Daily Ruleset Update Summary 2018/01/29

[***]            Summary:            [***]

10 new Open, 23 new Pro (10 + 13). Evrial Domains, MSIL/Mishkaio, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2025256 - ET TROJAN Observed Evrial Domain (cryptoclipper .ru in DNS Lookup) (trojan.rules)
2025257 - ET TROJAN Observed Evrial Domain (projectevrial .ru in TLS SNI) (trojan.rules)
2025258 - ET CURRENT_EVENTS Possible Halkbank (TK) Phishing Landing - Title over non SSL (current_events.rules)
2025259 - ET CURRENT_EVENTS Generic Smail Phishing Landing 2018-01-29 (current_events.rules)
2025260 - ET CURRENT_EVENTS Apple Phishing Landing 2018-01-29 M1 (current_events.rules)
2025261 - ET CURRENT_EVENTS Apple Phishing Landing 2018-01-29 M2 (current_events.rules)
2025262 - ET CURRENT_EVENTS Paypal Phishing Landing 2018-01-29 (current_events.rules)
2025263 - ET CURRENT_EVENTS Office 365 Phishing Landing 2018-01-29 (current_events.rules)
2025264 - ET CURRENT_EVENTS Microsoft Onedrive Phishing Landing 2018-01-29 (current_events.rules)
2025265 - ET CURRENT_EVENTS Smartsheet Phishing Landing 2018-01-29 (current_events.rules)

Pro:

2829459 - ETPRO TROJAN Win32/Agent.ZGL Variant Checkin (trojan.rules)
2829460 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 259 (mobile_malware.rules)
2829461 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 260 (mobile_malware.rules)
2829462 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 261 (mobile_malware.rules)
2829463 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 262 (mobile_malware.rules)
2829464 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-29 1) (trojan.rules)
2829465 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-29 2) (trojan.rules)
2829466 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-29 3) (trojan.rules)
2829467 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-29 4) (trojan.rules)
2829468 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-29 5) (trojan.rules)
2829469 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-29 6) (trojan.rules)
2829470 - ETPRO TROJAN Bitcoin Miner Known Malicious Basic Auth (TnJ1MXpaeXM3SzlXeENDeHFZ) (trojan.rules)
2829471 - ETPRO TROJAN MSIL/Mishkaio Checkin M1 (trojan.rules)

[///]     Modified active rules:     [///]

2025253 - ET TROJAN [PTsecurity] Kuriyama Loader Checkin (trojan.rules)

Date: 
Monday, January 29, 2018 - 00:00