[***]            Summary:            [***]

4 new Open, 17 new Pro (4 + 13).  EternalBlueDownloader, CoinMiners, Various Phish.

Thanks, DakotaCon Threat Hunting Class.

[+++]          Added rules:          [+++]

Open:

2027146 - ET POLICY Possible Successful Phish - Password Submitted to *. 000webhostapp.com (policy.rules)
2027147 - ET TROJAN Win32/EternalBlueDownloader CnC Checkin (trojan.rules)
2027148 - ET TROJAN PS/EternalBlueDownloader CnC Checkin (trojan.rules)
2027149 - ET TROJAN Py/EternalBlueDownloader CnC Checkin (trojan.rules)

Pro:

2835715 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 1) (trojan.rules)
2835716 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 2) (trojan.rules)
2835717 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 3) (trojan.rules)
2835718 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 4) (trojan.rules)
2835719 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 5) (trojan.rules)
2835720 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-03 6) (trojan.rules)
2835721 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-04-03 (current_events.rules)
2835722 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-04-03 (current_events.rules)
2835723 - ETPRO CURRENT_EVENTS Successful Verizon Phish 2019-04-03 (current_events.rules)
2835724 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-04-03 (current_events.rules)
2835725 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-04-03 (current_events.rules)
2835726 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-04-03 (current_events.rules)
2835727 - ETPRO MALWARE Win32/Techsnab PUA Checkin (malware.rules)

Date: 
Tuesday, April 2, 2019 - 22:00