[***]            Summary:            [***]

1 new Open, 19 new Pro (1 + 18). Azorult++, Win32/Pterodo.NG,Win32/KlickParty, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2027141 - ET USER_AGENTS PUA Related User-Agent (WINTERNET) (user_agents.rules)

Pro:

2835637 - ETPRO TROJAN Win32/Pterodo.NG Checkin 2 (trojan.rules)
2835638 - ETPRO TROJAN Azorult++ Checkin (trojan.rules)
2835639 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-29 1) (trojan.rules)
2835640 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-29 2) (trojan.rules)
2835641 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-29 3) (trojan.rules)
2835642 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-29 4) (trojan.rules)
2835643 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-03-29 5) (trojan.rules)
2835644 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-03-29 (current_events.rules)
2835645 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-29 (current_events.rules)
2835646 - ETPRO CURRENT_EVENTS Successful Adobe PDF Online Phish 2019-03-29 (current_events.rules)
2835647 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-29 (current_events.rules)
2835648 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-03-29 (current_events.rules)
2835649 - ETPRO CURRENT_EVENTS Successful Gmail Phish 2019-03-29 (current_events.rules)
2835650 - ETPRO CURRENT_EVENTS Successful Paypal FR Phish 2019-03-29 (current_events.rules)
2835651 - ETPRO MALWARE ElementsBrowser PUA Checkin (malware.rules)
2835652 - ETPRO TROJAN MSIL/Agent.BTQ Stealer CnC Checkin (trojan.rules)
2835653 - ETPRO TROJAN Win32/KlickParty Stealer CnC Checkin (trojan.rules)
2835654 - ETPRO TROJAN Win32/KlickParty Stealer Sending Screenshot to CnC (trojan.rules)

[///]     Modified active rules:     [///]

2027117 - ET TROJAN Suspicious POST with Common Windows Process Names - Possible Process List Exfiltration (trojan.rules)
2835541 - ETPRO TROJAN ChaseBot CnC Response (trojan.rules)
2835618 - ETPRO TROJAN APT28 Zebrocy/Zekapab POST Template Structure (trojan.rules)

Date: 
Thursday, March 28, 2019 - 22:00