[***] Summary: [***]
1 new Open, 17 new Pro (1 + 16). Win32/Remcos, MSIL/Agent.YW, Win32.tRat, Various Mobile.
Thanks: @AttackDetection
[+++] Added rules: [+++]
Open:
2026433 - ET TROJAN [PTsecurity] Win32/Remcos RAT Checkin 51 (trojan.rules)
Pro:
2832059 - ETPRO TROJAN Win32/Small.NNX UA (System_Agent) (trojan.rules)
2832907 - ETPRO MOBILE_MALWARE Android.Trojan.FakeBank.BU Checkin (mobile_malware.rules)
2832908 - ETPRO TROJAN Win32.tRat Checkin (trojan.rules)
2832909 - ETPRO TROJAN Win32.tRat Keep-Alive (trojan.rules)
2832910 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-02 1) (trojan.rules)
2832911 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-02 2) (trojan.rules)
2832912 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-02 3) (trojan.rules)
2832913 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832914 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832915 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832916 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832917 - ETPRO TROJAN MSIL/Agent.YW RAT NOFIX le bled Variant Responding to Infected System (trojan.rules)
2832918 - ETPRO TROJAN MSIL/Agent.YW RAT NOFIX le bled Variant CnC Checkin (trojan.rules)
2832919 - ETPRO TROJAN MSIL/Agent.YW RAT NOFIX le bled Variant Sending Additional Payloads (trojan.rules)
2832920 - ETPRO TROJAN MSIL/Agent.YW RAT NOFIX le bled Variant Additional Payload Installation Confirmation (trojan.rules)
2832921 - ETPRO TROJAN MSIL/Agent.YW RAT NOFIX le bled Variant Reporting Active Window Title to CnC (trojan.rules)
[///] Modified active rules: [///]
2832594 - ETPRO TROJAN Win32/DanaBot CnC Checkin (affid 9) (trojan.rules)
[---] Removed rules: [---]
2832059 - ETPRO USER_AGENTS Win32/Small.NNX UA (System_Agent) (user_agents.rules)