Daily Ruleset Update Summary 2018/03/16

[***]            Summary:            [***]

16 new Pro. WannaCry Domain, MSIL/FasTofu Miner, MsraMiner, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

2830014 - ETPRO CURRENT_EVENTS Successful Steam Phish 2018-03-16 (current_events.rules)
2830015 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2018-03-16 (current_events.rules)
2830016 - ETPRO CURRENT_EVENTS Successful Itaucard Phish 2018-03-16 (current_events.rules)
2830017 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2018-03-16 (current_events.rules)
2830018 - ETPRO TROJAN Observed WannaCry Domain (iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff .com in DNS Lookup) (trojan.rules)
2830019 - ETPRO TROJAN MSIL/Aliba Domain (aliabad20200 .000webhostapp .com in TLS SNI) (trojan.rules)
2830020 - ETPRO INFO Observed Free Hosting Domain (*.000webhostapp .com in DNS Lookup) (info.rules)
2830021 - ETPRO INFO Observed SSL Cert for Free Hosting Domain (*.000webhostapp .com) (info.rules)
2830022 - ETPRO CURRENT_EVENTS Successful DHL Phish 2018-03-16 (current_events.rules)
2830023 - ETPRO TROJAN MSIL/FasTofu Miner CnC Checkin (trojan.rules)
2830024 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-16 1) (trojan.rules)
2830025 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-16 2) (trojan.rules)
2830026 - ETPRO TROJAN MsraMiner CnC Checkin (trojan.rules)
2830027 - ETPRO TROJAN MsraMiner CnC DNS Lookup 1 (trojan.rules)
2830028 - ETPRO TROJAN MsraMiner CnC DNS Lookup 2 (trojan.rules)
2830029 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.hy / HenBox CnC Beacon (mobile_malware.rules)

[///]     Modified active rules:     [///]

2025431 - ET TROJAN Arkei Stealer Client Data Upload (trojan.rules)

Date: 
Friday, March 16, 2018 - 00:00