Daily Ruleset Update Summary 2017/11/22

[***] Summary: [***]

6 new Open signatures, 17 new Pro (6 + 11).  NanoCore, CoinMiners.

Thanks:  @AttackDetection

[+++]          Added rules:          [+++]

Open:

2025014 - ET MOBILE_MALWARE Android/TrojanDropper.Agent.BKY DNS Lookup 1 (mobile_malware.rules)
2025015 - ET MOBILE_MALWARE Android/TrojanDropper.Agent.BKY DNS Lookup 2 (mobile_malware.rules)
2025016 - ET MOBILE_MALWARE Android/TrojanDropper.Agent.BKY DNS Lookup 3 (mobile_malware.rules)
2025017 - ET MOBILE_MALWARE Android/TrojanDropper.Agent.BKY DNS Lookup 4 (mobile_malware.rules)
2025018 - ET TROJAN Possible NanoCore C2 64B (trojan.rules)
2025019 - ET TROJAN Possible NanoCore C2 60B (trojan.rules)

Pro:

2828689 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 1) (trojan.rules)
2828690 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 2) (trojan.rules)
2828691 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 3) (trojan.rules)
2828692 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 4) (trojan.rules)
2828693 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 5) (trojan.rules)
2828694 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 6) (trojan.rules)
2828695 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 7) (trojan.rules)
2828696 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 8) (trojan.rules)
2828697 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 9) (trojan.rules)
2828698 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 10) (trojan.rules)
2828699 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-22 11) (trojan.rules)

[///]     Modified active rules:     [///]

2017707 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 4 (trojan.rules)
2024420 - ET TROJAN MalDoc Retrieving Malicious Payload (Possibly Ursnif) (trojan.rules)

Date: 
Wednesday, November 22, 2017 - 00:00