[***]            Summary:            [***]

30 new Pro. Various CoinMiners, MalDocs, Win32/WarZ njRAT, Various SSL, Various Phishing.

TIIF

[+++]          Added rules:          [+++]

Pro:

2835241 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 1) (trojan.rules)
2835242 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 2) (trojan.rules)
2835243 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 3) (trojan.rules)
2835244 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 4) (trojan.rules)
2835245 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 5) (trojan.rules)
2835246 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 6) (trojan.rules)
2835247 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 7) (trojan.rules)
2835248 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 8) (trojan.rules)
2835249 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 9) (trojan.rules)
2835250 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 10) (trojan.rules)
2835251 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 11) (trojan.rules)
2835252 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 12) (trojan.rules)
2835253 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 13) (trojan.rules)
2835254 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-08 14) (trojan.rules)
2835255 - ETPRO CURRENT_EVENTS Possible MalDoc DL 2019-03-08 (current_events.rules)
2835256 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-03-08 (current_events.rules)
2835257 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2019-03-08 (current_events.rules)
2835258 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-03-08 (current_events.rules)
2835259 - ETPRO CURRENT_EVENTS Successful UPS Phish 2019-03-08 (current_events.rules)
2835260 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2019-03-08 (current_events.rules)
2835261 - ETPRO CURRENT_EVENTS Successful Credit Card Information Phish 2019-03-08 (current_events.rules)
2835262 - ETPRO CURRENT_EVENTS Successful Natwest Phish 2019-03-08 (current_events.rules)
2835263 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-03-08 (current_events.rules)
2835264 - ETPRO CURRENT_EVENTS Successful Payu Phish 2019-03-08 (current_events.rules)
2835265 - ETPRO MOBILE_MALWARE DonotGroup Android CnC DNS Query (mobile_malware.rules)
2835266 - ETPRO MOBILE_MALWARE Observed Malicious SSL Cert (DonotGroup Android CnC) (mobile_malware.rules)
2835267 - ETPRO TROJAN Observed Malicious SSL Cert (PowerEnum CnC) (trojan.rules)
2835268 - ETPRO TROJAN Observed Malicious SSL Cert (BrushaLoader CnC) (trojan.rules)
2835269 - ETPRO POLICY Observed External IP Lookup SSL Cert (policy.rules)
2835270 - ETPRO TROJAN Win32/WarZ njRAT Loader Requesting Encrypted VBS (trojan.rules)

 [///]     Modified active rules:     [///]

2012390 - ET P2P Libtorrent User-Agent (p2p.rules)
2014170 - ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related (policy.rules)
2018427 - ET TROJAN Netwire RAT Check-in (trojan.rules)
2025627 - ET INFO [eSentire] Possible Kali Linux Updates (info.rules)

Date: 
Thursday, March 7, 2019 - 22:00