Daily Ruleset Update Summary 2017/08/24

[***]            Summary:            [***]

16 new Pro. VBS.DrinkingGround, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

2827641 - ETPRO TROJAN VBS.DrinkingGround Checkin (trojan.rules)
2827642 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish Aug 24 2017 (current_events.rules)
2827643 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.aa Reporting Infection via SMTP (mobile_malware.rules)
2827644 - ETPRO TROJAN DNS Query to Cerber Domain (1dp6un . top) (trojan.rules)
2827645 - ETPRO TROJAN DNS Query to Cerber Domain (l7g2sv . bid) (trojan.rules)
2827646 - ETPRO TROJAN DNS Query to Cerber Domain (1hw36d . top) (trojan.rules)
2827647 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.SmsThief.ac SMS/Contact Exfil via SMTP 5 (mobile_malware.rules)
2827648 - ETPRO TROJAN DNS Query to Cerber Domain (tg4d0x . top) (trojan.rules)
2827649 - ETPRO TROJAN DNS Query to Cerber Domain (xreb38 . top) (trojan.rules)
2827650 - ETPRO TROJAN DNS Query to Cerber Domain (47riy1 . top) (trojan.rules)
2827651 - ETPRO TROJAN DNS Query to Cerber Domain (2hr4fs . top) (trojan.rules)
2827652 - ETPRO TROJAN DNS Query to Cerber Domain (9k6lwu . top) (trojan.rules)
2827653 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-08-24 1) (trojan.rules)
2827654 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-08-24 2) (trojan.rules)
2827655 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-08-24 3) (trojan.rules)
2827656 - ETPRO TROJAN VBS.DrinkingGround Checkin 2 (trojan.rules)

[///]     Modified active rules:     [///]

2024603 - ET TROJAN Spora Ransomware DNS Query (trojan.rules)
2803145 - ETPRO TROJAN BackDoor.Darkshell.246/Magic Ferret CnC traffic (trojan.rules)
2810276 - ETPRO TROJAN Alureon CnC Beacon (trojan.rules)
2811472 - ETPRO TROJAN NSIS/TrojanDownloader.Agent.NRQ Downloader Checkin (trojan.rules)
2814518 - ETPRO MALWARE Win32/Wimepud PUP Checkin (malware.rules)
2821014 - ETPRO WEB_CLIENT suspicious .CAB containing single executable file (observed in maldoc campaign) (web_client.rules)
2821564 - ETPRO TROJAN Win32/Kryptik.FCPN Facebook Stealer Activity (trojan.rules)
2821891 - ETPRO TROJAN Win32/Barys IRC Bot NICK Command (trojan.rules)
2822030 - ETPRO TROJAN Win32/Wadereh Checkin (trojan.rules)
2822143 - ETPRO TROJAN Loda Logger Screenshot Command from CnC (trojan.rules)
2824761 - ETPRO TROJAN MSIL/Agent.RZW CoinMiner CnC Activity (trojan.rules)
2824976 - ETPRO TROJAN Win32/Agent.RTC RAT Checkin (trojan.rules)
2827629 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 13 (mobile_malware.rules)
2827630 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 14 (mobile_malware.rules)
2827633 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.GV CnC Beacon (mobile_malware.rules)
2827634 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 194 (mobile_malware.rules)

Date: 
Thursday, August 24, 2017 - 00:00