Daily Ruleset Update Summary 2018/08/27

[***]            Summary:            [***]

1 new Open, 26 new Pro (1 + 25). MSIL/Kryptik.PBC, Panda Banker SSL, Various Phish.

[+++]          Added rules:          [+++]

Open:

2026038 - ET CURRENT_EVENTS Successful Generic Phish (set) 2018-08-27 (current_events.rules)

Pro:

2832332 - ETPRO TROJAN Panda Banker SSL/TLS Certificate Observed (trojan.rules)
2832333 - ETPRO TROJAN MSIL/AgentTesla Style IP Check (trojan.rules)
2832334 - ETPRO TROJAN Zeus Panda C2 Domain in DNS Lookup (trojan.rules)
2832335 - ETPRO TROJAN Zeus Panda C2 Domain in TLS SNI (trojan.rules)
2832336 - ETPRO TROJAN MSIL/Kryptik.PBC CnC Checkin (trojan.rules)
2832337 - ETPRO CURRENT_EVENTS Possible Magnitude EK Payload Request (current_events.rules)
2832338 - ETPRO CURRENT_EVENTS Successful Booking.com Extranet Phish 2018-08-27 (current_events.rules)
2832339 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2018-08-27 (current_events.rules)
2832340 - ETPRO CURRENT_EVENTS Successful Telekom Phish 2018-08-27 (current_events.rules)
2832341 - ETPRO CURRENT_EVENTS Successful DHL Phish 2018-08-27 (current_events.rules)
2832342 - ETPRO CURRENT_EVENTS Successful Scotiabank Phish 2018-08-27 (current_events.rules)
2832343 - ETPRO CURRENT_EVENTS Successful Chase Phish 2018-08-27 (current_events.rules)
2832344 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2018-08-27 (current_events.rules)
2832345 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 1) (trojan.rules)
2832346 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 2) (trojan.rules)
2832347 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 3) (trojan.rules)
2832348 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 4) (trojan.rules)
2832349 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 5) (trojan.rules)
2832350 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 6) (trojan.rules)
2832351 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 7) (trojan.rules)
2832352 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 8) (trojan.rules)
2832353 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 9) (trojan.rules)
2832354 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 10) (trojan.rules)
2832355 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 11) (trojan.rules)
2832356 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-27 12) (trojan.rules)

[///]     Modified active rules:     [///]

2007616 - ET USER_AGENTS klm123.com Spyware User Agent (user_agents.rules)
2823937 - ETPRO CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016 (current_events.rules)
2832023 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin (mobile_malware.rules)
2832261 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 2 (mobile_malware.rules)
2832262 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 3 (mobile_malware.rules)
2832263 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 4 (mobile_malware.rules)
2832264 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 5 (mobile_malware.rules)
2832265 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 6 (mobile_malware.rules)
2832266 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 7 (mobile_malware.rules)
2832267 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 8 (mobile_malware.rules)

Date: 
Monday, August 27, 2018 - 00:00