[***] Summary: [***]
2 new Open, 23 new Pro (2 + 21). Win32/Agent.AAAI, W32.YBomeMiner, MSIL/Ubiquity Stealer, Various Phishing, Various Mobile.
[+++] Added rules: [+++]
Open:
2026557 - ET TROJAN Win32/Agent.AAAI - Possible DNS Tunneling/CnC (trojan.rules)
2026558 - ET USER_AGENTS Suspicious UA Observed (IEhook) (user_agents.rules)
Pro:
2833294 - ETPRO TROJAN W32.YBomeMiner Checkin M1 (trojan.rules)
2833295 - ETPRO TROJAN W32.YBomeMiner Checkin M2 (trojan.rules)
2833296 - ETPRO TROJAN MSIL.WebBotnet.A Checkin (trojan.rules)
2833297 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-26 1) (trojan.rules)
2833298 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-26 2) (trojan.rules)
2833299 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-26 3) (trojan.rules)
2833300 - ETPRO TROJAN MSIL/Ubiquity Stealer CnC Checkin (trojan.rules)
2833301 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-10-26) (current_events.rules)
2833302 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2833303 - ETPRO CURRENT_EVENTS Successful Impots.Gouv.Fr Phish 2018-10-18 (current_events.rules)
2833304 - ETPRO CURRENT_EVENTS Successful Banque Populaire Phish 2018-10-26 (current_events.rules)
2833305 - ETPRO CURRENT_EVENTS Successful l'Assurance Maladie Phish 2018-10-26 (current_events.rules)
2833306 - ETPRO CURRENT_EVENTS Successful Credit Card Information Phish 2018-10-26 (current_events.rules)
2833307 - ETPRO CURRENT_EVENTS Successful PNC Phish 2018-10-26 (current_events.rules)
2833308 - ETPRO CURRENT_EVENTS Successful Credit Card Information Phish 2018-10-26 (current_events.rules)
2833309 - ETPRO CURRENT_EVENTS Successful Intuit Phish 2018-10-26 (current_events.rules)
2833310 - ETPRO MALWARE Win32/FlyStudio CnC Checkin (malware.rules)
2833311 - ETPRO MALWARE Win32/FlyStudio UA Observed (Binging) (malware.rules)
2833312 - ETPRO TROJAN Win32/Phorpiex Config Request (trojan.rules)
2833313 - ETPRO TROJAN Win32/Remcos RAT Checkin 75 (trojan.rules)
2833314 - ETPRO TROJAN Win32/Agent.QP Requesting Payload (trojan.rules)
[---] Removed rules: [---]
2826816 - ETPRO TROJAN MSIL/Injector.SKQ InfoStealer CnC Checkin (trojan.rules)