Daily Ruleset Update Summary 2018/03/07

[***]            Summary:            [***]

8 new Pro. GandCrab, PrincessLocker, Various Mobile.

Try the new feedback tool: https://feedback.emergingthreats.net/feedback

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

2829906 - ETPRO TROJAN Win32/Onliner Spam Bot Requesting Additional Modules (trojan.rules)
2829907 - ETPRO TROJAN Win32/GandCrab Ransomware IP Address Check M4 (trojan.rules)
2829908 - ETPRO MOBILE_MALWARE Android.Styricka.GEN6254 Checkin (mobile_malware.rules)
2829909 - ETPRO TROJAN LiteHTTP Bot CnC Checkin M2 (trojan.rules)
2829910 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-07 1) (trojan.rules)
2829911 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-07 2) (trojan.rules)
2829912 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-07 3) (trojan.rules)
2829913 - ETPRO TROJAN PrincessLocker Ransomware CnC Activity (trojan.rules)

[///]     Modified active rules:     [///]

2016764 - ET CURRENT_EVENTS GrandSoft PDF Payload Download (current_events.rules)
2025408 - ET TROJAN Win32/FlawedAmmyy RAT CnC Checkin (trojan.rules)
2811698 - ETPRO TROJAN Win32/Onliner Spam Bot CnC (trojan.rules)
2829573 - ETPRO TROJAN Win32/GandCrab Ransomware IP Address Check M1 (trojan.rules)
2829574 - ETPRO TROJAN Win32/GandCrab Ransomware IP Address Check M2 (trojan.rules)
2829894 - ETPRO TROJAN Win32/GandCrab Ransomware IP Address Check M3 (trojan.rules)

[---]  Disabled and modified rules:  [---]

2025409 - ET CURRENT_EVENTS CERTEGO Possible JScript Coming Over SMB v2 (current_events.rules)

[---]         Removed rules:         [---]

2811284 - ETPRO CURRENT_EVENTS Angler or Nuclear EK Flash Exploit M2 (current_events.rules)
2811864 - ETPRO TROJAN PhilBot/Toshliph Checkin GET (trojan.rules)
2820164 - ETPRO CURRENT_EVENTS Angler EK Payload May 10 2016 M2 T1 (current_events.rules)

Date: 
Wednesday, March 7, 2018 - 00:00