Daily Ruleset Update Summary 2018/11/08

[***]            Summary:            [***]

19 new Pro. MSIL/JasRAT, SentryPC, Amadey CnC Check-In.

[+++]          Added rules:          [+++]

2833495 - ETPRO EXPLOIT UPnP SOAP Preauth RCE 1 (exploit.rules)
2833496 - ETPRO EXPLOIT UPnP SOAP Preauth RCE 2 (exploit.rules)
2833497 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-11-08 1) (trojan.rules)
2833498 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-11-08 2) (trojan.rules)
2833499 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-11-08 3) (trojan.rules)
2833500 - ETPRO TROJAN MSIL/JasRAT CnC Checkin (trojan.rules)
2833501 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-11-08 (current_events.rules)
2833502 - ETPRO TROJAN Amadey CnC Check-In (trojan.rules)
2833503 - ETPRO TROJAN Win32/Remcos RAT Checkin 77 (trojan.rules)
2833504 - ETPRO TROJAN Win32/Remcos RAT Checkin 78 (trojan.rules)
2833505 - ETPRO POLICY SentryPC Host Monitor Software - Adding System to Inventory (policy.rules)
2833506 - ETPRO POLICY SentryPC Host Monitor Software - Requesting Config (set) (policy.rules)
2833507 - ETPRO POLICY SentryPC Host Monitor Software - Config Inbound (policy.rules)
2833508 - ETPRO POLICY SentryPC Host Monitor Software - External IP Lookup (policy.rules)
2833509 - ETPRO POLICY SentryPC Host Monitor Software - Reporting User/Pass over HTTP (policy.rules)
2833510 - ETPRO POLICY SentryPC Host Monitor Software - Screenshot POST (policy.rules)
2833511 - ETPRO TROJAN MSIL/JasRAT Set Persistence Command Inbound (trojan.rules)
2833512 - ETPRO TROJAN MSIL/JasRAT Reporting Time and Version to CnC (trojan.rules)
2833513 - ETPRO TROJAN MSIL/JasRAT Confirming Persistence Location with CnC (trojan.rules)

[///]     Modified active rules:     [///]

2026528 - ET TROJAN ArrobarLoader CnC Checkin M1 (trojan.rules)
2810276 - ETPRO TROJAN AZORult CnC Beacon (trojan.rules)
2833268 - ETPRO TROJAN ArrobarLoader CnC Checkin M2 (trojan.rules)
2833269 - ETPRO USER_AGENTS ArrobarLoader User-Agent Observed 1 (user_agents.rules)
2833270 - ETPRO USER_AGENTS ArrobarLoader User-Agent Observed 2 (user_agents.rules)
2833324 - ETPRO TROJAN ArrobarLoader Requesting Payload (trojan.rules)

Date: 
Thursday, November 8, 2018 - 00:00