Daily Ruleset Update Summary 2018/01/03

[***]            Summary:            [***]

1 new Open, 28 new Pro (1 + 27). MSIL/System Information Grabber, MSIL/Bancos Variant, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2025181 - ET CURRENT_EVENTS Paypal Phishing Landing2018-01-03 (current_events.rules)

Pro:

2829140 - ETPRO TROJAN Win32/ChaseBrute CnC Checkin (trojan.rules)
2829141 - ETPRO CURRENT_EVENTS Successful Orange.fr Phish2018-01-03 (current_events.rules)
2829142 - ETPRO TROJAN Observed Malicious SSL Cert (MalDoc DL) (trojan.rules)
2829143 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish2018-01-03 M1 (current_events.rules)
2829144 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish2018-01-03 M2 (current_events.rules)
2829145 - ETPRO INFO MSIL/System Information Grabber Reporting Details (info.rules)
2829146 - ETPRO CURRENT_EVENTS Successful WhatsApp Phish2018-01-03 (current_events.rules)
2829147 - ETPRO TROJAN MSIL/Bancos Variant CnC Checkin (trojan.rules)
2829148 - ETPRO CURRENT_EVENTS Successful TMobile Phish2018-01-03 (current_events.rules)
2829149 - ETPRO CURRENT_EVENTS Successful CIBC Phish2018-01-03 (current_events.rules)
2829150 - ETPRO CURRENT_EVENTS Successful Paypal Phish2018-01-03 (current_events.rules)
2829151 - ETPRO TROJAN Cybergate/Rebhip/Spyrat/Win32.Poison Generic Checkin (trojan.rules)
2829152 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz SMS/Contact Exfil via SMTP 35 (mobile_malware.rules)
2829153 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 10) (trojan.rules)
2829154 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 11) (trojan.rules)
2829155 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS/Contact Exfil via SMTP 24 (mobile_malware.rules)
2829156 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 12) (trojan.rules)
2829157 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 13) (trojan.rules)
2829158 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS/Contact Exfil via SMTP 25 (mobile_malware.rules)
2829159 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 14) (trojan.rules)
2829160 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 15) (trojan.rules)
2829161 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 16) (trojan.rules)
2829162 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 17) (trojan.rules)
2829163 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 18) (trojan.rules)
2829164 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 19) (trojan.rules)
2829165 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-02 20) (trojan.rules)
2829166 - ETPRO TROJAN Bitcoin Miner Known Malicious Basic Auth (NDNRemFNVm5SS1lpc1E...) (trojan.rules)

[///]     Modified active rules:     [///]

2021178 - ET ATTACK_RESPONSE Metasploit Meterpreter Reverse HTTPS certificate (attack_response.rules)
2024708 - ET TROJAN CCleaner Backdoor DGA Feb2017 (trojan.rules)
2024709 - ET TROJAN CCleaner Backdoor DGA Mar2017 (trojan.rules)
2024710 - ET TROJAN CCleaner Backdoor DGA Apr2017 (trojan.rules)
2024711 - ET TROJAN CCleaner Backdoor DGA May2017 (trojan.rules)
2024712 - ET TROJAN CCleaner Backdoor DGA Jun2017 (trojan.rules)
2829118 - ETPRO TROJAN Win32/CoinMining Loader CnC Checkin (trojan.rules)
2024708 - ET TROJAN CCleaner Backdoor DGA Feb2017 (trojan.rules)
2024709 - ET TROJAN CCleaner Backdoor DGA Mar2017 (trojan.rules)
2024710 - ET TROJAN CCleaner Backdoor DGA Apr2017 (trojan.rules)
2024711 - ET TROJAN CCleaner Backdoor DGA May2017 (trojan.rules)
2024712 - ET TROJAN CCleaner Backdoor DGA Jun2017 (trojan.rules)
2024713 - ET TROJAN CCleaner Backdoor DGA Jul2017 (trojan.rules)
2024714 - ET TROJAN CCleaner Backdoor DGA Aug2017 (trojan.rules)
2024715 - ET TROJAN CCleaner Backdoor DGA Sep2017 (trojan.rules)
2024716 - ET TROJAN CCleaner Backdoor DGA Oct2017 (trojan.rules)
2024717 - ET TROJAN CCleaner Backdoor DGA Nov2017 (trojan.rules)
2024718 - ET TROJAN CCleaner Backdoor DGA Dec2017 (trojan.rules)
2024816 - ET TROJAN CCleaner Backdoor DGA Jan2018 (trojan.rules)
2024817 - ET TROJAN CCleaner Backdoor DGA Feb2018 (trojan.rules)
2024818 - ET TROJAN CCleaner Backdoor DGA Mar2018 (trojan.rules)
2024819 - ET TROJAN CCleaner Backdoor DGA Apr2018 (trojan.rules)
2024820 - ET TROJAN CCleaner Backdoor DGA May2018 (trojan.rules)
2024821 - ET TROJAN CCleaner Backdoor DGA Jun2018 (trojan.rules)
2024822 - ET TROJAN CCleaner Backdoor DGA Jul2018 (trojan.rules)
2024823 - ET TROJAN CCleaner Backdoor DGA Aug2018 (trojan.rules)
2024824 - ET TROJAN CCleaner Backdoor DGA Sep2018 (trojan.rules)
2024825 - ET TROJAN CCleaner Backdoor DGA Oct2018 (trojan.rules)
2024826 - ET TROJAN CCleaner Backdoor DGA Nov2018 (trojan.rules)
2024827 - ET TROJAN CCleaner Backdoor DGA Dec2018 (trojan.rules)
2829129 - ETPRO TROJAN Xtrat/XtremeRAT Google PING Connectivity Check (trojan.rules)

[---]         Removed rules:         [---]

2002405 - ET MALWARE Internet Optimizer User-Agent (ROGUE) (malware.rules)
2816393 - ETPRO TROJAN Obfuscated Phishing Landing Feb 25 (trojan.rules)

Date: 
Wednesday, January 3, 2018 - 00:00