[***]            Summary:            [***]

10 new Open, 22 new Pro (10 + 12).  Win32.Vipid.CN, AndroidOS.Agent.CC, Various DNS.

[+++]          Added rules:          [+++]

Open:

2027157 - ET TROJAN Observed Malicious SSL Cert (Gozi CnC) (trojan.rules)
2027158 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)
2027159 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)
2027160 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)
2027161 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)
2027162 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)
2027163 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)
2027164 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)
2027165 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)
2027166 - ET TROJAN DNS Query for Known Malicious Domain Observed Serving Various Phish Campaigns (trojan.rules)

Pro:

2835736 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Agent.CC Checkin (mobile_malware.rules)
2835737 - ETPRO TROJAN Win32.Vipid.CN Checkin (trojan.rules)
2835738 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-05 1) (trojan.rules)
2835739 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-05 2) (trojan.rules)
2835740 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-05 3) (trojan.rules)
2835741 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-04-05 4) (trojan.rules)
2835742 - ETPRO POLICY Leopard Remote Control System Checkin (policy.rules)
2835743 - ETPRO USER_AGENTS ELF/Mirai UA Outbound (ECHOBOT) (user_agents.rules)
2835744 - ETPRO USER_AGENTS ELF/Mirai UA Inbound (ECHOBOT) (user_agents.rules)
2835745 - ETPRO USER_AGENTS ELF/Mirai UA Outbound (ZuoIdj/) (user_agents.rules)
2835746 - ETPRO USER_AGENTS ELF/Mirai UA Inbound (ZuoIdj) (user_agents.rules)
2835747 - ETPRO MALWARE Win32/DealPly.Adware Checkin (malware.rules)

[///]     Modified active rules:     [///]

2833312 - ETPRO TROJAN CoinMiner Config Request (trojan.rules)
2833617 - ETPRO TROJAN Win32/Phorpiex Template 2 Active - Outbound Email Spam (trojan.rules)

Date: 
Thursday, April 4, 2019 - 22:00