[***]            Summary:            [***]

25 new Open, 37 new Pro (25 + 12). Win32/Remcos RAT, Hidden Mellifera, Various Mobile, Various Phishing.

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

Open:

2026489 - ET TROJAN XLS.Unk DDE rar Drop Attempt (.online) (trojan.rules)
2026490 - ET TROJAN XLS.Unk DDE rar Drop Attempt (.club) (trojan.rules)
2026491 - ET TROJAN XLS.Unk DDE rar Drop Fake 404 Response (trojan.rules)
2026492 - ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-16 (current_events.rules)
2026493 - ET CURRENT_EVENTS Successful Generic Phish (set) 2018-10-16 (current_events.rules)
2026494 - ET TROJAN Win32/Remcos RAT Checkin 54 (trojan.rules)
2026495 - ET TROJAN Win32/Remcos RAT Checkin 55 (trojan.rules)
2026496 - ET TROJAN Win32/Remcos RAT Checkin 56 (trojan.rules)
2026497 - ET TROJAN Win32/Remcos RAT Checkin 57 (trojan.rules)
2026498 - ET TROJAN Win32/Remcos RAT Checkin 58 (trojan.rules)
2026499 - ET TROJAN Win32/Remcos RAT Checkin 59 (trojan.rules)
2026500 - ET TROJAN Win32/Remcos RAT Checkin 60 (trojan.rules)
2026501 - ET TROJAN Win32/Remcos RAT Checkin 61 (trojan.rules)
2026502 - ET TROJAN Win32/Remcos RAT Checkin 62 (trojan.rules)
2026503 - ET TROJAN Win32/Remcos RAT Checkin 63 (trojan.rules)
2026504 - ET TROJAN Win32/Remcos RAT Checkin 64 (trojan.rules)
2026505 - ET TROJAN Win32/Remcos RAT Checkin 65 (trojan.rules)
2026506 - ET TROJAN Win32/Remcos RAT Checkin 66 (trojan.rules)
2026507 - ET TROJAN Win32/Remcos RAT Checkin 67 (trojan.rules)
2026508 - ET TROJAN Win32/Remcos RAT Checkin 68 (trojan.rules)
2026509 - ET TROJAN [PTsecurity] Remcos RAT Checkin 69 (trojan.rules)
2026510 - ET TROJAN [PTsecurity] Remcos RAT Checkin 70 (trojan.rules)
2026511 - ET TROJAN [PTsecurity] Remcos RAT Checkin 71 (trojan.rules)
2026512 - ET TROJAN [PTsecurity] Remcos RAT Checkin 72 (trojan.rules)
2026513 - ET TROJAN [PTsecurity] Remcos RAT Checkin 73 (trojan.rules)

Pro:

2833123 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Banker.GPlayed Checkin (mobile_malware.rules)
2833124 - ETPRO MOBILE_MALWARE Trojan-Clicker.AndroidOS.Ubsod.b Checkin 2 (mobile_malware.rules)
2833125 - ETPRO TROJAN Hidden Mellifera Bee Checkin Flowbit Set (trojan.rules)
2833126 - ETPRO TROJAN Hidden Mellifera Bee Checkin (trojan.rules)
2833127 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-16 1) (trojan.rules)
2833128 - ETPRO CURRENT_EVENTS Successful Excel Online Phish 2018-10-16 (current_events.rules)
2833129 - ETPRO CURRENT_EVENTS Successful Chase Phish 2018-10-16 (current_events.rules)
2833130 - ETPRO CURRENT_EVENTS Successful Sharepoint Phish 2018-10-16 (current_events.rules)
2833131 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2018-10-16 (current_events.rules)
2833132 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2018-10-16 (current_events.rules)
2833133 - ETPRO CURRENT_EVENTS Successful Luno Cryptocurrency Exchange Phish 2018-10-16 (current_events.rules)
2833134 - ETPRO CURRENT_EVENTS Successful Onedrive Phish 2018-10-16 (current_events.rules)

[///]     Modified active rules:     [///]

2011582 - ET POLICY Vulnerable Java Version 1.6.x Detected (policy.rules)
2014297 - ET POLICY Vulnerable Java Version 1.7.x Detected (policy.rules)
2019401 - ET POLICY Vulnerable Java Version 1.8.x Detected (policy.rules)
2026486 - ET POLICY DNS Lookup for Possible Common Brand Phishing Hosted on Legitimate Windows Service (policy.rules)
2026487 - ET POLICY Request for Possible Common Brand Phishing Hosted on Legitimate Windows Service (policy.rules)
2823937 - ETPRO CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016 (current_events.rules)
2826959 - ETPRO TROJAN Win32/Agent.SNZ Variant CnC Checkin (trojan.rules)
2828106 - ETPRO TROJAN Win32/AryanRAT CnC Checkin (trojan.rules)
2833089 - ETPRO MALWARE Win32/OxyPumper.Adware Receiving Payload Country Distribution Config (malware.rules)

Date: 
Tuesday, October 16, 2018 - 22:00