Daily Ruleset Update Summary 2018/10/03

[***]            Summary:            [***]

42 new Pro. Win32/Downloader.Agent.BH, MSIL/Agent.FAO, Various Mobile.

[+++]          Added rules:          [+++]

2832515 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832516 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832625 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832627 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832670 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832903 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832904 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832913 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832914 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832915 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832916 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832922 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenAds.gDIUL CnC Beacon (mobile_malware.rules)
2832923 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 435 (mobile_malware.rules)
2832924 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 436 (mobile_malware.rules)
2832925 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 437 (mobile_malware.rules)
2832926 - ETPRO MALWARE PUA.OpenCandy Checkin (malware.rules)
2832927 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-03 1) (trojan.rules)
2832928 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-03 2) (trojan.rules)
2832929 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-03 3) (trojan.rules)
2832930 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-03 4) (trojan.rules)
2832931 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-03 5) (trojan.rules)
2832932 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-03 6) (trojan.rules)
2832933 - ETPRO TROJAN Win32/Injector.EAHK Activity - Obscure Accept Header (trojan.rules)
2832934 - ETPRO TROJAN Possible MSIL/Agent.FAO (PTEyes) FTP CnC Username (trojan.rules)
2832935 - ETPRO TROJAN MSIL/Agent.FAO (PTEyes) DNS Lookup (cannotjavac .com) (trojan.rules)
2832936 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832937 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832938 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832939 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832940 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832941 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832942 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832943 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832944 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832945 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832946 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832947 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832948 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832949 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)
2832950 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Loader CnC Domain) (trojan.rules)
2832951 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Stage 2 CnC Domain) (trojan.rules)
2832952 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (trojan.rules)

[///]     Modified active rules:     [///]

2819694 - ETPRO TROJAN Possible Locky JS Executable Payload Download (trojan.rules)

[---]         Removed rules:         [---]

2832515 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832516 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832625 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832627 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832670 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832903 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832904 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832913 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832914 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832915 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)
2832916 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Downloader.Agent.BH CnC Domain) (malware.rules)

Date: 
Wednesday, October 3, 2018 - 00:00