[***]            Summary:            [***]

19 new Pro. Ursnif v3, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

2830175 - ETPRO TROJAN Banload DNS Lookup (trojan.rules)
2830176 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 302 (mobile_malware.rules)
2830177 - ETPRO TROJAN Observed Malicious SSL Cert (QuantLoader C2) (trojan.rules)
2830178 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 303 (mobile_malware.rules)
2830179 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 304 (mobile_malware.rules)
2830180 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 305 (mobile_malware.rules)
2830181 - ETPRO TROJAN MSIL/Mail Harvester CnC Activity (trojan.rules)
2830182 - ETPRO MALWARE PUP/PUA BrowserSafeGuard Activity (malware.rules)
2830183 - ETPRO TROJAN NameCoin .bit DNS Sinkhole Response (A) (trojan.rules)
2830184 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 306 (mobile_malware.rules)
2830185 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2018-03-29 (current_events.rules)
2830186 - ETPRO CURRENT_EVENTS Successful Excel Online Phish 2018-03-29 (current_events.rules)
2830187 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 307 (mobile_malware.rules)
2830188 - ETPRO TROJAN Trickbot SSL Certificate Detected (trojan.rules)
2830189 - ETPRO POLICY Observed Remote Admin Tool SSL Cert (*.remotepc .com) (policy.rules)
2830190 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.HiddenMiner Activity (mobile_malware.rules)
2830191 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.HiddenMiner Activity 2 (mobile_malware.rules)
2830192 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.HiddenMiner Activity 3 (mobile_malware.rules)
2830193 - ETPRO TROJAN Ursnif CnC Checkin (trojan.rules)

[///]     Modified active rules:     [///]

2821683 - ETPRO SCADA DNP3 Cold Restart (scada.rules)
2824248 - ETPRO TROJAN Zeus Panda Banker / Urnsif Malicious SSL Certificate Detected (trojan.rules)
2829328 - ETPRO TROJAN Trojan.Win32.Blouiroet CnC - Reporting Miner Status (trojan.rules)
2829626 - ETPRO TROJAN NameCoin .bit DNS Sinkhole Response (SOA) (trojan.rules)

Date: 
Thursday, March 29, 2018 - 00:00