[***]            Summary:            [***]

2 new Open, 8 new Pro (2 + 6). NavRAT, Bitter RAT, PowerEnum, Various SSL Certs.

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

Open:

2026826 - ET TROJAN [PTsecurity] Bitter RAT C2 Response (trojan.rules)
2026827 - ET TROJAN Observed Malicious SSL Cert (Donot Group/APT-C-35 CnC) (trojan.rules)

Pro:

2834480 - ETPRO TROJAN NavRAT Variant CnC Beacon (trojan.rules)
2834481 - ETPRO TROJAN Observed Malicious SSL Cert (PowerEnum CnC) (trojan.rules)
2834482 - ETPRO TROJAN PowerEnum Sending Base64 Payload Part 1 (trojan.rules)
2834483 - ETPRO TROJAN PowerEnum Sending Base64 Payload Part 2 (trojan.rules)
2834484 - ETPRO TROJAN Observed Malicious SSL Cert (PowerEnum CnC) (trojan.rules)
2834485 - ETPRO TROJAN Observed Malicious SSL Cert (PowerEnum CnC) (trojan.rules)

[///]     Modified active rules:     [///]

2019965 - ET TROJAN Mera Keylogger POSTing keystrokes (trojan.rules)

Date: 
Sunday, January 20, 2019 - 22:00