Daily Ruleset Update Summary
Daily Ruleset Update Summary 2018/03/05

[***]            Summary:            [***]

3 new Open, 16 new Pro (3 + 13). MSIL/EngWiz, GandCrab Ransomware, Various Mobile.

Try the new feedback tool: https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2025405 - ET TROJAN Observed GandCrab Ransomware CnC/IP Check Domain (politiaromana .bit in DNS Lookup) (trojan.rules)
2025406 - ET TROJAN Observed GandCrab Ransomware CnC/IP Check Domain (malwarehunterteam .bit in DNS Lookup) (trojan.rules)
2025407 - ET TROJAN Observed GandCrab Ransomware CnC/IP Check Domain (gdcb .bit in DNS Lookup) (trojan.rules)

Pro:

2829877 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenApp.EN Checkin 3 (mobile_malware.rules)
2829878 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.on Checkin (mobile_malware.rules)
2829879 - ETPRO TROJAN MSIL/EngWiz CnC Checkin (trojan.rules) 
2829880 - ETPRO MOBILE_MALWARE Android/Agent.AMP Checkin (mobile_malware.rules)
2829881 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-05 1) (trojan.rules)
2829882 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-05 2) (trojan.rules)
2829883 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-05 3) (trojan.rules)
2829884 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-05 4) (trojan.rules)
2829885 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-05 5) (trojan.rules)
2829886 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.Dnotua.olg Checkin (mobile_malware.rules)
2829887 - ETPRO TROJAN Observed Malicious SSL Cert (Second Stage DL) (trojan.rules)
2829888 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.cx Checkin (mobile_malware.rules)
2829889 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc Payload 2018-03-05) (current_events.rules)

[///]     Modified active rules:     [///]

2013935 - ET TROJAN Win32.Zbot.chas/Unruy.H Covert DNS CnC Channel TXT Response (trojan.rules)
2018491 - ET TROJAN Miniduke Checkin (trojan.rules)
2809956 - ETPRO MOBILE_MALWARE Android/Smcc.D Checkin (mobile_malware.rules)
2820059 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Tiny.az Checkin 2 (mobile_malware.rules)
2827803 - ETPRO TROJAN KONNI/SYSCON related FTP Variant CnC Beacon (trojan.rules)
2828425 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 29 (mobile_malware.rules)
2829850 - ETPRO TROJAN Py/Cannibal RAT Checkin M1 (trojan.rules)
2829852 - ETPRO TROJAN Py/Cannibal RAT Checkin M2 (trojan.rules)
2829853 - ETPRO TROJAN Py/Cannibal RAT Checkin M3 (trojan.rules)

Date:
Summary title:
3 new Open, 16 new Pro (3 + 13). MSIL/EngWiz, GandCrab Ransomware, Various Mobile.