Daily Ruleset Update Summary
Daily Ruleset Update Summary 2018/05/17

[***]            Summary:            [***]

17 new Pro. Win32/TeleGrab, CVE-2018-4901, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

2830895 - ETPRO CURRENT_EVENTS Possible Successful Chalbhai Phish 2018-05-16 (current_events.rules)
2830896 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 341 (mobile_malware.rules)
2830897 - ETPRO TROJAN ZeusPanda C2 Domain (indirainiguez .top in TLS SNI) (trojan.rules)
2830898 - ETPRO TROJAN Win32/TeleGrab Style IP Check (trojan.rules)
2830899 - ETPRO TROJAN Observed Malicious SSL Cert (SmokeLoader CnC Domain) (trojan.rules)
2830900 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 342 (mobile_malware.rules)
2830901 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 343 (mobile_malware.rules)
2830902 - ETPRO MOBILE_MALWARE Android/Spy.Agent.EA SMS/Contact Exfil via SMTP (mobile_malware.rules)
2830903 - ETPRO EXPLOIT Adobe Reader docID RCE (CVE-2018-4901) (exploit.rules)
2830904 - ETPRO MOBILE_MALWARE Android/Spy.Agent.MV SMS/Contact Exfil via SMTP (mobile_malware.rules)
2830905 - ETPRO MOBILE_MALWARE Android.Trojan.Telman.D SMS/Contact Exfil via SMTP (mobile_malware.rules)
2830906 - ETPRO MOBILE_MALWARE Android.Trojan.Telman.D SMS/Contact Exfil via SMTP 2 (mobile_malware.rules)
2830907 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-17 1) (trojan.rules)
2830908 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-17 2) (trojan.rules)
2830909 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-17 3) (trojan.rules)
2830910 - ETPRO TROJAN Win32/Tiggre!rfn/nigelthorn CnC Checkin via HTTP (trojan.rules)
2830911 - ETPRO MOBILE_MALWARE Android.Trojan.SMSSend.RD SMS/Contact Exfil via SMTP (mobile_malware.rules)

[///]     Modified active rules:     [///]

2021013 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex/Trickbot CnC) (trojan.rules)
2024239 - ET TROJAN MSIL/Karmen Ransomware CnC Activity (trojan.rules)
2829000 - ETPRO TROJAN FormBook CnC Checkin (GET) (trojan.rules)
2830496 - ETPRO TROJAN Win32/POWERSTATS CnC Activity (trojan.rules)
2830574 - ETPRO TROJAN W32/Pterodo.CL CnC Checkin (trojan.rules)
2830701 - ETPRO TROJAN W32/Emotet CnC Checkin (trojan.rules)

Date:
Summary title:
17 new Pro. Win32/TeleGrab, CVE-2018-4901, Various Phishing, Various Mobile.