Daily Ruleset Update Summary
Daily Ruleset Update Summary 2018/06/21

[***]            Summary:            [***]

26 new Open, 41 new Pro (26 + 15). Filecoder, Autophyte, Various Phish, Various Mobile.

[+++]          Added rules:          [+++]

2025598 - ET TROJAN Win32/AutoIt.NU Miner Dropper CnC Checkin (trojan.rules)
2025599 - ET TROJAN Win32/Autophyte.F C2 Domain (tpddata .com in DNS Lookup) (trojan.rules)
2025600 - ET TROJAN Win32/Autophyte.F C2 Domain (tpddata .com in TLS SNI) (trojan.rules)
2025601 - ET TROJAN Win32/Autophyte.F C2 Domain (www .anlway .com in DNS Lookup) (trojan.rules)
2025602 - ET TROJAN Win32/Autophyte.F C2 Domain (www .anlway .com in TLS SNI) (trojan.rules)
2025603 - ET TROJAN Win32/Autophyte.F C2 Domain (www .ap8898 .com in DNS Lookup) (trojan.rules)
2025604 - ET TROJAN Win32/Autophyte.F C2 Domain (www .ap8898 .com in TLS SNI) (trojan.rules)
2025605 - ET TROJAN Win32/Autophyte.F C2 Domain (www .apshenyihl .com in DNS Lookup) (trojan.rules)
2025606 - ET TROJAN Win32/Autophyte.F C2 Domain (www .apshenyihl .com in TLS SNI) (trojan.rules)
2025607 - ET CURRENT_EVENTS Santander Phishing Landing (current_events.rules)
2025608 - ET CURRENT_EVENTS Santander Phishing Landing (current_events.rules)
2025609 - ET CURRENT_EVENTS Microsoft Live Phishing Landing (current_events.rules)
2025610 - ET CURRENT_EVENTS Adobe PDF Online Phishing Landing (current_events.rules)
2025611 - ET CURRENT_EVENTS Banque et Assurances Phishing Landing (current_events.rules)
2025612 - ET CURRENT_EVENTS iTunes Connect Phishing Landing (current_events.rules)
2025613 - ET CURRENT_EVENTS Facebook Phishing Landing (current_events.rules)
2025614 - ET CURRENT_EVENTS Microsoft Account Phishing Landing (current_events.rules)
2025615 - ET CURRENT_EVENTS Paypal Phishing Landing (current_events.rules) 
2025616 - ET CURRENT_EVENTS Assurance Maladie Phishing Landing (current_events.rules)
2025617 - ET CURRENT_EVENTS Adobe Phishing Landing (current_events.rules)
2025618 - ET CURRENT_EVENTS Capital One Phishing Landing (current_events.rules)
2025619 - ET CURRENT_EVENTS US Bank Phishing Landing (current_events.rules)
2025620 - ET CURRENT_EVENTS American Express Phishing Landing (current_events.rules)
2025621 - ET CURRENT_EVENTS HM Revenue Phishing Landing (current_events.rules)
2025622 - ET CURRENT_EVENTS Generic Phishing Kit Landing (current_events.rules)
2025623 - ET CURRENT_EVENTS Office 365 Phishing Landing (current_events.rules)
2405018 - ET CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
2831367 - ETPRO TROJAN MSIL/Filecoder.AK variant CnC Checkin (trojan.rules)
2831368 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 368 (mobile_malware.rules)
2831369 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 369 (mobile_malware.rules)
2831370 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 370 (mobile_malware.rules)
2831371 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (Unk/Unified RAT) (current_events.rules)
2831372 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-06-21) (current_events.rules)
2831373 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-06-21 2) (current_events.rules)
2831374 - ETPRO CURRENT_EVENTS Observed MalDoc DL 2018-06-21 Domain (esscorp .org in TLS SNI) (current_events.rules)
2831375 - ETPRO CURRENT_EVENTS Observed MalDoc DL 2018-06-21 Domain (privatemyservicessignnow .cf in TLS SNI) (current_events.rules)
2831376 - ETPRO POLICY Observed SSL Cert (LabTech Agent) (policy.rules)
2831377 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-21 1) (trojan.rules)
2831378 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-21 2) (trojan.rules)
2831379 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-21 3) (trojan.rules)
2831380 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-21 4) (trojan.rules)
2831381 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-21 5) (trojan.rules)

[///]     Modified active rules:     [///]

2010066 - ET POLICY Data POST to an image file (gif) (policy.rules)
2831259 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.bo CnC Beacon (mobile_malware.rules)
2831260 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.bo Checkin (mobile_malware.rules)

Date:
Summary title:
26 new Open, 41 new Pro (26 + 15). Filecoder, Autophyte, Various Phish, Various Mobile.