - ETPRO MOBILE_MALWARE Android.Trojan.SLocker.FH Reporting via SMTP (mobile_malware.rules)

[///]     Modified active rules:     [///]

2024487 - ET TROJAN LokiBot Related DNS query (trojan.rules)
2024488 - ET TROJAN LokiBot Related DNS query (trojan.rules)
2824093 - ETPRO CURRENT_EVENTS Possible Successful Outlook Web App Phish Dec 27 2016 (current_events.rules)

Date: 
Friday, August 4, 2017 - 00:00