Daily Ruleset Update Summary
Daily Ruleset Update Summary 2018/11/02

[***]            Summary:            [***]

3 new Open, 20 new Pro (3 + 17). GET to Puu.sh, MSIL/Lordix Stealer, Supreme Logger, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

Open:

2026569 - ET INFO GET to Puu.sh for TXT File with Minimal Headers (info.rules)
2026570 - ET INFO Possibly Suspicious Request for Putty.exe from Non-Standard Download Location (info.rules)
2026571 - ET TROJAN MSIL/Lordix Stealer Exfiltrating Data (trojan.rules)

Pro:

2833422 - ETPRO TROJAN MSIL.BackNet Checkin (trojan.rules)
2833423 - ETPRO TROJAN W32.LJDox Checkin (trojan.rules)
2833424 - ETPRO TROJAN W32.Zpevdo.A Variant Checkin (trojan.rules)
2833425 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-11-02 1) (trojan.rules)
2833426 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-11-02 2) (trojan.rules)
2833427 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-11-02 3) (trojan.rules)
2833428 - ETPRO TROJAN Zebrocy CnC System Info/Screenshot Exfil M2 (trojan.rules)
2833429 - ETPRO CURRENT_EVENTS Successful Generic Phish 2018-11-02 (current_events.rules)
2833430 - ETPRO CURRENT_EVENTS Successful Apple ID Phish 2018-11-02 (current_events.rules)
2833431 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2018-11-02 (current_events.rules)
2833432 - ETPRO CURRENT_EVENTS Successful Chase Phish 2018-11-02 (current_events.rules)
2833433 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-11-02 (current_events.rules)
2833434 - ETPRO CURRENT_EVENTS Successful Fedex Phish 2018-11-02 (current_events.rules)
2833435 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2018-11-02 (current_events.rules)
2833436 - ETPRO TROJAN Supreme Logger - Client Information Check-In (trojan.rules)
2833437 - ETPRO TROJAN Supreme Logger - CnC Command Output (trojan.rules)
2833438 - ETPRO TROJAN Unknown Coinstealer CnC Activity (trojan.rules)

[///]     Modified active rules:     [///]

2810276 - ETPRO TROJAN Azorult CnC Beacon (trojan.rules)
2833411 - ETPRO TROJAN MSIL/Lordix Stealer Communicating with CnC M1 (trojan.rules)

Date:
Summary title:
3 new Open, 20 new Pro (3 + 17). GET to Puu.sh, MSIL/Lordix Stealer, Supreme Logger, Various Phishing, Various Mobile.