[***]            Summary:            [***]

2 new Open, 17 new Pro (2 + 15). MirrorThief, SentryPC, JokerLoader, Various Phishing

[+++]          Added rules:          [+++]

Open:

2027355 - ET TROJAN Observed Malicious SSL Cert (MirrorThief CnC) (trojan.rules)
2027356 - ET TROJAN MirrorThief CnC in DNS Lookup (trojan.rules)

Pro:

2836318 - ETPRO POLICY SentryPC Asset Management Checkin (policy.rules)
2836319 - ETPRO TROJAN JS.JokerLoader Stealer Exfil via FTP (trojan.rules)
2836320 - ETPRO CURRENT_EVENTS MalDoc Retrieving Payload 2019-05-14 (current_events.rules)
2836321 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-05-15 (current_events.rules)
2836322 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-05-15 (current_events.rules)
2836323 - ETPRO CURRENT_EVENTS Successful Adobe / Excel Phish 2019-05-15 (current_events.rules)
2836324 - ETPRO CURRENT_EVENTS Successful Interac Phish 2019-05-15 (current_events.rules)
2836325 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish 2019-05-15 (current_events.rules)
2836326 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-05-15 (current_events.rules)
2836327 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-05-15 (current_events.rules)
2836328 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-05-15 (current_events.rules)
2836329 - ETPRO CURRENT_EVENTS Successful Generic Email Shutdown Phish 2019-05-15 (current_events.rules)
2836330 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-05-15 (current_events.rules)
2836331 - ETPRO CURRENT_EVENTS Successful Office 365 Voicemail Phish 2019-05-15 (current_events.rules)
2836332 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-05-15 (current_events.rules)

[---]         Disabled rules:        [---]

2836269 - ETPRO TROJAN QuasarRAT C2 KeepAlive (trojan.rules)

Date: 
Tuesday, May 14, 2019 - 22:00