[***]            Summary:            [***]

3 new Open, 19 new Pro (3 + 16). Kraken, Gootkit, DeadlyEagle, Various Phishing.

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

Open:

2026471 - ET TROJAN Kraken Ransomware Start Activity 1 (trojan.rules)
2026472 - ET TROJAN [PTsecurity] Kraken Ransomware Start Activity 2 (trojan.rules)
2026473 - ET TROJAN Kraken Ransomware End Activity (trojan.rules)

Pro:

2026471 - ET TROJAN Kraken Ransomware Start Activity 1 (trojan.rules)
2026472 - ET TROJAN [PTsecurity] Kraken Ransomware Start Activity 2 (trojan.rules)
2026473 - ET TROJAN Kraken Ransomware End Activity (trojan.rules)
2833062 - ETPRO TROJAN Observed Gootkit Style SSL Certificate (trojan.rules)
2833063 - ETPRO TROJAN DeadlyEagle CnC Checkin M2 (trojan.rules)
2833064 - ETPRO CURRENT_EVENTS Successful Netflix Credit Card Information Phish 2018-10-11 (current_events.rules)
2833065 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2018-10-11 (current_events.rules)
2833066 - ETPRO CURRENT_EVENTS Successful 1&1 Hosting Account Phish 2018-10-11 (current_events.rules)
2833067 - ETPRO CURRENT_EVENTS Successful Facebook Account Security Phish 2018-10-11 (current_events.rules)
2833068 - ETPRO CURRENT_EVENTS Successful Netbank Phish 2018-10-11 (current_events.rules)
2833069 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-10-11 (current_events.rules)
2833070 - ETPRO CURRENT_EVENTS Successful Excel Online Phish 2018-10-11 (current_events.rules)
2833071 - ETPRO CURRENT_EVENTS Successful Banque Populaire Phish 2018-10-11 M1 (current_events.rules)
2833072 - ETPRO CURRENT_EVENTS Successful Banque Populaire Phish 2018-10-11 M2 (current_events.rules)
2833073 - ETPRO TROJAN Win32/Fuerboos.C!cl CnC Checkin (trojan.rules)
2833074 - ETPRO TROJAN MSIL/Ursa.Loader Requesting Obfuscated Payload 2 (trojan.rules)

[///]     Modified active rules:     [///]

2025651 - ET TROJAN [eSentire] Win32/Spy.Banker CnC Command (DOWNLOAD) (trojan.rules)
2827895 - ETPRO USER_AGENTS Suspicious UA (hunter) (user_agents.rules)
2828728 - ETPRO TROJAN Unrecom Java/TNJ RAT Checkin (trojan.rules)
2829858 - ETPRO TROJAN Smoke/Sharik HTTP 404 Containing EXE (2) (trojan.rules)
2832926 - ETPRO TROJAN Win32.Detnat.B Checkin (trojan.rules)

Date: 
Wednesday, October 10, 2018 - 22:00