[***]            Summary:            [***]

1 new Open, 30 new Pro (1 + 29). BabyShark, Win32/Prepscram, ProtonBot, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2026981 - ET TROJAN BabyShark CnC Domain in SNI (trojan.rules)

Pro:

2835020 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 1) (trojan.rules)
2835021 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 2) (trojan.rules)
2835022 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 3) (trojan.rules)
2835023 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 4) (trojan.rules)
2835024 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 5) (trojan.rules)
2835025 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 6) (trojan.rules)
2835026 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 7) (trojan.rules)
2835027 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 8) (trojan.rules)
2835028 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-02-25 9) (trojan.rules)
2835029 - ETPRO MALWARE Win32/Prepscram Checkin (malware.rules)
2835030 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2835031 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-02-25 (current_events.rules)
2835032 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-02-25 (current_events.rules)
2835033 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-02-25 (current_events.rules)
2835034 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-02-25 (current_events.rules)
2835035 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-02-25 (current_events.rules)
2835036 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-02-25 (current_events.rules)
2835037 - ETPRO CURRENT_EVENTS Successful EDF FR Phish 2019-02-25 (current_events.rules)
2835038 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-02-25 (current_events.rules)
2835039 - ETPRO CURRENT_EVENTS Successful Generic Bank Phish 2019-02-25 (current_events.rules)
2835040 - ETPRO CURRENT_EVENTS Successful BBVA Phish 2019-02-25 (current_events.rules)
2835041 - ETPRO CURRENT_EVENTS Successful American Express Phish 2019-02-25 (current_events.rules)
2835042 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-02-25 (current_events.rules)
2835043 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-02-25 (current_events.rules)
2835044 - ETPRO CURRENT_EVENTS Successful Simplii Phish 2019-02-25 (current_events.rules)
2835045 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-02-25 (current_events.rules)
2835046 - ETPRO TROJAN Observed Malicious SSL Cert (FIN7 Griffon CnC) (trojan.rules)
2835047 - ETPRO TROJAN FIN7 Griffon DNS Lookup (trojan.rules)
2835048 - ETPRO TROJAN ProtonBot CnC Checkin (trojan.rules)

[///]     Modified active rules:     [///]

2026740 - ET TROJAN Win32/ArtraDownloader Checkin (trojan.rules)
2812668 - ETPRO POLICY Remote Utilities Access Tool Activity (policy.rules)
2832193 - ETPRO TROJAN Vidar/Arkei Stealer HTTP POST Pattern (trojan.rules)

Date: 
Sunday, February 24, 2019 - 22:00