Daily Ruleset Update Summary 2017/08/10

[***] Summary: [***]

2 new Open signatures, 19 new Open.  CoalaBot, SmsThief, VARIOUS PHISHING.

Thanks:  @MalwrHunterTeam.

[+++]          Added rules:          [+++]

Open:

2024531 - ET TROJAN MSIL/CoalaBot CnC Activity (trojan.rules)
2024532 - ET CURRENT_EVENTS Successful Mail.ru Phish Aug 10 2017 (current_events.rules)

Pro:

2827475 - ETPRO TROJAN Win32/Unknown CnC Communications (trojan.rules)
2827476 - ETPRO TROJAN Winnti Possible Meterpreter or Cobalt Strike Downloader (trojan.rules)
2827477 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.cn SMS/Contact Exfil (mobile_malware.rules)
2827478 - ETPRO CURRENT_EVENTS Successful Citibank Phish Aug 10 2017 (current_events.rules)
2827479 - ETPRO TROJAN Demiguise HTA Observed over HTTP (trojan.rules)
2827480 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.fh SMS/Contact Exfil via SMTP (mobile_malware.rules)
2827481 - ETPRO CURRENT_EVENTS Successful American Express Phish M1 Aug 10 2017 (current_events.rules)
2827482 - ETPRO CURRENT_EVENTS Successful American Express Phish M2 Aug 10 2017 (current_events.rules)
2827483 - ETPRO CURRENT_EVENTS Successful Chase Phish Aug 10 2017 (current_events.rules)
2827484 - ETPRO CURRENT_EVENTS Successful Banco Estado Phish Aug 10 2017 (current_events.rules)
2827485 - ETPRO CURRENT_EVENTS Successful HSBC Phish Aug 10 2017 (current_events.rules)
2827486 - ETPRO CURRENT_EVENTS Successful Caixa Phish Aug 10 2017 (current_events.rules)
2827487 - ETPRO CURRENT_EVENTS Successful Excel Phish Aug 10 2017 (current_events.rules)
2827488 - ETPRO MOBILE_MALWARE Android/Monitor.SpyPhone.J CnC Beacon (mobile_malware.rules)
2827489 - ETPRO MOBILE_MALWARE Android/Monitor.SpyPhone.J CnC Beacon 2 (mobile_malware.rules)
2827490 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.kk SMS/Contact Exfil via SMTP (mobile_malware.rules)
2827491 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.fh SMS/Contact Exfil via SMTP 2 (mobile_malware.rules)

[///]     Modified active rules:     [///]

2024530 - ET TROJAN OSX/Mughthesec/SafeFinder/OperatorMac Rogue Search Engine DNS Query Observed (trojan.rules)
2821772 - ETPRO CURRENT_EVENTS Successful Blockchain Account Phish Aug 19 2016 (current_events.rules)
2824863 - ETPRO TROJAN Win32/Fadok.A Checkin (trojan.rules)
2826997 - ETPRO TROJAN Win32/Banload Downloader Checkin (trojan.rules)

Date: 
Thursday, August 10, 2017 - 00:00