[***] Summary: [***]
4 new Open, 17 new Pro (4 + 13). EternalBlueDownloader, CoinMiners, Various Phish.
Thanks, DakotaCon Threat Hunting Class.
[+++] Added rules: [+++]
Open:
2027146 - ET POLICY Possible Successful Phish - Password Submitted to *. 000webhostapp.com (policy.rules)
2027147 - ET TROJAN Win32/EternalBlueDownloader CnC Checkin (trojan.rules)
2027148 - ET TROJAN PS/EternalBlueDownloader CnC Checkin (trojan.rules)
2027149 - ET TROJAN Py/EternalBlueDownloader CnC Checkin (trojan.rules)
Pro:
2835715 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 1) (trojan.rules)
2835716 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 2) (trojan.rules)
2835717 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 3) (trojan.rules)
2835718 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 4) (trojan.rules)
2835719 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 5) (trojan.rules)
2835720 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 6) (trojan.rules)
2835721 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-04-03 (current_events.rules)
2835722 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-04-03 (current_events.rules)
2835723 - ETPRO CURRENT_EVENTS Successful Verizon Phish 2019-04-03 (current_events.rules)
2835724 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-04-03 (current_events.rules)
2835725 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-04-03 (current_events.rules)
2835726 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-04-03 (current_events.rules)
2835727 - ETPRO MALWARE Win32/Techsnab PUA Checkin (malware.rules)