[***] Summary: [***]
1 new Open, 19 new Pro (1 + 18). Win32/Grobios, MSIL/JanHof RAT, CrystalCrypt Ransomware, Various Phishing, Various Mobile.
[+++] Added rules: [+++]
Open:
2025411 - ET INFO Secondary Flash Request Seen (no alert) (info.rules)
Pro:
2829936 - ETPRO TROJAN Win32/Grobios CnC Checkin (trojan.rules)
2829937 - ETPRO TROJAN Win32/QQWare.AA Stealer Checkin (trojan.rules)
2829938 - ETPRO TROJAN Win32/QQWare.AA Stealer Checkin M2 (trojan.rules)
2829939 - ETPRO TROJAN MSIL/JanHof RAT Checkin 1 (trojan.rules)
2829940 - ETPRO TROJAN MSIL/JanHof RAT Checkin 2 (trojan.rules)
2829941 - ETPRO TROJAN Win32/CrystalCrypt Ransomware CnC Checkin (trojan.rules)
2829942 - ETPRO CURRENT_EVENTS Successful Adobe Phish 2018-03-09 (current_events.rules)
2829943 - ETPRO CURRENT_EVENTS Successful Scotiabank Phish 2018-03-09 (current_events.rules)
2829944 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 299 (mobile_malware.rules)
2829945 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 300 (mobile_malware.rules)
2829946 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 301 (mobile_malware.rules)
2829947 - ETPRO TROJAN Bitcoin Miner Known Malicious Basic Auth (a2FzeWFub2ZmLjE6MTEx) (trojan.rules)
2829948 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-09 1) (trojan.rules)
2829949 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-09 2) (trojan.rules)
2829950 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-09 3) (trojan.rules)
2829951 - ETPRO TROJAN Observed Malicious Domain SSL Cert in SNI (Zyklon HTTP CnC) (trojan.rules)
2829952 - ETPRO CURRENT_EVENTS GreenFlash SunDown EK Payload March 9 2018 (current_events.rules)
2829953 - ETPRO CURRENT_EVENTS GreenFlash SunDown EK SecondaryFlash Call March 9 2018 (current_events.rules)
[///] Modified active rules: [///]
2013935 - ET TROJAN Win32.Zbot.chas/Unruy.H Covert DNS CnC Channel TXT Response (trojan.rules)