Daily Ruleset Update Summary 2017/11/07

[***]            Summary:            [***]

2 new Open, 13 new Pro (11 + 2). OceanLotus JavaScript, Win32.DiscordiaMiner, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2024969 - ET TROJAN OceanLotus System Profiling JavaScript HTTP Request (trojan.rules)
2024970 - ET CURRENT_EVENTS Possible Paypal Phishing Landing - Title over non SSL (current_events.rules)

Pro:

2828551 - ETPRO TROJAN Observed Malicious SSL Cert (Spymaster Keylogger Domain) (trojan.rules)
2828552 - ETPRO TROJAN AlphaIRCbot JOIN Command (trojan.rules)
2828553 - ETPRO TROJAN Trojan.Win32.DiscordiaMiner Checkin (trojan.rules)
2828554 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 242 (mobile_malware.rules)
2828555 - ETPRO CURRENT_EVENTS Successful Paypal Phish Nov 07 2017 (current_events.rules)
2828556 - ETPRO TROJAN Win32/Scar CnC Checkin (trojan.rules)
2828557 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenAds.gDHTA Checkin (mobile_malware.rules)
2828558 - ETPRO CURRENT_EVENTS Successful Paypal Phish Nov 07 2017 (current_events.rules)
2828559 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.es SMS/Contact Exfil via SMTP 6 (mobile_malware.rules)
2828560 - ETPRO CURRENT_EVENTS Successful Hello Bank (FR) Phish Nov 07 2017 (current_events.rules)
2828561 - ETPRO CURRENT_EVENTS Successful Adobe PDF Online Phish Nov 07 2017 (current_events.rules)

[///]     Modified active rules:     [///]

2018101 - ET TROJAN W32/Dinwod.Dropper Win32/Xtrat.B CnC Beacon (trojan.rules)
2023545 - ET TROJAN Win32/TrojanDownloader.Delf.BVP Win32/BioData CnC Beacon (trojan.rules)
2024391 - ET CURRENT_EVENTS Possible Paypal Phishing Landing - Title over non SSL (current_events.rules)
2024436 - ET TROJAN Formbook 0.3 Checkin (trojan.rules)
2024966 - ET TROJAN Volex - OceanLotus JavaScript Load (connect.js) (trojan.rules)
2024967 - ET TROJAN Volex - OceanLotus JavaScript Fake Page URL Builder Response (trojan.rules)
2024968 - ET TROJAN Volex - OceanLotus System Profiling JavaScript (linkStorage.x00SOCKET) (trojan.rules)
2814934 - ETPRO MALWARE Win32/Iminent.Adinstaller.E PUP Checkin (malware.rules)
2815112 - ETPRO CURRENT_EVENTS Excel/Adobe Online Phishing Landing Nov 25 2015 (current_events.rules)
2816172 - ETPRO CURRENT_EVENTS Possible Phishing Redirect Feb 09 2016 (current_events.rules)
2824864 - ETPRO TROJAN Recon Backdoor/Module CnC Beacon 1 (trojan.rules)
2826930 - ETPRO POLICY XMR CoinMiner Usage (policy.rules)
2827594 - ETPRO TROJAN Formbook Stealer Checkin (trojan.rules)
2828058 - ETPRO TROJAN Win32/Delf.BVP Win32/BioData CnC Keep-Alive Beacon (trojan.rules)

[---]         Removed rules:         [---]

2827150 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-14 3) (trojan.rules)

Date: 
Tuesday, November 7, 2017 - 00:00