Daily Ruleset Update Summary 2017/09/18

[***]            Summary:            [***]

13 new Open, 31 new Pro (13 + 18). CCleaner Backdoor DGA, Lucifer Loader, Various Phishing, Mobile.

[+++]          Added rules:          [+++]

Open:

2024707 - ET CURRENT_EVENTS Possible Apple Phishing Landing - Title over non SSL (current_events.rules)
2024708 - ET TROJAN CCleaner Backdoor DGA Feb 2017 (trojan.rules)
2024709 - ET TROJAN CCleaner Backdoor DGA Mar 2017 (trojan.rules)
2024710 - ET TROJAN CCleaner Backdoor DGA Apr 2017 (trojan.rules)
2024711 - ET TROJAN CCleaner Backdoor DGA May 2017 (trojan.rules)
2024712 - ET TROJAN CCleaner Backdoor DGA Jun 2017 (trojan.rules)
2024713 - ET TROJAN CCleaner Backdoor DGA Jul 2017 (trojan.rules)
2024714 - ET TROJAN CCleaner Backdoor DGA Aug 2017 (trojan.rules)
2024715 - ET TROJAN CCleaner Backdoor DGA Sep 2017 (trojan.rules)
2024716 - ET TROJAN CCleaner Backdoor DGA Oct 2017 (trojan.rules)
2024717 - ET TROJAN CCleaner Backdoor DGA Nov 2017 (trojan.rules)
2024718 - ET TROJAN CCleaner Backdoor DGA Dec 2017 (trojan.rules)
2024719 - ET TROJAN Lucifer Loader Requesting Payload (trojan.rules)

Pro:

2827974 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Hqwar.gen / BankBot Checkin (mobile_malware.rules)
2827975 - ETPRO CURRENT_EVENTS Successful Docusign Phish Sep 18 2017 (current_events.rules)
2827976 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 209 (mobile_malware.rules)
2827977 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 210 (mobile_malware.rules)
2827978 - ETPRO TROJAN PE EXE Windows File Hex Text Download (trojan.rules)
2827979 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 211 (mobile_malware.rules)
2827980 - ETPRO TROJAN Unknown CnC Activity (trojan.rules) 
2827981 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 212 (mobile_malware.rules)
2827982 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 213 (mobile_malware.rules)
2827983 - ETPRO CURRENT_EVENTS Successful Generic Phish Sep 18 2017 (current_events.rules)
2827984 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 214 (mobile_malware.rules)
2827985 - ETPRO MALWARE Observed Malicious SSL Cert (Adware/PUP Installer) (malware.rules)
2827986 - ETPRO TROJAN Observed CoinMiner Downloader in SNI via SSL (trojan.rules)
2827987 - ETPRO TROJAN MSIL.GuFran EXE DL (trojan.rules)
2827988 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 215 (mobile_malware.rules)
2827989 - ETPRO TROJAN Malicious Miner Downloading CoinMiner Binary M2 (trojan.rules)
2827990 - ETPRO TROJAN Malicious Miner Downloading CoinMiner Configuration M2 (trojan.rules)
2827991 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL) (current_events.rules)

[///]     Modified active rules:     [///]

2012849 - ET POLICY Possible Mobile Malware POST of IMSI International Mobile Subscriber Identity in URI (policy.rules)
2019158 - ET TROJAN Possible Malicious Invoice EXE (trojan.rules)
2816313 - ETPRO CURRENT_EVENTS Chalbhai Phishing Landing Feb 18 (current_events.rules)
2823937 - ETPRO CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016 (current_events.rules)
2823949 - ETPRO TROJAN Malicious Miner Downloading CoinMiner Binary M1 (trojan.rules)
2823950 - ETPRO TROJAN Malicious Miner Downloading CoinMiner Configuration M1 (trojan.rules)

Date: 
Monday, September 18, 2017 - 00:00