Daily Ruleset Update Summary 2017/10/31

[***]            Summary:            [***]

8 new Open, 12 new Pro (8 + 7). BadPatch, Downeks/Quasar DNS, Various Phishing, Various Mobile.

Thanks: @rmkml

[+++]          Added rules:          [+++]

Open:

2024933 - ET TROJAN IoT_reaper DNS Lookup M4 (trojan.rules)
2024934 - ET TROJAN IoT_reaper DNS Lookup M5 (trojan.rules)
2024935 - ET TROJAN IoT_reaper DNS Lookup M6 (trojan.rules)
2024936 - ET TROJAN IoT_reaper DNS Lookup M7 (trojan.rules)
2024937 - ET TROJAN Downeks/Quasar DNS Lookup (cloudns .club) (trojan.rules)
2024938 - ET TROJAN Downeks/Quasar DNS Lookup (topsite .life) (trojan.rules)
2024939 - ET TROJAN Downeks/Quasar DNS Lookup (updatesforme .club) (trojan.rules)
2024940 - ET TROJAN Downeks/Quasar DNS Lookup (moreoffer .life) (trojan.rules)

Pro:

2828475 - ETPRO TROJAN MSIL/Galaxy RAT CnC Checkin (trojan.rules)
2828476 - ETPRO TROJAN Chthonic CnC Beacon 11 (trojan.rules)
2828477 - ETPRO TROJAN Carbanak/FIN7 Bateleur SSL Certificate Detected (trojan.rules)
2828478 - ETPRO TROJAN VB.BadPatch Checkin (trojan.rules)
2828479 - ETPRO TROJAN AU3.BadPatch Malware CnC 1 (trojan.rules)
2828480 - ETPRO TROJAN AU3.BadPatch Malware CnC 2 (trojan.rules)
2828481 - ETPRO TROJAN MSIL/Game.Browser Stealer CnC Checkin (trojan.rules)

[///]     Modified active rules:     [///]

2023472 - ET POLICY OpenDNS IP Lookup (policy.rules)
2024422 - ET CURRENT_EVENTS Amazon Phish Landing Jun 22 2017 (current_events.rules)
2024779 - ET CURRENT_EVENTS DNS Query For Browser Cryptocurrency Mining Domain (current_events.rules)
2024828 - ET CURRENT_EVENTS Observed DNS Query to Browser Coinminer (crypto-loot[.]com) (current_events.rules)
2024844 - ET CURRENT_EVENTS Tech Support Phone Scam Landing M1 Oct 16 2016 (current_events.rules)
2802205 - ETPRO EXPLOIT HP Intelligent Management Center TFTP Server MODE Remote Code Execution 1 (exploit.rules)
2821725 - ETPRO TROJAN Win32/Agent.WTE/Manuscrypt HTTP CnC Beacon (trojan.rules)
2826593 - ETPRO TROJAN TCP DNS Query Domain .bit (Namecoin) (trojan.rules)
2828090 - ETPRO POLICY IP Check ip.anysrc.net DNS Lookup (policy.rules)
2828091 - ETPRO POLICY IP Check whatsmyip.website DNS Lookup (policy.rules)

Date: 
Tuesday, October 31, 2017 - 00:00