Daily Ruleset Update Summary 2017/12/29

[***]            Summary:            [***]

1 new Open, 13 new Pro (1 + 12). FireBlaze, MSIL/Tiny.R, Win32/Crimson Variant, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2025177 - ET TROJAN Zeus Panda CnC Domain (in DNS Lookup) (trojan.rules)

Pro:

2829106 - ETPRO CURRENT_EVENTS Observed FireBlaze Keylogger Downloader Domain (fireblazes .000webhostapp .com in TLS SNI) (current_events.rules)
2829107 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2017-12-29 (current_events.rules)
2829108 - ETPRO TROJAN MSIL/Tiny.R CnC Checkin (Infoback) (trojan.rules)
2829109 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL) (current_events.rules)
2829110 - ETPRO TROJAN Win32/Crimson Variant CnC Checkin (trojan.rules)
2829111 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish 2017-12-29 (current_events.rules)
2829112 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-12-29 1) (trojan.rules)
2829113 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-12-29 2) (trojan.rules)
2829114 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-12-29 3) (trojan.rules)
2829115 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-12-29 4) (trojan.rules)
2829116 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-12-29 5) (trojan.rules)
2829117 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-12-29 6) (trojan.rules)

[///]     Modified active rules:     [///]

2814624 - ETPRO TROJAN XtremeRAT CnC Beacon 1 (trojan.rules)

Date: 
Friday, December 29, 2017 - 00:00