Daily Ruleset Update Summary 2018/04/04

[***]            Summary:            [***]

19 new Pro. MSIL/SocketPlayer, CVE-2017-8046, Various Mobile.

[+++]          Added rules:          [+++]

2830245 - ETPRO POLICY Request for CSS File Returning Executable (policy.rules)
2830246 - ETPRO MALWARE Win32/MapsVoyage PUA Checkin (malware.rules)
2830247 - ETPRO MALWARE Win32/MapsVoyage PUA Installation Successful (malware.rules)
2830248 - ETPRO TROJAN MSIL/SocketPlayer RAT Receiving Instructions to Retrieve New Payload (trojan.rules)
2830249 - ETPRO TROJAN MSIL/SocketPlayer RAT Receiving Screenshot Command (trojan.rules)
2830250 - ETPRO TROJAN MSIL/SocketPlayer RAT CnC Checkin (trojan.rules)
2830251 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 309 (mobile_malware.rules)
2830252 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Triada.dm Checkin (mobile_malware.rules)
2830253 - ETPRO TROJAN Remcos RAT Checkin 13 (trojan.rules)
2830254 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 310 (mobile_malware.rules)
2830255 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 311 (mobile_malware.rules)
2830256 - ETPRO TROJAN SmokeLoader Checkin (trojan.rules)
2830257 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-04-04) (current_events.rules)
2830258 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-04-04 2) (current_events.rules)
2830259 - ETPRO TROJAN W32/Trickbot IP check M2 (trojan.rules)
2830260 - ETPRO EXPLOIT Spring Data REST PATCH (CVE-2017-8046) (exploit.rules)
2830261 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-04-04 1) (trojan.rules)
2830262 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-04-04 2) (trojan.rules)
2830263 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-04-04 3) (trojan.rules)

[///]     Modified active rules:     [///]

2010514 - ET WEB_CLIENT Suspicious HTML Script Tag in 401 Unauthorized Response (External Source) (web_client.rules)
2024452 - ET TROJAN Quant Loader Download Request (trojan.rules)
2810104 - ETPRO TROJAN Win32.CryptDoma.vc Variant Sending Infection Info (trojan.rules)
2822601 - ETPRO TROJAN Backdoor.Win32.Mocker CnC Beacon (GET) (trojan.rules)
2830156 - ETPRO CURRENT_EVENTS Successful Indeed Phish 2018-03-27 (current_events.rules)

Date: 
Wednesday, April 4, 2018 - 00:00