[***] Summary: [***]
21 new Pro. Win32/Agent.IKYV, Win32/FileTour Variant, CVE-2017-6736, Various Phishing.
[+++] Added rules: [+++]
Pro:
2829194 - ETPRO TROJAN Win32/Agent.IKYV CnC Checkin (trojan.rules)
2829195 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2018-01-08 (current_events.rules)
2829196 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-01-08 (current_events.rules)
2829197 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-01-08 (current_events.rules)
2829198 - ETPRO TROJAN MSIL/Zbrain PUP/Stealer Checkin (trojan.rules)
2829199 - ETPRO CURRENT_EVENTS Successful Caixa Phish 2018-01-08 (current_events.rules)
2829200 - ETPRO CURRENT_EVENTS Possible Successful Cyberplus (FR) Phish M1 2018-01-08 (current_events.rules)
2829201 - ETPRO CURRENT_EVENTS Successful Cyberplus (FR) Phish M2 2018-01-08 (current_events.rules)
2829202 - ETPRO TROJAN MSIL/Zbrain PUP/Stealer Installer UA (trojan.rules)
2829203 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 1) (trojan.rules)
2829204 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 2) (trojan.rules)
2829205 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 3) (trojan.rules)
2829206 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 4) (trojan.rules)
2829207 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 5) (trojan.rules)
2829208 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 6) (trojan.rules)
2829209 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 7) (trojan.rules)
2829210 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 8) (trojan.rules)
2829211 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 9) (trojan.rules)
2829212 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 10) (trojan.rules)
2829218 - ETPRO TROJAN Win32/FileTour Variant CnC Checkin (trojan.rules)
2829219 - ETPRO EXPLOIT Possible CVE-2017-6736 Malformed Vulnerable OID Inbound (exploit.rules)
[///] Modified active rules: [///]
2019313 - ET TROJAN Sourtoff Receiving Simda Payload (trojan.rules)
2826391 - ETPRO TROJAN Zloader HTTP Checkin (trojan.rules)
[---] Removed rules: [---]
2015905 - ET CURRENT_EVENTS WSO - WebShell Activity - WSO Title (current_events.rules)
2015906 - ET CURRENT_EVENTS WSO - WebShell Activity - POST structure (current_events.rules)