[***]            Summary:            [***]

2 new Open, 18 new Pro (2 + 16). Trickbot Response, FIN7, IcedID, Various Phish.

[+++]          Added rules:          [+++]

Open:

2026915 - ET TROJAN Cayosin/Mirai CnC Domain in DNS Lookup (trojan.rules)
2026916 - ET TROJAN DirectsX CnC Checkin (trojan.rules)

Pro:

2834888 - ETPRO TROJAN Trickbot Checkin Response (trojan.rules)
2834889 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-15 1) (trojan.rules)
2834890 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-15 3) (trojan.rules)
2834891 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-15 4) (trojan.rules)
2834892 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-15 2) (trojan.rules)
2834893 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-15 5) (trojan.rules)
2834894 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-15 6) (trojan.rules)
2834895 - ETPRO TROJAN Observed Qbot Style SSL Certificate (trojan.rules)
2834896 - ETPRO TROJAN Possible DNSCat2 CnC Activity (trojan.rules)
2834897 - ETPRO CURRENT_EVENTS Successful Box Phish 2019-02-15 (current_events.rules)
2834898 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-02-15 (current_events.rules)
2834899 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-02-15 (current_events.rules)
2834900 - ETPRO TROJAN Unknown Obfuscated Shellcode Beacon (trojan.rules)
2834901 - ETPRO TROJAN Observed Malicious SSL Cert (FIN7 Griffon CnC) (trojan.rules)
2834902 - ETPRO TROJAN FIN7 Griffon CnC Domain in DNS Lookup (trojan.rules)
2834903 - ETPRO TROJAN Observed Malicious SSL Cert (IcedID CnC) (trojan.rules)

Date: 
Thursday, February 14, 2019 - 22:00