[***]            Summary:            [***]

16 new Open, 40 new Pro (16 + 24). Ave Maria, Brushaloader, Coinminers, Various Phish

[+++]          Added rules:          [+++]

Open:

2026950 - ET WEB_SPECIFIC_APPS WP Cost Estimator Plugin AFI Vulnerability (web_specific_apps.rules)
2026951 - ET TROJAN FBot Downloader Generic GET for ARM Payload (trojan.rules)
2026952 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026953 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026954 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026955 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026956 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026957 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026958 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026959 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026960 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026961 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026962 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026963 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026964 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)
2026965 - ET TROJAN BrushaLoader CnC DNS Lookup (trojan.rules)

Pro:

2834956 - ETPRO MOBILE_MALWARE Android/SMSreg.SP CnC Beacon (mobile_malware.rules)
2834957 - ETPRO MOBILE_MALWARE AndroidOS/Trojan.VYPK-3 CnC Beacon (mobile_malware.rules)
2834958 - ETPRO MOBILE_MALWARE Android/Stroage Checkin (mobile_malware.rules)
2834959 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 1) (trojan.rules)
2834960 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 2) (trojan.rules)
2834961 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 3) (trojan.rules)
2834962 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 4) (trojan.rules)
2834963 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 5) (trojan.rules)
2834964 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 6) (trojan.rules)
2834965 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 7) (trojan.rules)
2834966 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 8) (trojan.rules)
2834967 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 9) (trojan.rules)
2834968 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-21 10) (trojan.rules)
2834969 - ETPRO TROJAN Observed Malicious SSL Cert (more_eggs CnC) (trojan.rules)
2834970 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-02-21 (current_events.rules)
2834971 - ETPRO CURRENT_EVENTS Successful Impots Phish 2019-02-21 (current_events.rules)
2834972 - ETPRO CURRENT_EVENTS Successful Excel Phish 2019-02-21 (current_events.rules)
2834973 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-02-21 (current_events.rules)
2834974 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-02-21 (current_events.rules)
2834975 - ETPRO CURRENT_EVENTS Successful Cairo Amman Bank Phish 2019-02-21 (current_events.rules)
2834976 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-02-21 (current_events.rules)
2834977 - ETPRO CURRENT_EVENTS Successful Citi Phish 2019-02-21 (current_events.rules)
2834978 - ETPRO CURRENT_EVENTS Inbound PowerShell Downloader 2019-02-21 (current_events.rules)
2834979 - ETPRO TROJAN Ave Maria RAT Encrypted CnC Checkin (trojan.rules)

[///]     Modified active rules:     [///]

2025431 - ET TROJAN Vidar/Arkei Stealer Client Data Upload (trojan.rules)
2834513 - ETPRO TROJAN VBS/mloader Downloader Activity (trojan.rules)
2834766 - ETPRO TROJAN MSIL/Liatpf RAT Checkin (trojan.rules)
2834906 - ETPRO MOBILE_MALWARE Android.Trojan.AndroRAT.E Checkin (mobile_malware.rules)

Date: 
Wednesday, February 20, 2019 - 22:00