[***]            Summary:            [***]

10 new Open, 35 new Pro (10 + 25).  ServHelper, CVE-2018-20250,    Android/Spy.Agent.AWC, Various Phish.

[+++]          Added rules:          [+++]

Open:

2027301 - ET TROJAN ServHelper CnC Command (Net User) (trojan.rules)
2027302 - ET TROJAN ServHelper CnC Command (Reg Add) (trojan.rules)
2027303 - ET TROJAN ServHelper CnC Command (Whoami) (trojan.rules)
2027304 - ET TROJAN ServHelper CnC Domain (trojan.rules)
2027305 - ET TROJAN ServHelper CnC Domain (trojan.rules)
2027306 - ET TROJAN ServHelper CnC Domain (trojan.rules)
2027307 - ET TROJAN ServHelper CnC Domain (trojan.rules)
2027308 - ET TROJAN ServHelper CnC Domain (trojan.rules)
2027309 - ET TROJAN ServHelper CnC Domain (trojan.rules)
2027310 - ET EXPLOIT WinRAR WinAce Containing CVE-2018-20250 Inbound - Path Traversal leading to RCE (exploit.rules)

Pro:

2836173 - ETPRO MOBILE_MALWARE Android/Spy.Agent.AWC CnC Beacon (mobile_malware.rules)
2836174 - ETPRO MOBILE_MALWARE Android/Spy.Agent.AWC CnC Beacon 2 (mobile_malware.rules)
2836175 - ETPRO MOBILE_MALWARE Android/Spy.Agent.AWC CnC Beacon 3 (mobile_malware.rules)
2836176 - ETPRO MOBILE_MALWARE Android/Spy.Agent.AWC CnC Beacon 4 (mobile_malware.rules)
2836177 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-05-01 1) (trojan.rules)
2836178 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-05-01 2) (trojan.rules)
2836179 - ETPRO CURRENT_EVENTS Successful American Express Phish 2019-05-01 (current_events.rules)
2836180 - ETPRO CURRENT_EVENTS Successful Google Drive Phish 2019-05-01 (current_events.rules)
2836181 - ETPRO CURRENT_EVENTS Successful Adobe Phish 2019-05-01 (current_events.rules)
2836182 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-05-01 (current_events.rules)
2836183 - ETPRO CURRENT_EVENTS Successful Telekom / Tmobile Phish 2019-05-01 (current_events.rules)
2836184 - ETPRO CURRENT_EVENTS Successful US Bank Phish 2019-05-01 (current_events.rules)
2836185 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2019-05-01 (current_events.rules)
2836186 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-05-01 (current_events.rules)
2836187 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-05-01 (current_events.rules)
2836188 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-05-01 (current_events.rules)
2836189 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-05-01 (current_events.rules)
2836190 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-05-01 (current_events.rules)
2836191 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2019-05-01 (current_events.rules)
2836192 - ETPRO CURRENT_EVENTS Successful SNS Bank Phish 2019-05-01 (current_events.rules)
2836193 - ETPRO CURRENT_EVENTS Successful Desjardins Phish 2019-05-01 (current_events.rules)
2836194 - ETPRO CURRENT_EVENTS Successful Adobe Shared Document Phish 2019-05-01 (current_events.rules)
2836195 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-05-01 (current_events.rules)
2836196 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-05-01 (current_events.rules)
2836197 - ETPRO TROJAN Win32/Troibomb Variant CnC Checkin (trojan.rules)

Date: 
Tuesday, April 30, 2019 - 22:00