[***]            Summary:            [***]

7 new Open, 30 new Pro (7 + 23). Hello Peppa!, Win32.Detnat.B, MSIL/Vinstrok, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2026464 - ET SCAN Hello Peppa! Scan Activity (scan.rules)
2026465 - ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-10 (current_events.rules)
2026466 - ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-10 (current_events.rules)
2026467 - ET TROJAN Observed Malicious SSL Cert (Win32/Gadwats Banker CnC Domain) (trojan.rules)
2026468 - ET TROJAN Observed Malicious SSL Cert (Win32/Gadwats Banker CnC Domain) (trojan.rules)
2026469 - ET TROJAN FruityArmor DNS Lookup (weekendstrips .net) (trojan.rules)
2026470 - ET TROJAN FruityArmor DNS Lookup (shelves-design .com) (trojan.rules)

Pro:

2832926 - ETPRO TROJAN Win32.Detnat.B Checkin (trojan.rules)
2833040 - ETPRO MOBILE_MALWARE Android/Monitor.Mytrackp.E Checkin (mobile_malware.rules)
2833041 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Hiddapp.bx Checkin (mobile_malware.rules)
2833042 - ETPRO MOBILE_MALWARE Android/Kanshu Device Info Exfil (mobile_malware.rules)
2833043 - ETPRO MOBILE_MALWARE Android/Spy.Agent.LL Contact Exfil via SMTP (mobile_malware.rules)
2833044 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-10 1) (trojan.rules)
2833045 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-10 2) (trojan.rules)
2833046 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-10 3) (trojan.rules)
2833047 - ETPRO CURRENT_EVENTS Successful American Express Phish 2018-10-10 (current_events.rules)
2833048 - ETPRO CURRENT_EVENTS Successful American Express Phish 2018-10-10 (current_events.rules)
2833049 - ETPRO CURRENT_EVENTS Successful Fedex Phish 2018-10-10 (current_events.rules)
2833050 - ETPRO CURRENT_EVENTS Successful Generic Multi-Webmail Login Phish 2018-10-10 (current_events.rules)
2833051 - ETPRO CURRENT_EVENTS Successful Natwest Phish 2018-10-10 (current_events.rules)
2833052 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-10-10 (current_events.rules)
2833053 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2018-10-01 (current_events.rules)
2833054 - ETPRO CURRENT_EVENTS Successful Generic Phish 2018-10-01 (current_events.rules)
2833055 - ETPRO CURRENT_EVENTS Successful Generic Personalized Phish 2018-10-10 (current_events.rules)
2833056 - ETPRO CURRENT_EVENTS Successful Roundcube Phish 2018-10-10 (current_events.rules)
2833057 - ETPRO CURRENT_EVENTS Successful BBVA Phish 2018-10-10 (current_events.rules)
2833058 - ETPRO CURRENT_EVENTS Successful Fifth Third Bank Phish 2018-10-10 (current_events.rules)
2833059 - ETPRO TROJAN MSIL/Vinstrok Stealer Sending Passwords to CnC (trojan.rules)
2833060 - ETPRO TROJAN MSIL/Vinstrok CnC Checkin (trojan.rules)
2833061 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC Domain) (trojan.rules)

[///]     Modified active rules:     [///]

2025651 - ET TROJAN [eSentire] Win32/Spy.Banker CnC Command (DOWNLOAD) (trojan.rules)
2832515 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832516 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832625 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832627 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832670 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832903 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832904 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832913 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832914 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832915 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832916 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832936 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832937 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832938 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832939 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832940 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832941 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832942 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832943 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832944 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832945 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832946 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832947 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832948 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832949 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832952 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832964 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2832975 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2833034 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2833035 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2833036 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)
2833037 - ETPRO TROJAN Observed Malicious SSL Cert (Win32/Adload CnC Domain) (trojan.rules)

[---]         Removed rules:         [---]

2832926 - ETPRO MALWARE PUA.OpenCandy Checkin (malware.rules)

Date: 
Wednesday, October 10, 2018 - 00:00