Daily Ruleset Update Summary 2018/02/28

[***]            Summary:            [***]

1 new Open, 18 new Pro (1 + 17). KovCoreG, Chafer CnC, Various Mobile.

Try the new feedback tool: https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Pro:

2829828 - ETPRO TROJAN Nitol DDoS Variant CnC Beacon (trojan.rules)
2829829 - ETPRO TROJAN KovCoreG DNS Lookup (trojan.rules)
2829830 - ETPRO TROJAN KovCoreG DNS Lookup (trojan.rules)
2829831 - ETPRO TROJAN KovCoreG Malicious SSL Certificate Detected (trojan.rules)
2829832 - ETPRO TROJAN KovCoreG Malicious SSL Certificate Detected (trojan.rules)
2829833 - ETPRO TROJAN KovCoreG Domain Observed in SNI (trojan.rules)
2829834 - ETPRO TROJAN KovCoreG Domain Observed in SNI (trojan.rules)
2829835 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-28 1) (trojan.rules)
2829836 - ETPRO TROJAN Bitcoin Miner Known Malicious Basic Auth (NEE2dllBajF5VWZVa...) (trojan.rules)
2829837 - ETPRO TROJAN Chafer CnC DNS Lookup 1 (trojan.rules)
2829838 - ETPRO TROJAN Chafer CnC DNS Lookup 2 (trojan.rules)
2829839 - ETPRO TROJAN Chafer CnC DNS Lookup 3 (trojan.rules)
2829840 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-28 3) (trojan.rules)
2829841 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-28 4) (trojan.rules)
2829842 - ETPRO TROJAN Chafer CnC DNS Lookup 4 (trojan.rules)
2829843 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-28 5) (trojan.rules)
2829844 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-28 6) (trojan.rules)
2829845 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 294 (mobile_malware.rules)
2829846 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 295 (mobile_malware.rules)
2829847 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 296 (mobile_malware.rules)
2829848 - ETPRO TROJAN SmokeLoader encrypted module (3) (trojan.rules)

[///]     Modified active rules:     [///]

2812967 - ETPRO TROJAN Trojan/Banker.Bancos.deq Retrieving C2 (trojan.rules)

Date: 
Wednesday, February 28, 2018 - 00:00