[***]            Summary:            [***]

22 new Pro. MSIL/Predator, phpMyAdmin, W32/Chthonic, Various Mobile.

[+++]          Added rules:          [+++]

2831382 - ETPRO TROJAN Win32/Injector.DXZc CnC Checkin (trojan.rules)
2831383 - ETPRO EXPLOIT phpLDAPadmin LDAP Injection (exploit.rules)
2831384 - ETPRO EXPLOIT phpMyAdmin 4.8.1 - Local File Inclusion (exploit.rules)
2831385 - ETPRO MOBILE_MALWARE Android/SMSreg.ZI Device Info Exfil (mobile_malware.rules)
2831386 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 371 (mobile_malware.rules)
2831387 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.BJQ Checkin (mobile_malware.rules)
2831388 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenApp.WL Checkin (mobile_malware.rules)
2831389 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 372 (mobile_malware.rules)
2831390 - ETPRO TROJAN W32/Chthonic Dropping Exe (trojan.rules)
2831391 - ETPRO CURRENT_EVENTS Observed MalDoc DL 2018-06-22 Domain (a .coka .la in TLS SNI) (current_events.rules)
2831392 - ETPRO CURRENT_EVENTS Observed MalDoc DL 2018-06-22 Domain (promdresspromgowns .com in TLS SNI) (current_events.rules)
2831393 - ETPRO CURRENT_EVENTS Observed MalDoc DL 2018-06-22 Domain (a428a4d2 .ngrok .io in TLS SNI) (current_events.rules)
2831394 - ETPRO TROJAN W32/Chthonic CnC Domain (avaneredge .bit in DNS Lookup) (trojan.rules)
2831395 - ETPRO TROJAN W32/Chthonic CnC Domain (pendostan .bit in DNS Lookup) (trojan.rules)
2831396 - ETPRO TROJAN W32/Chthonic CnC Domain (stalinone .bit in DNS Lookup) (trojan.rules)
2831397 - ETPRO TROJAN W32/Chthonic CnC Domain (letit2 .bit in DNS Lookup) (trojan.rules)
2831398 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-22 1) (trojan.rules)
2831399 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-22 2) (trojan.rules)
2831400 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-22 3) (trojan.rules)
2831401 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-22 4) (trojan.rules)
2831402 - ETPRO TROJAN MSIL/Predator Stealer CnC Checkin/Exfil (trojan.rules)
2831403 - ETPRO EXPLOIT TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Command Execution (exploit.rules)

[///]     Modified active rules:     [///]

2022893 - ET MALWARE MSIL/Adload.AT Beacon (malware.rules)

[---]         Removed rules:         [---]

2831323 - ETPRO MALWARE Win32/StartPage/Dotdo.Adware variant CnC Checkin (malware.rules)

Date: 
Thursday, June 21, 2018 - 22:00