[***]            Summary:            [***]

4 new Open, 26 new Pro (4 + 22).  Phorpiex, Dump File Exfil, Various SSL/TLS, Various Phish.

Thanks Pedro Marinho.

[+++]          Added rules:          [+++]

Open:

2027435 - ET ATTACK_RESPONSE Windows 64bit procdump Dump File Exfiltration (attack_response.rules)
2027436 - ET ATTACK_RESPONSE Windows 32bit procdump Dump File Exfiltration (attack_response.rules)
2027437 - ET TROJAN Win32/Phorpiex Template 3 Active - Outbound Malicious Email Spam (trojan.rules)
2027438 - ET TROJAN Win32/Phorpiex Template 4 Active - Outbound Malicious Email Spam (trojan.rules)

Pro:

2836693 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.gn CnC Beacon (mobile_malware.rules)
2836694 - ETPRO CURRENT_EVENTS Successful M&T Bank Phish 2019-06-06 (current_events.rules)
2836695 - ETPRO CURRENT_EVENTS Successful Ruralvia Bank Phish 2019-06-06 (current_events.rules)
2836696 - ETPRO CURRENT_EVENTS Successful GMX Webmail Phish 2019-06-06 (current_events.rules)
2836697 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-06-06 (current_events.rules)
2836698 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-06-06 (current_events.rules)
2836699 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-06 (current_events.rules)
2836700 - ETPRO CURRENT_EVENTS Successful 1&1 Web Hosting Control Panel Phish 2019-06-06 (current_events.rules)
2836701 - ETPRO CURRENT_EVENTS Successful Cembra Moneybank Phish 2019-06-06 (current_events.rules)
2836702 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-06 (current_events.rules)
2836703 - ETPRO CURRENT_EVENTS Successful Banco Falabella Phish 2019-06-06 (current_events.rules)
2836704 - ETPRO CURRENT_EVENTS Successful Aruba IT Phish 2019-06-06 (current_events.rules)
2836705 - ETPRO CURRENT_EVENTS Successful myCrelan Phish 2019-06-06 (current_events.rules)
2836706 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-06 1) (trojan.rules)
2836707 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-06 2) (trojan.rules)
2836708 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-06 3) (trojan.rules)
2836709 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-06 (current_events.rules)
2836710 - ETPRO CURRENT_EVENTS Successful Cartao BNDES Phish 2019-06-06 (current_events.rules)
2836711 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2836712 - ETPRO TROJAN Observed Malicious SSL Cert (PowerEnum CnC) (trojan.rules)
2836713 - ETPRO TROJAN Observed Malicious SSL Cert (PowerEnum CnC) (trojan.rules)
2836714 - ETPRO CURRENT_EVENTS Generic PowerShell Downloader Inbound (current_events.rules)

[///]     Modified active rules:     [///]

2836588 - ETPRO TROJAN Novter CnC Request (trojan.rules)
2836634 - ETPRO TROJAN Win32/Phorpiex Bot Checkin (via HTTP) (trojan.rules)

[///]    Modified inactive rules:    [///]

2003006 - ET POLICY TLS/SSL Client Key Exchange on Unusual Port (policy.rules)

Date: 
Wednesday, June 5, 2019 - 22:00