[***]            Summary:            [***]

1 new Open, 14 new Pro (1 + 13). MSIL/Safen, MSIL/Bancos Variant, Various Phishing.

Thanks: @MalwrHunterTeam

[+++]          Added rules:          [+++]

Open:

2025433 - ET TROJAN Observed Malicious SSL Cert (Bancos Variant CnC) (trojan.rules)

Pro:

2829996 - ETPRO TROJAN MSIL/Safen Screenshot Exfil via FTP (trojan.rules)
2829997 - ETPRO TROJAN Observed GandCrab Payment Domain (gdcbmuveqjsli57x in DNS Lookup) (trojan.rules)
2829998 - ETPRO CURRENT_EVENTS Successful DHL Phish 2018-03-14 (current_events.rules)
2829999 - ETPRO CURRENT_EVENTS Successful Banese Bank Phish 2018-03-14 (current_events.rules)
2830000 - ETPRO CURRENT_EVENTS Successful Bancolumbia Phish 2018-03-14 (current_events.rules)
2830001 - ETPRO CURRENT_EVENTS Possible Successful Phish - Generic Credit Card Information 2018-03-14 (current_events.rules)
2830002 - ETPRO CURRENT_EVENTS Successful Orange Phish M1 2018-03-14 (current_events.rules)
2830003 - ETPRO CURRENT_EVENTS Successful Orange Phish M2 2018-03-14 (current_events.rules)
2830004 - ETPRO TROJAN Observed Malicious SSL Cert (Agent Tesla CnC) (trojan.rules)
2830005 - ETPRO TROJAN MSIL/Bancos Variant CnC Checkin (trojan.rules)
2830006 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-14 1) (trojan.rules)
2830007 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-14 2) (trojan.rules)
2830008 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-14 3) (trojan.rules)

[///]     Modified active rules:     [///]

2025413 - ET TROJAN [PTsecurity] Fake SSL Certificate Observed (Oracle America) (trojan.rules)

[---]         Removed rules:         [---]

2022808 - ET MALWARE Taplika Browser Hijacker Status Messages (malware.rules)
2022809 - ET MALWARE Taplika Browser Hijacker Checkin M1 (malware.rules)
2022810 - ET MALWARE Taplika Browser Hijacker Checkin M2 (malware.rules)

Date: 
Wednesday, March 14, 2018 - 00:00