Daily Ruleset Update Summary 2018/03/22

[***]            Summary:            [***]

13 new Pro. Win32/FileTour.Downloader, Win32/Ladon Ransomware, Comnie CnC.

[+++]          Added rules:          [+++]

2830087 - ETPRO TROJAN Win32/FileTour.Downloader Requesting Payload (trojan.rules)
2830088 - ETPRO TROJAN Remcos RAT Checkin 10 (trojan.rules)
2830089 - ETPRO TROJAN Win32/Ladon Ransomware CnC Checkin (trojan.rules)
2830090 - ETPRO TROJAN Tempting Cedar Spyware DNS Lookup (trojan.rules)
2830091 - ETPRO TROJAN Tempting Cedar Spyware DNS Lookup (trojan.rules)
2830092 - ETPRO TROJAN Unlock92 Ransomware Payment Domain (n3r2kuzhw2h7x6j5 in DNS Lookup) (trojan.rules)
2830093 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-22 1) (trojan.rules)
2830094 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-22 2) (trojan.rules)
2830095 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-03-22 3) (trojan.rules)
2830096 - ETPRO TROJAN Java/QRAT CnC Accepting Request (trojan.rules)
2830097 - ETPRO TROJAN Comnie CnC Checkin M1 (trojan.rules)
2830098 - ETPRO TROJAN Comnie CnC Checkin M2 (trojan.rules)
2830099 - ETPRO TROJAN W32/Trickbot IP check (trojan.rules)

[///]     Modified active rules:     [///]

2018491 - ET TROJAN Miniduke Checkin (trojan.rules)
2023227 - ET WEB_SERVER DNS Query for Suspicious 33db9538.com Domain - Anuna Checkin - Compromised PHP Site (web_server.rules)
2023228 - ET WEB_SERVER DNS Query for Suspicious 9507c4e8.com Domain - Anuna Checkin - Compromised PHP Site (web_server.rules)
2023230 - ET WEB_SERVER DNS Query for Suspicious 54dfa1cb.com Domain - Anuna Checkin - Compromised PHP Site (web_server.rules)
2025018 - ET TROJAN Possible NanoCore C2 64B (trojan.rules)

Date: 
Thursday, March 22, 2018 - 00:00